Database service is running in specific org and space. Two apps are bound to this DB service.
To apply liquibase change from Jenkins to DB service, we need JDBC connection between Jenkins and bosh instance.
Jenkins is outside PCF
How to retrieve IP address of Database service host?
How to retrieve IP address of Database service host?
Load the hostname from VCAP_SERVICES and then resolve it. You can use jq to read VCAP_SERVICES and pull out the hostname. You can then use dig <hostname> or host <hostname> to resolve the hostname. Then you have the IP.
If you're trying to access a service from outside CF, make sure that you have network and firewall access to said service. Network access is often restricted/blocked outside of the CF environment.
Hope that helps!
Related
I have a python application running in a docker container in Google Cloud Run.
I have a VM instance which hosts a MongoDB instance. I need my python application, which is running in a docker container to access the database in the VM.
So far, it only runs in a Connection refused error. I "probably" understand that this is because it is not able to recognize the outside IP address. How do I make the application in the docker container access the outside world?
Edit: The problem was not with container not being able to access the outside world. The problem was that the "internal IP address" was not reachable. The solution, as suggested by #guillaumeblaquiere was to create a Serverless VPC Connector.
Posting #guillaume blaquiere comment for visibility:
Use a serverless VPC connector and access to your VPC through it.
As stated in the edit:
The problem was not with container not being able to access the outside world. The problem was that the "internal IP address" was not reachable.
See also:
Connect to a VPC network
Configure private access to MongoDB Atlas with Serverless VPC Access
Say I have a Swarm of 3 nodes on my local system. And I create a service say Drupal with a replication of 3 in this swarm. Now, say each of the node has one container each running Drupal. Now when I have to access this in my browser I will have to use the IP address of one of the nodes <IP Address>:8080 to access Drupal.
Is there a way I can set a DNS name for this service and access it using DNS name instead of having to use IP Address and port number?
You need to configure the DNS server that you use on the host making the query. So if your laptop queries the public DNS, you need to create a public DNS entry that would resolve from the internet (on a domain you own). This should resolve to the docker host IPs running the containers, or an LB in front of those hosts. And then you publish the port on the host to the container you want to access.
You should not be trying to talk directly to the container IP, these are not routeable from outside of the docker host. And the docker DNS used for service discovery is for container to container communication. This is separate from communication outside of docker that goes through a published port.
How do you access remote Docker container by its hostname?
I need to access remote Docker containers by its hostnames (or some constant IP's) for development and testing purposes. I have tried:
looking for any DNS approach (have not found any clues),
importing /ets/hosts (probably impossible),
creating tunnes (only this works but it is very time consuming).
It's the same as running any other process on a host, Docker or not Docker: you access it via the host name or IP address of the host and the port the service is listening on (the first port of the docker run -p argument). Docker containers don't have externally visible individual IP addresses any more than non-Docker HTTP or ssh daemons do.
If you do have DNS infrastructure available to you, you could set up CNAME records to resolve particular service names to the specific hosts that are running them.
One solution that may help you is some sort of service registry; in the past I've used Consul with some success. You can configure Consul with some health checks or other probes ("look for an HTTP service on port 12345 that answers GET / calls"), and it will provide its own DNS service ("okay, http://whatevername.service.consul:12345/ will reach your service on whichever hosts it happens to be running on").
Nothing in the Docker infrastructure specifically helps this. Using /etc/hosts is distinctly not a best practice: the name-to-IP mapping needs to be kept in sync across all machines and you'll start wishing you had a network service to publish it for you, which is exactly what DNS is for.
can i ping one workload from other workload by workloadname?
I accustomed on rancher 1.0, where if i created stack with more conteiner so i can ping one from other conteiner by name.
for example: I have api and database and I need api to communicate with databases. When i click on execute shell on api and write "ping database", so not working.
I write connection string to database in api environmental variable.
And YES i can create database and take database ip a write it to ENV, but this ip will change after each restart.
It's possible to call by some not generate name?
thanks
EDIT:
Service discovery:
Shell:
As you see, so translate database name is work. Only ping database container not working.
To communicate between services you can communicate with cluster IP or with Service Name.
Using the ServiceName will be easier.
The service discovery add a DNS for each of your service. So if you have api, app and database you will have a DNS entry for each of those services.
So within your services, you can refer directly to the DNS.
Example: To connect in JDBC to a schema name test in your database, you would do something like this:
jdbc:mysql://database/test
see:
https://rancher.com/docs/rancher/v2.x/en/k8s-in-rancher/service-discovery/
If you want to know the clusterIP of you services you can run this command: kubectl get services --all-namespaces
Edit 1: Adding ClusterIP as a way to communicate with a service.
Kubernetes Service IP is implemented using "iptables" on the linux hosts which are part of the cluster. If you examine those rules closely, ONLY the port specified as part of the Service is exposed, not the ICMP port, which means, one cannot ping the Service IP addresses by default. But you would still be able to communicate with the Service on the designated port.
I have a Google Cloud instance with internal and external IP addresses:
hostname -I
10.......5 172......1
The first is the internal and the second is the external IP.
When I create a docker container and run the same command I get:
hostname -I
172......2
I want to scp data between two Google Cloud machines, and I want to make sure I'm not incurring any egress. How can I make sure the docker container uses the internal IP address in Google Cloud?
Thanks!
You can expose a port in the host from your docker, as per this example but for an nginx. You can use Host Networking for your purpose.
This is explained in this thread already