Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
H
H
hostadmin2019-05-01 20:28:42
Docker
hostadmin, 2019-05-01 20:28:42

How can a group of containers, in docker-compose, be associated with one of the host's external IPs?

There is a classic bunch of nginx/php-fpm/mariadb/postfix containers configured in docker-compose. So, the task is to associate this group with a specific external IP of the host machine, so that the IP is connected not only to the input, but also to the "exit".
NGINX is now set up simply:

ports: 
               - ext_ip:80:80
               - ext_ip:443:443

Everything is working. But if you request something from the Internet from the script or send a letter with postfix, then the source ip will be the main ip of the host, but you need to specify an additional ip of the host.
I understand that I need to configure the network in docker-compose, but I don’t understand how exactly. All examples from Google offer a variant with static ip of the containers themselves, but I need exactly the ip of the host.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
H
hostadmin, 2019-05-04
@hostadmin

In short, I found a solution.
I use ipv6, so there are some nuances. The version of docker-compose must be from the 2.x series, as in version 3, the enable_ipv6 setting is not yet available. You also need to add the robbertkl/ipv6nat container to help with ipv6 operation.
___IPv6___ is your external ip v6
___IPv4___ is your external ip v4
In docker-compose.yml,:

version: '2.4'
services:
#...
  ipv6nat:
    container_name: ipv6nat
    restart: always
    image: robbertkl/ipv6nat
    privileged: true
    network_mode: host
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /lib/modules:/lib/modules:ro

networks:
  default:
    driver: bridge
    driver_opts:
      com.docker.network.bridge.host_binding_ipv4: "___IPv4___"
      com.docker.network.bridge.enable_ip_masquerade: "false"
      com.docker.network.bridge.host_binding_ipv6: "___IPv6___"
    enable_ipv6: true
    ipam:
      driver: default
      config:
#наши ip, которые будут выдаваться контейнерам, указанным внутри docker-compose
      - subnet: 172.16.238.0/24
      - subnet: 2001:3984:3989::/64

Next, in iptables (and ip6tables), you need to write the following rules:
Where __NETWORKNAME__ is the name of the network that docker-compose creates on startup. By default it looks like %username% _default
PS. Do not forget that after rebooting the host, the iptables rules will disappear, so you need to provide for their introduction when the host boots.

Similar questions
M
Mark Ivanych2017-08-09 19:57:50
How to connect SphinxQl to Spring? 1Reply
V
Viktor Yanyshev2017-08-10 18:04:54
Is it possible to somehow indicate the use of php from the docker container for a specific project? 1Reply
G
German2020-01-15 17:57:16
Is my server running in a docker container? 1Reply
C
Crash XD2020-01-17 09:32:36
Should I store docker-compose in VCS? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question