Questions tagged [docker-networking]
The docker-networking tag has no usage guidance.
79
questions
6
votes
2
answers
4k
views
Why is firewalld allowing public traffic to my non-public ports, bound to Docker containers?
I'm trying to implement a pretty simple firewall in Fedora, where the public internet can access SSH, HTTP, HTTPS and Cockpit, but nothing else. Meanwhile, the servers run microservices via Docker ...
- 191
6
votes
0
answers
3k
views
Docker on Ubuntu Server (Rasberry Pi) failed to create endpoint on network bridge, operation not supported [closed]
I am using Ubuntu 21.10 on a Rasberry Pi 4 (aarch64) and when I try to run a Docker (using version 20.10.7) container it returns the following error message:
docker: Error response from daemon: failed ...
- 69
4
votes
1
answer
681
views
Docker bridge network shadows IP of SSH client, how to recover gracefully?
We're running a RHEL 7 VM with Docker to host a couple of internal services. Last time I ran docker-compose up to spin up a new Docker container, I lost my SSH connection to the server and could also ...
- 51
3
votes
2
answers
5k
views
Docker Swarm. Containers in one overlay network but on different nodes can't reach each other via tcp
I have a docker swarm cluster with 12 nodes. Containers deployed on single node can reach each other fine via overlay network, but when they are deployed on different nodes, there are connectivity ...
- 71
3
votes
1
answer
315
views
What routing algorithm does the docker mesh use?
We want to know what algorithm the Docker mesh uses to route requests to containers. Here's why:
We deploy our applications to self-hosted docker swarms. We use the docker routing mesh to direct ...
- 675
2
votes
2
answers
3k
views
Unwanted masquerading in docker container
Although I have not added any iptables rules on the host or the two containers, packets from one docker container are modified and given the IP of the docker network gateway:
Container 1:
bash-5.0# ip ...
- 91
2
votes
2
answers
7k
views
can't initialize iptables table 'nat' under qemu
I am facing an issue while starting docker inside s390x container under qemu on Ubuntu 18.04 host running on amd64.
Steps followed (On amd64 host):
docker run --rm --privileged multiarch/qemu-user-...
- 21
2
votes
1
answer
903
views
Accessing different host's docker containers via portainer
I have a few containers (running various services) on my ubuntu server and i manage those containers via portainer, which is also one of these containers. I would like to also manage a pihole ...
- 23
2
votes
0
answers
274
views
Docker Swarm over IPSec VTI (Unifi site-to-site)
I have setup a Docker Swarm using 3 servers;
Master node
Home - local IP 192.168.178.250
Worker node 1
Remote - local IP 10.10.10.200
Worker node 2
Remote - local IP 10.10.10.250
Both sites have a ...
- 71
2
votes
1
answer
3k
views
Docker compose - disable default gateway route
Is it possible to prevent docker from defining default route when using docker-compose yaml file?
If my docker-compose.yaml defines network ipam with default driver and any subnet, seams like docker (...
- 175
1
vote
2
answers
8k
views
Set MacVLAN in Portainer to get IP from DHCP server
I have a Portainer VM with 3 interfaces attached (eth0-eth2).
I would like the containers to request IP from the DHCP Server that is located on each interface at x.x.x.1.
Lets take as an example eth0:
...
- 143
1
vote
1
answer
790
views
docker swarm container bind address other than 0.0.0.0
I got a multi-node docker swarm setup with the following interfaces:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:...
- 413
1
vote
0
answers
62
views
Why can I not connect to ipvlan l2 and macvlan networks on docker?
Macvlan
I have tried it on several computers and VM's.
I have tried activating promiscuous mode in all relevant computers and VM's. Related thread by me on Super User.
I have tried wireless and wired ...
- 19
1
vote
0
answers
2k
views
nftables rules to allow networked Docker containers on the same host to use their public URLs
I am running two Docker containers on the same host living in Docker the same bridge network, and I have nftables set up to restrict more or less all traffic (rules below).
My only problem (that I ...
- 250
1
vote
0
answers
175
views
Override hostname in all docker containers
My server has got a publicly accessible hostname, which obviously points to the public ip address of the network. This works great to access the server from elsewhere.
When using this hostname/public ...
- 1,104
1
vote
0
answers
261
views
Restricting docker zone to a single IP with firewall-cmd
I'm trying to restrict my docker exposed ports to a sigle outside IP.
docker (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: br-27117bc1fd93 br-2905af95cf3a br-53c93737f17d br-...
1
vote
0
answers
142
views
Docker Swarm Ports becomes non responsive
I am running a swarm cluster with only 3 masters. I have a few ports exposed across various services in the swarm. And an Nginx service running in all 3 nodes acts as a reverse proxy.
When I start the ...
- 11
1
vote
0
answers
21
views
Link docker container to a specific network interface [duplicate]
I am trying to start OpenVPN server for accessing resources on VPC network.
I have two network interfaces, public eth0 and VPC eth1. And an OpenVPN working in a docker container. But I want to use ...
- 11
1
vote
1
answer
3k
views
Still can't connect from my grafana docker container to prometheus
...after having followed a bunch of tutorials, e.g.
https://medium.com/@TimvanBaarsen/how-to-connect-to-the-docker-host-from-inside-a-docker-container-112b4c71bc66
I started the grafana container with:...
- 499
1
vote
0
answers
2k
views
Unable to use Docker DNS with nftables
I have a bind9 DNS container running on 10.64.128.53, which is on the docker network "servers" on the subnet 10.64.128.0/24. this works fine and if I run:
nslookup google.com 10.64.128.53
I ...
- 197
1
vote
1
answer
1k
views
Docker creates additional bridge in wrong IP range
I followed the answers here and changed the daemon.json to:
{
"bip": "10.200.0.1/24",
"default-address-pools": [
{ "base":"10.201.0.0/16",&...
- 111
1
vote
0
answers
1k
views
Can't curl Docker Containers
I'm trying to setup docker on a company VM on Ubuntu 20.04.
At first I couldn't even start the service because it seems there was a conflict with the pre-existing routes.
If I run the route command I ...
- 153
1
vote
0
answers
296
views
Docker expose a port of a container but restrict network access
I have a server A, and it runs a container B (say an SSH server). I want to allow people doing some computation on B that does not access the network.
Using docker run --publish=${MY_PORT}:22 ..., I ...
- 115
1
vote
1
answer
1k
views
docker - create two container got two different network id instead of using default bridge network
My goal was, that Jenkins container will "talk" with Ansible container in order to create Jenkins file for Jenkins pipeline.
I was expected that those two container will "join" to ...
- 97
1
vote
1
answer
336
views
Run docker in pre-exisiting network namespaces
I need to run a docker in a pre-existing namespace, which wasn't created by docker infrastructure. Is it possible to do ? I am aware of reusing another container option but as I mentioned the pre-...
- 175
1
vote
1
answer
670
views
Nextcloud can't connect to Collabora
i've setup a docker host, and wanted to setup nextcloud with collabora-office. But it simply does not find the collabora host. my compose file is the following:
version: '3.2'
services:
db:
...
- 11
1
vote
2
answers
2k
views
Cannot bind port 111 on docker on WSL2 on windows, but port is (apparently?) currently free
Setup
I have this setup:
Windows 10 pro with WSL2 with an Ubuntu 20.04 inside.
Inside the Ubuntu, I have a running docker engine that has been working perfectly for over during months, exposing ...
- 365
1
vote
1
answer
735
views
Docker network layer resolving container name to wrong IP adress
In a simplified example, I have 3 Docker containers located on 2 Docker networks:
Container_A : Connected to Network_1 and Network_2
Container_B : Connected to Network_1
Container_C : Connected to ...
1
vote
0
answers
357
views
Docker Swarm, how to access private services on overlay network from an external client
I'm building a micro-service system based on Docker Swarm. Some of these services must be accessible for company's internal use only, like administrative dashboards, DBs, etc.
Services are ...
- 111
1
vote
0
answers
151
views
Docker container communicate via a specific port oustide of Docker
So i'm currently facing the problem, that I'm not able to talk to a specific port, which is outside of my docker setup. To be exact:
As you can see in the docker-compose.yml down below, i'm running ...
- 11
1
vote
0
answers
49
views
External loadbalancer for docker swarm in Openstack Magnum
Does anybody know how to configure an external loadbalancer for docker swarm nodes in openstack magnum? Or is it possible?
0
votes
1
answer
2k
views
Remote mysql server in docker container - access using macvlan and wireguard?
Situation:
Several VPS servers around the US connected to my laptop via wireguard mesh network.
For wireguard mesh network Im using tool called innernet (https://github.com/tonarino/innernet).
So ...
- 133
0
votes
1
answer
2k
views
I have installed Jupyter-Lab inside a Docker container but I can't access the Jupyter web UI
Situation:
So I have installed Jupyter-Lab inside a Docker container in a VM on my network. I've then done a commit (I know this isnt the correct way to do things, I should use a Docker file).
I then ...
- 137
0
votes
2
answers
761
views
How to block access to a specific IP address from docker swarm services
I deployed my service with docker swarm in the Digital Ocean VPC.
I want to block access from the service to http://169.254.169.254/metadata/v1.json which is the metadata API for security reasons. ...
- 11
0
votes
1
answer
56
views
Access host's wireguard from Docker containers
I have a Debian server that has a Wireguard connection to a box sitting behind a NAT. The box has Wireguard IP 192.168.60.2 whereas the server has Wireguard IP 192.168.60.1. On the server, a few ...
- 103
0
votes
1
answer
469
views
Isolating Docker Bridge Network with VLANs
My network is isolated into a few different VLANs but I am struggling a little with the best way to achieve isolation of some docker containers running inside a custom bridge network. For the sake ...
- 103
0
votes
1
answer
867
views
Does bridge networking mode in ECS limit number of tasks on container instance
I have an EC2 registered to ECS cluster on which tasks can run. Originally I chose the awsvpc network mode so every task(container) had it's own ENI(IP). But I ran into limitation at https://docs.aws....
- 55
0
votes
0
answers
7
views
Apache proxy unable to reach Docker container despite port being exposed and open
I have the most basic Apache proxy setup ever which I can't get to work.
On a CentOS server I'm running a regular Apache/httpd setup which serves a few websites. Apache listens on port 80 and 443.
I ...
- 217
0
votes
0
answers
44
views
How to open UDP port in kubernetes?
I have a DeepStream application running inside a Kubernetes pod. The applications captures video from a camera using the RTSP protocol. The pod is not able to establish a UDP connection between the ...
0
votes
0
answers
62
views
docker failed to bind port on 0.0.0.0:443 on a macvlan network
I'm running into a problem that has be stumped, I simply don't understand why what is happening is... happening.
First of all, the situation;
I have 1 network running:
macvlan_network (configured as ...
- 101
0
votes
0
answers
47
views
Unable to nslookup any public website from docker container on ubuntu
I'm unable to dns resolve any public hostname from inside docker container running on Ubuntu:
e4e6b07dafb0:/# traceroute google.com
traceroute: bad address 'google.com
Tried to run the container with ...
- 157
0
votes
0
answers
39
views
Site is not accessible after deploying to the live server with docker
There is a web application, which is placed within a docker container. When I start the docker container using the docker compose locally - everything works fine. However, after deploying it to the ...
0
votes
1
answer
87
views
how to expose apache docker container on port 8080 rather than port 80
I have a webserver running on port 80 , however I need the site to be accessed using 172.16.21.2:8080 , regardless of what port mapping i specify it is always accessed using port 80. How can i make my ...
0
votes
0
answers
59
views
Requests between docker containers on same host using the public IP
I have a server with Docker and some containers executing. The host has a public ip and a service listening on port 80 from one of the containers.
If I try to wget the service using the public ip from ...
0
votes
0
answers
67
views
RTNETLINK answers: Invalid argument when adding route when creating a macvlan on a different subnet
I am using a Synology NAS linked to my network via ip 192.168..13 on Eth1. Now I want to instate a Macvlan on it so I can provide my docker containers with their own ip and full range of ports.
My ...
- 101
0
votes
0
answers
33
views
Restrict docker containers to listen to local subnet access only
I saw this: https://stackoverflow.com/questions/56053824/how-to-restrict-that-a-docker-container-only-listens-connection-from-localhost:
docker run -p 127.0.0.1:8080:8080 your_image_name
But I want ...
- 19
0
votes
0
answers
72
views
In a GitLab runner SSH to local network that has IP as default Docker Bridge IP
I have a GitLab Pipeline based on the python:3.10.11 image. The runner needs access to a local network that is on 172.17.0.0 via SSH/Paramiko. But it is unable to connect to the newtwork, when the ...
- 101
0
votes
1
answer
478
views
How to forward (inside a container) requests from 0.0.0.0 to 127.0.0.1
Looking for a solution on how to forward the requests from 0.0.0.0:9222 --> 127.0.0.1:9222 inside a container
I am using a docker container with google-chrome-stable installed for running visual ...
- 171
0
votes
0
answers
206
views
Docker bridge host gateway doesn't work
My default bridge network isn't working properly.
So I spinned up 2 containers, one is for mongodb and one is for ubuntu.
These are the commands:
docker run -d ubuntu bash
docker run -d -p 27017:...
0
votes
1
answer
3k
views
How do I set up Wireguard in Docker with lan access
I'm trying to set up a VPN server with wireguard.
I have the following setup in docker compose:
version: "3.1"
services:
wireguard:
image: linuxserver/wireguard
cap_add:
- ...
- 183