Use kubeadm to install Kubernetes cluster by Vagrant followed official guide:
https://kubernetes.io/docs/getting-started-guides/kubeadm/
It was successful when install on master host:
kubeadm init
And generated a token:
[root#localhost ~]# kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION
1eb2c2.8c9s81b32cc9937e <forever> <never> authentication,signing The default bootstrap token generated by 'kubeadm init'.
Use this token to join from nodes hosts:
kubeadm join --token=1eb2c2.8c9s81b32cc9937e 192.168.33.200:6443
Then got error:
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[preflight] Running pre-flight checks
[discovery] Trying to connect to API Server "192.168.33.200:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://192.168.33.200:6443"
[discovery] Failed to request cluster info, will try again: [User "system:anonymous" cannot get configmaps in the namespace "kube-public". (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [User "system:anonymous" cannot get configmaps in the namespace "kube-public". (get configmaps cluster-info)]
[discovery] Failed to request cluster info, will try again: [User "system:anonymous" cannot get configmaps in the namespace "kube-public". (get configmaps cluster-info)]
The Vagrantfile:
# Master Server
config.vm.define "master", primary: true do |master|
master.vm.network :private_network, ip: "192.168.33.200"
master.vm.network :forwarded_port, guest: 22, host: 1234, id: 'ssh'
end
# Node1 Server
config.vm.define "node1", autostart: true do |node1|
node1.vm.network :private_network, ip: "192.168.33.201"
node1.vm.network :forwarded_port, guest: 22, host: 1235, id: 'ssh'
end
And, the ip address in master host:
[root#localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:98:15:79 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 86132sec preferred_lft 86132sec
inet6 fe80::f7f:ed69:e0f3:2e88/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:6c:30:78 brd ff:ff:ff:ff:ff:ff
inet 192.168.33.200/24 brd 192.168.33.255 scope global enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe6c:3078/64 scope link
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:0f:90:a5:21 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
I set the 192.168.33.200 as a private ip. Why it shows at the third position?
Is it the reason that node1 host can't access this host?
But I have did a test about apache server. After I installed httpd on master host, I can access the web page from browser: http://192.168.33.200.
Addition
I can ssh to master host(192.168.33.200) from node host(192.168.33.201). But need password:
[root#localhost ~]# ssh vagrant#192.168.33.200
The authenticity of host '192.168.33.200 (192.168.33.200)' can't be established.
ECDSA key fingerprint is 04:9d:3e:eb:4e:7b:14:17:2d:e8:18:0d:80:ab:71:9c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.33.200' (ECDSA) to the list of known hosts.
vagrant#192.168.33.200's password:
Last login: Wed May 24 01:09:34 2017 from 10.0.2.2
[vagrant#localhost ~]$
ip route information(master host 192.168.33.200)
[root#localhost ~]# ip route
default via 10.0.2.2 dev enp0s3 proto static metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
169.254.0.0/16 dev enp0s8 scope link metric 1003
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
192.168.33.0/24 dev enp0s8 proto kernel scope link src 192.168.33.200
For host with multiple interfaces, it's possible to specify the one that master listens on with
kubeadm init --apiserver-advertise-address <ip_address>
Related
I'm running a k3s cluster and a docker traefik container on the same host. The traefik docker container is actually doing the reverse proxy stuff for tls which is working already on ports 80 and 443 for my different subdomains. I'm trying to get ssh working (for only one subdomain) too but without success so far.
port 22 is open through ufw allow (on Ubuntu 22.04)
traefik rules are set as following:
tcp:
routers:
giti-ssh:
entrypoints:
- "https"
rule: "HostSNI(`*`)"
tls: {}
service: giti-ssh
services:
giti-ssh:
loadBalancer:
servers:
- address: "10.42.0.232:22"
k3s is running flannel and metallb where the externalIP-range is at 10.42.0.0
ip a shows (the interesting parts):
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:19:ea:c3 brd ff:ff:ff:ff:ff:ff
altname enp11s0
inet "private"/32 metric 100 scope global dynamic ens192
valid_lft 36147sec preferred_lft 36147sec
inet 10.42.0.200/32 scope global ens192
valid_lft forever preferred_lft forever
inet6 "private"/64 scope link
valid_lft forever preferred_lft forever
3: br-5014eb2ffdf2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:7e:ab:72:98 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-5014eb2ffdf2
valid_lft forever preferred_lft forever
inet6 fe80::42:7eff:feab:7298/64 scope link
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:a5:03:77:2c brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
7: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
link/ether 42:1b:d3:49:d3:6b brd ff:ff:ff:ff:ff:ff
inet 10.42.0.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::401b:d3ff:fe49:d36b/64 scope link
valid_lft forever preferred_lft forever
8: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000
link/ether e2:27:27:96:96:7e brd ff:ff:ff:ff:ff:ff
inet 10.42.0.1/24 brd 10.42.0.255 scope global cni0
valid_lft forever preferred_lft forever
inet6 fe80::e027:27ff:fe96:967e/64 scope link
valid_lft forever preferred_lft forever
the containers are set up and the service for the one for ssh is listening on port 22 as type: LoadBalancer
I can connect to that container through another service and IP on port 443 from the traefik reverse proxy but am missing something for port 22 and I think it has something to do with the traefik HostSNI or maybe the iptables....
Can s.o. give me a hint on how to achieve this.
Thanks in advance!
jim
I have a docker kylemanna/openvpn server to access a private network, with configured users. VPN is working. Internet access through nat works. I want to see sites on the internal network vpn client IP instead of vpn server host address 192.168.140.38. I lost about 3 weeks in time, and read a lot of documentation, but the experience is not enough. I tried using macvlan, tap(server-bridge and docker:host) but it didn't work (nothing worked). I'm terribly tired, any help is appreciated
My system: ubuntu 20
My server IP (openvpn): 192.168.140.38 (external ip 88.56..)
My gateway: 192.168.140.1
DHCP server range: 192.168.140.1/24
command generation configuration
ovpn_genconfig -N -2 -e 'duplicate-cn' -n '192.168.140.1' -n '8.8.8.8' -n '8.8.4.4' -d
-C 'AES-256-GCM' -e 'tls-crypt-v2 /etc/openvpn/pki/private/vpn_server.pem'
-s '10.10.140.0/24' -u udp://77.66.19.237:587 -e 'topology subnet' -p '192.168.140.0
255.255.255.0' -p "10.0.0.0 255.255.255.0' -p '192.168.2.0 255.255.255.0'
openvpn.conf
server 10.10.140.0 255.255.255.0
verb 3
key /etc/openvpn/pki/private/77.66.19.237.key
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/issued/77.66.19.237.crt
dh /etc/openvpn/pki/dh.pem
tls-auth /etc/openvpn/pki/ta.key
key-direction 0
keepalive 10 60
persist-key
persist-tun
proto udp
# Rely on Docker to do port mapping, internally always 1194
port 1194
dev tun0
status /tmp/openvpn-status.log
user nobody
group nogroup
cipher AES-256-GCM
comp-lzo no
### Push Configurations Below
push "dhcp-option DNS 192.168.140.1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "comp-lzo no"
push "route 192.168.140.0 255.255.255.0"
push "route 10.0.0.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
reneg-sec 0
### Extra Configurations Below
duplicate-cn
topology subnet
docker-compose.yml
version: '3.8'
services:
openvpn:
container_name: openvpn
build: #fix last version (2.5) I get last build docker image
context: ./docker-openvpn
dockerfile: Dockerfile
restart: always
ports:
- "587:1194/udp"
command: bash -c "ovpn_run"
cap_add:
- NET_ADMIN
volumes:
- ./openvpn-data/conf:/etc/openvpn
networks:
stack:
ipv4_address: 192.168.140.153
networks:
stack:
external: true
This configuration works well however I would like my internal resources to be able to identify me with a unique ip address
I tried do macvlan network:
#we take the entire network and determine the DHCP output range (Part of the network is divided into macvlan stack)
root#test-openvpn ~ # docker network create -d macvlan --subnet=192.168.140.0/24 --gateway=192.168.140.1 --ip-range=192.168.140.153/31 -o parent=ens160 stack
#create macvlan-br0 in host interface to redirect traffic from host eth0 to docker
ip link add macvlan-br0 link ens160 type macvlan mode bridge
# allocate ip from dhcp for bridge
ip addr add 192.168.140.152/32 dev macvlan-br0
ip link set macvlan-br0 up
#associate the host network with the docker DHCP network
ip route add 192.168.140.153/31 dev macvlan-br0
#test network
ssh root#192.168.140.152 #success bridge create
root#test-openvpn ~ # docker run --net=stack --rm busybox sh -c "ip ad sh && ping 192.168.140.152 -c 2 && ping google.com -c 2"
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
125: eth0#if2: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:8c:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.140.152/24 brd 192.168.140.255 scope global eth0
valid_lft forever preferred_lft forever
PING 192.168.140.152 (192.168.140.152): 56 data bytes
64 bytes from 192.168.140.152: seq=0 ttl=64 time=1.645 ms
64 bytes from 192.168.140.152: seq=1 ttl=64 time=0.097 ms
--- 192.168.140.152 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.097/0.871/1.645 ms
PING google.com (172.217.168.206): 56 data bytes
--- google.com ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:b2:39:c4 brd ff:ff:ff:ff:ff:ff
inet 192.168.140.38/24 brd 192.168.140.255 scope global dynamic ens160
valid_lft 4143sec preferred_lft 4143sec
inet6 fe80::250:56ff:feb2:39c4/64 scope link
valid_lft forever preferred_lft forever
5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:90:fa:7a:a6 brd ff:ff:ff:ff:ff:ff
inet 172.30.0.1/24 brd 172.30.0.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:90ff:fefa:7aa6/64 scope link
valid_lft forever preferred_lft forever
99: veth3443190#if98: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 7e:0a:b2:53:84:7c brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::7c0a:b2ff:fe53:847c/64 scope link
valid_lft forever preferred_lft forever
103: br-fe3e6d8d0ad4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:b2:6e:7a:9f brd ff:ff:ff:ff:ff:ff
inet 172.30.3.1/24 brd 172.30.3.255 scope global br-fe3e6d8d0ad4
valid_lft forever preferred_lft forever
inet6 fe80::42:b2ff:fe6e:7a9f/64 scope link
valid_lft forever preferred_lft forever
106: macvlan-br0#ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 16:c9:47:98:c7:6b brd ff:ff:ff:ff:ff:ff
inet 192.168.140.152/32 scope global macvlan-br0
valid_lft forever preferred_lft forever
inet6 fe80::14c9:47ff:fe98:c76b/64 scope link
valid_lft forever preferred_lft forever
Internet doesn't work container through docker macvlan
So here is my problem:
I have a server with debian 10 that runs docker
In the docker containers i run pihole
When i run the pihole container, docker set his ip to 172.17.0.2
Docker itself create a network interface called: docker0 and his ip is 172.17.0.1
The problem being outside the server, when i ping to the docker interface 172.17.0.1 its fine, but when i ping to the docker container 172.17.0.2 its no reachable.
Here is the ip a command output
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether ac:16:2d:12:30:71 brd ff:ff:ff:ff:ff:ff
inet 10.42.0.247/24 brd 10.42.0.255 scope global dynamic eno1
valid_lft 3152sec preferred_lft 3152sec
inet6 fe80::ae16:2dff:fe12:3071/64 scope link
valid_lft forever preferred_lft forever
3: wlp2s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether d0:37:45:80:81:0f brd ff:ff:ff:ff:ff:ff
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:55:80:15:34 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:55ff:fe80:1534/64 scope link
valid_lft forever preferred_lft forever
25: vethedcefcc#if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether e2:02:56:8f:9b:22 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::e002:56ff:fe8f:9b22/64 scope link
valid_lft forever preferred_lft forever
What i need to do?, what i have to configure?
Thanks:
~James Phoenix
You can't access container IP directly from host.
If you want to access service from outside you need to forward (publish) service ports
Example:
docker host IP → 192.168.0.111
container IP → 172.17.0.111
Run nginx container and publish 8080 port to connect from outside:
docker run --name some-nginx -d -p 8080:80 some-content-nginx
Here 8080 is external port (accessible from outside)
And 80 is internal port (accessible from container group in same network)
Access to nginx:
curl http://localhost:8080
# or
curl http://192.168.0.111:8080
By default we have a bridge named docker0 on host machine as one component of docker networking.
When we run a docker container, it creates a vethxxx pipe which binds docker0 with one point and container with the other point, named eth0.
I'm trying to find the trace of those eth0 interface on host machine.
I've expected to find some network namespace via:
ip netns show
But it's clear. So how could I see the representation of a container's eth0 interface on host machine?
Generally, each container has an isolated network namespace on host. And the interface eth0 in a container is encapsulated in a network namespace(aka sandbox in Docker terminology). So if you want to see eth0 on host side, you must enter its network namespace first.
But docker containers' network namespaces lay in different directory from those created manually. They lay in /var/run/docker/netns. So we need create a soft link to /var/run/netns.
ln -s /var/run/docker/netns /var/run/netns
ip netns list
ip netns exec xxxx ip addr show
Thus, you could see the other side of veth on host machine in each isolated network namespace.
root#Light-G:/var/lib# ip netns exec 459c238c2a4f ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
15: eth0#if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:0a:0a:c7:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.10.199.2/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:aff:fe0a:c702/64 scope link
valid_lft forever preferred_lft forever
I am using docker 17.03 version in centos 7
Kernel version - 3.10.0-514.10.2.el7.x86_64
Client:
Version: 17.03.0-ce
API version: 1.26
Go version: go1.7.5
Git commit: 3a232c8
Built: Tue Feb 28 08:10:07 2017
OS/Arch: linux/amd64
Server:
Version: 17.03.0-ce
API version: 1.26 (minimum version 1.12)
Go version: go1.7.5
Git commit: 3a232c8
Built: Tue Feb 28 08:10:07 2017
OS/Arch: linux/amd64
Experimental: false
I have node-0 and node-1 for the docker multi host networking and i am using consul. In node-0 i have created a consul container using the below command,
docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap
then i have created a drop-in file inside /etc/systemd/system/docker.service.d and added the below lines,
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=consul://<NODE-0-PRIVATE-IP>:8500/network --cluster-advertise=<NODE0-IP>:2375"
once this is done, i have restarted the docker demon and created a overlay network using the command,
docker network create -d overlay --subnet=10.10.10.0/24 my-net
then i have created a container called container1 in node-0 and mapped it to the my-net.
In node-1 machine, i have created a drop-in file inside /etc/systemd/system/docker.service.d and added the below lines,
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=consul://<NODE-0-PRIVATE-IP>:8500/network --cluster-advertise=<NODE1-IP>:2375"
and started a container called container2 and mapped it to my-net.
My setup will look like,
node0 - consul, container1
node1 - container2
Inside the container2, i am trying to ping container1 but getting the below response,
PING container1 (10.10.10.3) 56(84) bytes of data.
From container2 (10.10.10.4) icmp_seq=1 Destination Host Unreachable
From container2 (10.10.10.4) icmp_seq=2 Destination Host Unreachable
From container2 (10.10.10.4) icmp_seq=3 Destination Host Unreachable
From container2 (10.10.10.4) icmp_seq=4 Destination Host Unreachable
from node0, ip a shows
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:50:56:9d:9c:9f brd ff:ff:ff:ff:ff:ff
inet <NODE0-PRIVATE-IP>/24 brd 192.168.5.255 scope global ens32
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe9d:9c9f/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:57:6d:e8:a9 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:57ff:fe6d:e8a9/64 scope link
valid_lft forever preferred_lft forever
4: docker_gwbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:10:5b:7d:b5 brd ff:ff:ff:ff:ff:ff
inet 172.19.0.1/16 scope global docker_gwbridge
valid_lft forever preferred_lft forever
inet6 fe80::42:10ff:fe5b:7db5/64 scope link
inside container1, ip a shows as,
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
18: eth0#if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP
link/ether 02:42:0a:0a:0a:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.10.10.3/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:aff:fe0a:a03/64 scope link
valid_lft forever preferred_lft forever
20: eth1#if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:13:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet 172.19.0.3/16 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe13:3/64 scope link
valid_lft forever preferred_lft forever
Do i need to change anything to get this work? Thanks in advance.
I have docker 18.09.1 on CentOS7, i was not able to ping a remote host from docker host machine, when pinging I was getting the IP of docker_gwbridge, network, configured by docker
searched and found this article https://github.com/docker/for-mac/issues/2345, ran the command below and was able to ping the remote host.
docker network rm docker_gwbridge
Maybe try to leave the swarm and try,
docker swarm leave -f