R
R
Rollex2020-07-26 08:12:22
Docker
Rollex, 2020-07-26 08:12:22

Docker internet access through another container?

How to create a network via docker-compose between two containers so that container A can access the internet through container B?
Container B will have redsocks which will collect all traffic coming into it and send it to the proxy server.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
S
shurshur, 2020-07-26
@shurshur

If you need to wrap traffic not through a regular gateway in a regular docker network, but through one of the containers, then this can still be done using a system of props and stretch marks.
1. Add to container configuration:

cap_add:
  - NET_ADMIN

This is necessary because, by default, networking cannot be configured inside a container. Well, redsocks, most likely, may not work without it.
2. In the script inside the first container or in the entrypoint, add the route specification: It
ip route replace default via IP_другого_контейнера
is better to fix the IP of the second container. Or, as an option, recognize it through dig (here the container has the name router, and you need to allow access to it through the links parameter):
ip route add default via `dig +short router`
3. In the router container, you need to configure nat and forwarding. More or less like this:
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -s 172.18.0.0/24 -j MASQUERADE

Here you can also use some commands to guess the desired network, so as not to be tied to fixed IPs. For example, like this:
network=$(ip route list|grep scope\ link|cut -d ' ' -f 1)

Well, in general, such manipulations are hardly a good practice. It is better to immediately lay in the developed software native work through a proxy, if necessary.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question