Docker networking on single host with compose

2020-07-17 07:56发布

站内问答 / Docker
747 1 2

I am trying to run docker networking with compose in docker 1.9. I know this is still experimental in 1.9, but I'd like to know if my use case could work.

Basically and to simplify, I have two servers, each one being in a container. Let's call them S1 and S2. S1 is exposed globally and must be accessible from S2. I want to run S2 through docker-compose with the --x-networking flag (the reason why I want this is that S2 is actually a bit more complexe than what is assumed here, having several containers, and I want them to run in a single subnetwork). S1 can run with or without compose.

What I understand from docker networks is that any container can reach other from the same network, or can reach anything that is "globally" exposed through host port mapping, right?

So my scenario is:

  • I start manually S1 with port mapping such as "-p 7210:7202" (7202 is exposed in dockerfile)
  • S2 is created from a simple compose file and gone up with flag --x-networking For my test case I just created a very minimalistic compose file, such as:
S2:
    build: .
    ports:
        - "8080:80"

Results:

  • S1 is NOT visible from S2 under "localhost" (this is quite expected)
  • S1 is NOT visible from S2 under "172.17.0.1" (= interface docker0)

I would have expected to be able to reach it under 172.17.0.1, since S1 uses docker0 as I understand.

Moreover, if I start S2 without compose but manually with "docker run", then I can access S1 using 172.17.0.1

So why doesn't it work with compose? Is it a limitation due to networking features being still experimental?

1条回答
孤傲高冷的网名
2楼-- · 2020-07-17 08:17

Note:

This is old content. The --x-networking has been removed in docker-compose 1.6. Additionally Docker compose has a new file format.

The documentation states that the networking feature is experimental in Docker compose.

Note: Compose’s networking support is experimental, and must be explicitly enabled with the docker-compose --x-networking flag.

It's Docker 1.9 that actually implements the new feature:

https://docs.docker.com/engine/userguide/networking/dockernetworks/

Perhaps an example would help.

Example

└── demo
    └── docker-compose.yml

I'm using docker 1.9.0 and docker-compose 1.5.0

docker-compose.yml

Declare two containers callled "web1" and "web2". Doesn't matter what image in this case I'm running tomcat.

web1:
  image: tomcat:8.0
  ports:
    - 8080
web2:
  image: tomcat:8.0
  ports:
    - 8080

Create the containers

Start this using docker compose

$ cd demo
$ docker-compose --x-networking up -d
Creating network "demo" with driver "None"
Creating demo_web2_1
Creating demo_web1_1

Note how a network called "demo" is created when you specified the new --x-networking parameter.

Demonstrate how discovery works

Each container is run on the "demo" network that was created and each container is placed as an entry in the other hosts file.

$ docker-compose ps 
   Name           Command       State            Ports          
---------------------------------------------------------------
demo_web1_1   catalina.sh run   Up      0.0.0.0:32773->8080/tcp 
demo_web2_1   catalina.sh run   Up      0.0.0.0:32772->8080/tcp 

$ docker exec -it demo_web1_1 cat /etc/hosts
..
172.18.0.2  demo_web2_1

$ docker exec -it demo_web2_1 cat /etc/hosts
..
172.18.0.3  demo_web1_1

Run an additional container outside of compose

Start another container, and specify you want it to be attached to the "demo" network:

$ docker run --net demo --name helloworld -d tomcat:8.0

And see how the hosts files in the other containers is updated automatically

$ docker exec -it demo_web1_1 cat /etc/hosts
..
172.18.0.2  demo_web2_1
172.18.0.4  helloworld

$ docker exec -it demo_web2_1 cat /etc/hosts
172.18.0.3  demo_web1_1
172.18.0.4  helloworld

$ docker exec -it helloworld cat /etc/hosts
172.18.0.2  demo_web2_1
172.18.0.3  demo_web1_1
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(2)