I am trying to deploy a private docker registry that supports IPv6. I followed the steps here to define my IPv6 address.
docker-compose.yml
version: '2.1'
services:
registry:
restart: always
image: registry:2
ports:
- "5000:5000"
environment:
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry
REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
volumes:
- ./auth:/auth
- ./data:/data
networks:
dock_net:
ipv6_address: 2001:db8::10
networks:
dock_net:
enable_ipv6: true
driver: bridge
ipam:
driver: default
config:
- subnet: 2001:db8::/32
gateway: 2001:db8::1
As far as I can tell it "works". A docker inspect shows the global IP address as the one I defined. I can ping the address, but if I issue curl -u username:password http://[<ipv6 address>]:5000/v2/_catalog on the host system (the one hosting the repository) it fails with no route to host.
Is there a step I missed during setup?
If need to be accessible from internet - you can put it behind cloudflare, and it will be accessible from both ipv6 and ipv4.
Related
I am trying to assign my APP with a static IP. I think I have assigned the IP, but I cannot reach the IP from outside either curl or the browser.
docker-compose.yaml
version: '3.8'
services:
client:
container_name: client
build: ./frontend
ports:
- 3000:3000
working_dir: /app
volumes:
- ./frontend:/app/
- /app/node_modules
networks:
app_net:
ipv4_address: 172.16.238.10
hostname: client
command: npm run dev
networks:
app_net:
driver: bridge
ipam:
driver: default
config:
- subnet: "172.16.238.0/24"
Terminal message when I run it:
client | > frontend#0.0.0 dev
client | > vite
client |
client |
client | VITE v3.2.2 ready in 710 ms
client |
client | ➜ Local: http://localhost:3000/
client | ➜ Network: http://172.16.238.10:3000/
I can reach http://localhost:3000/ on the browser just fine. But whenever I try to reach http://172.16.238.10:3000/, I get a timeout. Something this on the browser:
This site can’t be reached
172.16.238.10 took too long to respond.
ERR_CONNECTION_TIMED_OUT
I can curl to the IP I assigned inside the docker container, but I cannot do it from outside. Is it possible to expose the IP to the outside?
If you manage to assign another IP address (172.16.238.10) to the host, the container can continue having a dynamic IP address. You can map the port 3000 only to the IP address 172.16.238.10.
Then you can connect to 172.16.238.10:3000 as so:
version: '3.8'
services:
client:
container_name: client
build: ./frontend
ports:
- 172.16.238.10:3000:3000
working_dir: /app
volumes:
- ./frontend:/app/
- /app/node_modules
networks:
- app_net
hostname: client
command: npm run dev
networks:
app_net:
driver: bridge
You probably want to look at using a macvlan network instead of bridged.
As a general rule, you can't access the container-private IP addresses at all. It happens to be possible on native Linux, not using Docker Desktop or another VM-based setup, and only if you're on the same machine as the container, but given all of these constraints it's usually better to not try it.
The standard way to access a container from outside is to declare ports: for it, and to use the host's DNS name or IP address and the published port number. Don't declare any IP-related setup in your Compose file at all.
Assuming your Dockerfile is correctly constructed, you should be able to reduce that Compose file to just
version: '3.8'
services:
client:
build: ./frontend
ports:
- 3000:3000
and calling http://host.example.com:3000/ using your host's DNS name, or http://localhost:3000 if you're on the same host, will forward to port 3000 in the container. None of the other Compose options are necessary.
I have started learning about Docker and containers, and have been given an assignment to "Host a docker container on the external network (the one that the host is connected to) with its own IP address that is valid for said network".
As far as my understanding goes, Docker containers allow to forward ports onto the host, without exposing the docker container to the outside network. Is there any way to expose the whole container, with all its ports and have its own IP onto the external network?
Here is a excerpt from a test docker-compose.yaml file:
env20:
build: ./env20
image: env20
container_name: env20
hostname: env20
ports:
- "22:22/tcp"
- "80:80/tcp"
depends_on:
- mysql
networks:
gnet:
ipv4_address: 10.10.11.30
restart: unless-stopped
#############################################################
# Netowrk setup
#############################################################
networks:
gnet:
name: gnet
driver: macvlan
ipam:
driver: default
config:
- subnet: 10.10.11.0/24
gateway: 10.10.11.1
Any help would be appreciated!
I am trying to use docker on my debian server. There are several sites using Django framework. Every project run in it's own container with gunicorn, single nginx container works as a reverse proxy, data stores in mariadb container. Everything works correctly. It is necessary to add zabbix monitoring system on server. So, I use zabbix-server-mysql image as a zabbix-backend and zabbix-web-nginx-mysql image as a frontend. Backend run successfully, frontend fails with errors such as: "can't binding to 0.0.0.0:80 port is already allocated", nginx refuse connection to domains. As I understand, zabbix-web-nginx-mysql create another nginx container and it causes problems. Is there a right way to use zabbix images with existing nginx container?
I have a nginx reverse proxy installed on the host, which I use for proxy redirect into container. I have a working configuration for docker zabbix with the following configuration (I have omitted the environment variables).
My port 80 for the web application is served through anoter which is same set on nginx proxy_pass. Here the configuration
version: '2'
services:
zabbix-server4:
container_name: zabbix-server4
image: zabbix/zabbix-server-mysql:alpine-4.0.5
user: root
networks:
zbx_net:
aliases:
- zabbix-server4
- zabbix-server4-mysql
ipv4_address: 172.16.238.5
zabbix-web4:
container_name: zabbix-web4
image: zabbix/zabbix-web-nginx-mysql:alpine-4.0.5
ports:
- 127.0.0.1:11011:80
links:
- zabbix-server4
networks:
zbx_net:
aliases:
- zabbix-web4
- zabbix-web4-nginx-alpine
- zabbix-web4-nginx-mysql
ipv4_address: 172.16.238.10
zabbix-agent4:
container_name: zabbix-agent4
image: zabbix/zabbix-agent:alpine-4.0.5
links:
- zabbix-server4
networks:
zbx_net:
aliases:
- zabbix-agent4
ipv4_address: 172.16.238.15
networks:
zbx_net:
driver: bridge
driver_opts:
com.docker.network.enable_ipv6: "false"
ipam:
driver: default
config:
- subnet: 172.16.238.0/24
gateway: 172.16.238.1
Is that possible to specify a static IP for docker container using docker-compose?
eth-java:
image:
registry-intl.ap-southeast-1.aliyuncs.com/einnity/coin-ethereum:1.0
container_name:
eth-java
ports:
- "8002:8198"
networks:
my-network:
ipv4_address: 192.168.1.21
And this container will communicate with
eth:
image:
ethereum/client-go
container_name:
eth
ports:
- "8545:8545"
- "30303:30303"
networks:
my-network:
ipv4_address: 192.168.1.17
volumes:
- /storage/eth/rinkeby:/root/.ethereum/rinkeby/
and the network settings is
networks:
my-network:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.1.0/24
I type docker exec -it eth-java /bin/bash. Then I type curl and call RPC on 192.168.1.17:8545, it doesnt work. If don't hardcode the IP and use the dynamic IP, this will works. I just hate using dynamic IP because everytime when restarting the docker container, another IP will be given and I need to change my DB value every time.
Is there a way for setting a static IP on docker 1.7? I am currently running RedHat 6 so can only use Docker version up to 1.7.
The problem I am having is that default IP Docker defaults to an IP and its clashing with the one my server uses. Is there a way to specifically tell Docker to use a certain IP 127.0.0.2 for example?
You can use docker-compose to start up your containers. In that file you can define ipv4_address which will assign an static IP to your container. Here is an example
version: "2"
services:
SERVICE1:
image: $IMAGE_NAME
container_name: $CONTAINER_NAME
ports:
- "8080:8080"
networks:
mynet:
ipv4_address: 172.25.0.100
networks:
mynet:
driver: bridge
ipam:
config:
- subnet: 172.25.0.0/24