I have a docker-compose file which defines a network subnet:
networks:
<net-name>:
name: my-network
driver: bridge
ipam:
config:
- subnet: 172.21.1.0/16
When i run docker-compose up the created containers (all on the same network) are not in this defined subnet, but on the default 172.21.0.X/16, as seen in the docker network inspect <net-name>:
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.21.1.0/16"
}
]
},
...
"Containers": {
"7fe928549faaa7da71a8b75b668ab6b5dae9e337e8abc7c379b3aa685cccf136": {
"Name": "container1",
"EndpointID": "724c4e86574b72e49afe0729e053d2b7c7285ec07e350f1efb8a3dff9b9f2d22",
"MacAddress": "02:42:ac:15:00:02",
"IPv4Address": "172.21.0.2/16",
"IPv6Address": ""
},
"ead40f068d7a4b657c09fb583bdcc229cd2cda2e46876c0bdc602388f19a15bb": {
"Name": "container2",
"EndpointID": "7759ba9bea74496278f74780c49d94e035d1e9c8c330837ea81e95b4d7485da0",
"MacAddress": "02:42:ac:15:00:03",
"IPv4Address": "172.21.0.3/16",
"IPv6Address": ""
},
"f4c18290c832705d83840108c38769b27f418a2845e92aebcd2afc920c519a95": {
"Name": "container3",
"EndpointID": "7ca9be45cea2f5833ea5f673acccce08721e0bf6fff581dad70da7143bb19e03",
"MacAddress": "02:42:ac:15:00:04",
"IPv4Address": "172.21.0.4/16",
"IPv6Address": ""
}
},
The reason this is a problem for me, is that internally in the containers I listen for specific IP adresses, and not everywhere can I use docker DNS resolution. I also have two compose services, which are separated by these subnets, one on 172.21.0.0/16 and the other on 172.21.1.0/16
How can I enforce compose containers to be created on the compose network subnet?
Related
I alway lookup the services each other by docker name in my system, things like : "curl http://contianer_name". Initially, All things is fine and It has worked for several months, But it is broken yesterday, Nginx could not bypass the url like http://contianer_name, And I could not curl successfully for the http://container_name in my host machine. What it is happen? :(,,,
docker network ls:
NETWORK ID NAME DRIVER SCOPE
ecbfafa9fccf bridge bridge local
b1aac67cfbfa myapp-api_default bridge local
5195101110d3 host host local
d90ca5db218d none null local
docker network inspect
[
{
"Name": "myapp-api_default",
"Id": "b1aac67cfbfa2923d5ae88a26e8729159f34e1ae083944e385a23047a7fc7237",
"Created": "2022-09-28T18:21:57.202490009+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.22.0.0/16",
"Gateway": "172.22.0.1"
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"850c8c091467b7c92aedff5631869ab2f5603ae48ee4a1efb7f18f2f890154ff": {
"Name": "app-boot-system-sample",
"EndpointID": "1497a7ac8726646f24bf82400d69c56bbcacb689d4423ab54db15af586373179",
"MacAddress": "02:42:ac:16:00:05",
"IPv4Address": "172.22.0.5/16",
"IPv6Address": ""
},
"c819074103a5b108d21b836afd1c156036e13f523b44eb5002e13edf48d9f825": {
"Name": "sample-tenant-pc",
"EndpointID": "d4ef531762a117132cbd40dee729cdf2458061e2444d35fc7968411676329e7b",
"MacAddress": "02:42:ac:16:00:04",
"IPv4Address": "172.22.0.4/16",
"IPv6Address": ""
},
"d04e0c550c95da196844c160ca9b9f80f99e3536f92da55d6e9f18533a381802": {
"Name": "sample-event-pc",
"EndpointID": "71bb31e965df8f47cfcc32685594803496bf77ad396854b5dc57851467f99996",
"MacAddress": "02:42:ac:16:00:07",
"IPv4Address": "172.22.0.7/16",
"IPv6Address": ""
},
"ee6589ced2f5080b9f3641104262f430da8f37e1278f094f78a45e2414a607f4": {
"Name": "app-boot-redis-sample",
"EndpointID": "be41952c5709d7a843b9b2ce3276bd7ac8e951ab653ba478d3a8f7cf7fe9599a",
"MacAddress": "02:42:ac:16:00:03",
"IPv4Address": "172.22.0.3/16",
"IPv6Address": ""
},
"fd9196fc0fee67de364d6be37581e4fd9827b2983a332995269af78817828bbd": {
"Name": "sample-org-pc",
"EndpointID": "a0fd805ee5705533f58b7f0e3f1cbdb0a20abc1a01057bd23a2a5161d0c5181c",
"MacAddress": "02:42:ac:16:00:02",
"IPv4Address": "172.22.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {
"com.docker.compose.network": "myapp-api_default",
"com.docker.compose.project": "myapp-api",
"com.docker.compose.version": "1.26.2"
}
}
]
Docker compose defined as below in the project sample-tenant-pc:
version: '2.4'
services:
sample-tenant-pc:
build:
context: .
restart: always
container_name: sample-tenant-pc
image: sample-tenant-pc
ports:
- 9001:80
networks:
- myapp-api_default
networks:
myapp-api_default:
external: false
name: myapp-api_default
I am trying to link my containerized VueJS frontend with my containerized Spring Boot API backend, with great difficulty.
Whenever I try to make an HTTP request to my API using the container name, I get the following.
OPTIONS http://api:4505/user/sign-in net::ERR_NAME_NOT_RESOLVED
Here is my docker-compose file:
version: "3"
services:
mongodb:
image: mongo
container_name: mongo
ports:
- "27017:27017"
api:
image: registry.gitlab.com/darragh.oflah/api:latest
container_name: api
ports:
- "4505:4505"
links:
- mongodb
web:
image: registry.gitlab.com/darragh.oflah/web:latest
container_name: web
ports:
- "80:8080"
links:
- api
Here what I get when I run sudo docker network inspect tmp_default
So it would seem that the network is set up correctly
[
{
"Name": "tmp_default",
"Id": "75ab7c89cb5a80aa7eddd7c5a3f7f4aafb911cfe96a923ad3db2219552366fd7",
"Created": "2020-02-04T16:55:49.131485109Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"6ae3db08be2ed22245a173a677ae1b0f28eca878aa84e43744a320589cbda5af": {
"Name": "mongo",
"EndpointID": "b399bb72f28b6d47a93927712a665dcc725d27a6ba2ee432e715db00c9cbc835",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"fa7e4066e436181ce2991e048790f8de518af31fb97cf9351316ff8f41824449": {
"Name": "api",
"EndpointID": "bf8d071683bfa4ecbd215f3dd534d0e278702ed4377552ef242e5c65b01c3fa1",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
},
"fb544ef5389afd74d53f45d6de968008632b65340f161527a9c7aa4214aa7674": {
"Name": "web",
"EndpointID": "2dc3e8a452c241916a2e9f7e25b33ee7997fe2d25ec3543e5d34e888e50d905c",
"MacAddress": "02:42:ac:12:00:04",
"IPv4Address": "172.18.0.4/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {
"com.docker.compose.network": "default",
"com.docker.compose.project": "tmp",
"com.docker.compose.version": "1.21.2"
}
}
]
In the net work tab, the request is saying failed, which would indicate to me that the request is failing to leave the container at all.
Your compose file creates a docker network. You're running "web" in a container on that network. All containers in the docker network can access other containers via the hostname. However, the browser is running on your host machine. Your host machine is not in the docker network. Therefore your browser won't be able to access the api container via the hostname. If you type http://api:4505/user/sign-in into the browser url bar, it's doing the same thing, and you'll also get an error.
i'm used custom docker network named "backend-network"
[root#localhost docker]# docker inspect backend-network
{
"Name": "backend-network",
"Id": "18180c0c1ef14460a25b66b7fb971e090f7bb85f549921704d11937af70766c7",
"Created": "2018-08-07T12:36:02.4175991+09:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Containers": {
"531c1ecbe993ee13e632fbd9697b392ee989d756ff60c07eae96a700901aaa01": {
"Name": "splash",
"EndpointID": "c9e4e7ec319ecf9cdcbb9ca50170efb63c4fca33bcbbabb584c4a4e41576b15d",
"MacAddress": "02:42:ac:12:00:05",
"IPv4Address": "172.18.0.5/16",
"IPv6Address": ""
},
"c6a5aa827e901b6b6d7b35d4a8be5a5b2fc73f1a7a385416ce200e847d400b21": {
"Name": "flask",
"EndpointID": "5d5abb3bc964d251379a7f6a84cb5b5d9bddac9b778f2222d52aba657b28dd34",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"da839143fb58d738e38922c669efa332c545fee4dd0a5b733583ed7b8df60875": {
"Name": "django",
"EndpointID": "f046e9cc93f895b12ce1c4de983fbe0e54a3904460c04db3ba238ba84ba82327",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
},
"fc9e6ef183c81a3fe7dd29ecb5c17c0dc27fb803ef8e214d4f344a2b3407ec54": {
"Name": "mongo",
"EndpointID": "ab94182f4b175f105ab01ccbbc43b7dad37cf5506eee831168fd5bd9094ccde8",
"MacAddress": "02:42:ac:12:00:04",
"IPv4Address": "172.18.0.4/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
But each Container not used host DNS.
host DNS is.
[root#localhost docker]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.88.1
and container DNS is
(django) root#da839143fb58:/opt/django_backend/scrapy_app# cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
i added
nameserver 192.168.88.1
container's resolv.conf, and it works but request too long.
I think first search in
nameserver 127.0.0.11
and search
nameserver 192.168.88.1
how can i set docker-network to host dns?
remove
nameserver 127.0.0.11
then don't communicate other container by name. like
(django) root#da839143fb58:/opt/django_backend/scrapy_app# ping splash
ping: splash: Name or service not known
Docker containers are resolving DNS requests through embedded DNS server (this is the IP you are seeing in the container's /etc/resolv.conf – see bottom note in documentation). Depending on your configuration the embedded DNS server forwards the query to your host (default) or another DNS-server. You can pass a custom DNS server with the --dns- flag.
Please find more information about that in the documentation.
I've two docker containers apiserver and loginserver. Both of them are provide REST API and are built using spring boot. I've created a bridge network called my-network and both the containers are attached to the same bridge.
I pinged loginserver from apiserver via interactive shell and it is accessible. I make REST request from the host machine so I know the socket exposed. But, when I make the same REST request from apiserver to loginserver, I am getting error:
: HttpQueryService::uri=http://172.28.0.7:8090/users/login
2018-06-19 19:08:24.196 ERROR 7 --- [nio-9000-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
org.apache.http.conn.HttpHostConnectException: Connect to 172.28.0.7:8090 [/172.28.0.7] failed: Connection refused (Connection refused)
Here are the details from my-network:
docker network inspect my-network
[
{
"Name": "my-network",
"Id": "ef610688b58b6757cba57caf6261f7a1eaeb083798098214c4848cbb152cae26",
"Created": "2018-04-21T00:19:46.918124848Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.28.0.0/16",
"Gateway": "172.28.0.1"
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"71863d2f61789d4350fcabb1330b757500d5734a85c68b60eb1ac8f6f1e8344e": {
"Name": "mymongo",
"EndpointID": "717c8dbdc8993a70f9d3e97e549cb9784020b8e68e7a557c30b0818b4c9acb90",
"MacAddress": "02:42:ac:1c:00:02",
"IPv4Address": "172.28.0.2/16",
"IPv6Address": ""
},
"936447ce8325f3a7273a7fb462d75e55841a9ff37ccf27647831b3db1b8a1371": {
"Name": "mypg",
"EndpointID": "6a1a1b2f7852b89a9d2cb9b9abecdabd134849cd789c31613c7ddb91a4bc43d1",
"MacAddress": "02:42:ac:1c:00:06",
"IPv4Address": "172.28.0.6/16",
"IPv6Address": ""
},
"ad03348dffaef3edd916d349c88e8adf6cf7d88dbc40f82dc2384dee826cfa83": {
"Name": "myloginserver",
"EndpointID": "fe22c2b5f57b7fe4776087972ffa5f7f089ca6a59fde2fa677848b3f238ea026",
"MacAddress": "02:42:ac:1c:00:07",
"IPv4Address": "172.28.0.7/16",
"IPv6Address": ""
},
"c69bfbf9ccdc9e29e87d2847b5c2a51e9c232fb8d06635bcef0cdd1f7c66e051": {
"Name": "apiserver",
"EndpointID": "46e94a52d34670eb00448b1d39a0cc365b882ece790c9d868dcee04ad141d1ca",
"MacAddress": "02:42:ac:1c:00:0b",
"IPv4Address": "172.28.0.11/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
Is port 8090 exposed by your loginserver image? For checking type in command
docker images
and then find the ImageID of your loginserver image. Then enter command
docker inspect image {Login server image id}
In the output check ExposedPorts if 8090 is exposed or not
Late to the party but I just fixed this on my system by setting the address to get the REST request from as the public IP address:
eg: http://217.114.203.196/myrequest
When I do
docker run -i -t --privileged busybox ping google.com
It works when the VPN is OFF on my host machine but when I start it, it fails.
I found my DNS Server address by using
sudo systemd-resolve --status | grep "DNS Server"
And I tried to use it in the docker container, it gives :
docker run -i -t --privileged --dns=192.168.1.254 busybox nslookup google.com
Server: 192.168.1.254
Address 1: 192.168.1.254
Name: google.com
Address 1: 2607:f8b0:4020:804::200e yul02s04-in-x0e.1e100.net
Address 2: 172.217.13.206 yul03s05-in-f14.1e100.net
So it can find the IP address of the domain but I'm still not able to ping the it.
When I use the --network host option, it works but I have trouble with other containers.
Here is my /etc/resolv.conf file when the VPN is OFF :
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 8.8.8.8
nameserver 127.0.0.53
search telus
And when it's ON :
nameserver 8.8.8.8
nameserver 8.8.4.4
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
search telus
And here is information about the network used by the container :
[
{
"Name": "project_default",
"Id": "e5b5cdaf12ea277f28b5e5a050041a55fe33d279bcd6b2c737a3a6cdfb039ea2",
"Created": "2017-10-05T21:24:16.200249606+02:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.19.0.0/16",
"Gateway": "172.19.0.1"
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"03af7eb1bcfb394c436784974603ad72667610a8a2bba6f8ec3ca87a3eecc733": {
"Name": "project_mongo_1",
"EndpointID": "6567c3ad72fba3d2d4519d6aa47ac9fc7d65d2b6884f91aa70f4041ba2fc98cc",
"MacAddress": "02:42:ac:13:00:02",
"IPv4Address": "172.19.0.2/16",
"IPv6Address": ""
},
"13dce3db104e2dafb2ebbdceeefe1a5ca8559808c050a9e95d4abae5b2203b54": {
"Name": "project_redis_1",
"EndpointID": "fb5abe7b896fb9d5f635cd30cbc57ad721e184c36a754bffce696b7f7fc1fbfc",
"MacAddress": "02:42:ac:13:00:05",
"IPv4Address": "172.19.0.5/16",
"IPv6Address": ""
},
"3f301bd0973637ac4440f9f9bfc8f6d2fdf4d3bf048ab95c9db91ef03dc4cde1": {
"Name": "dimelo_faye_server",
"EndpointID": "90eda817636ce87123882187cea629c63419712816fbf952364959fd6d41f25b",
"MacAddress": "02:42:ac:13:00:06",
"IPv4Address": "172.19.0.6/16",
"IPv6Address": ""
},
"530c61bfde2a21812ae3b677f0a019805a1dcea21722d181648defd0037de7f3": {
"Name": "project_elasticsearch_1",
"EndpointID": "a8cd9df941907c4abfb5762fe6af5069cfa6e97259d2d5c1c9992f269f6b444a",
"MacAddress": "02:42:ac:13:00:03",
"IPv4Address": "172.19.0.3/16",
"IPv6Address": ""
},
"5e615627d664bf5cad7b31f5594bc64730dca46ae8c80bb12b0ee881dac8bfb1": {
"Name": "project_memcache_1",
"EndpointID": "b7388f26c1aaedb98ebc6d3eac018d713e0c914bc4d6a84501358cc126be1105",
"MacAddress": "02:42:ac:13:00:04",
"IPv4Address": "172.19.0.4/16",
"IPv6Address": ""
},
"6b143aa84d6fd55245b462220a4dab4f54c9d365ab4a1e7c7823265b53432bbb": {
"Name": "project_web_run_53",
"EndpointID": "964311691aefff57c9ad5898b1153c8a166575193c25babad575e9990092e911",
"MacAddress": "02:42:ac:13:00:08",
"IPv4Address": "172.19.0.8/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {
"com.docker.compose.network": "default",
"com.docker.compose.project": "project"
}
}
]
What can I do to be able to have access to Internet on the container when the VPN is ON?