Hi all
Newbie here and have the following requirement. Kindly help, if and when possible.
1.Have a Linux box with two netns namespaces, say ‘global’ and ‘protected’. The protected namespace hosts a service running at say, http port 10000. I have a vEth interface connecting the two namespaces - having 192.168.1.2 on the ‘global’ side and 192.168.1.1 on the ‘protected’ side. The service is running at http://192.168.1.1:10000.
2.I have full control of the Linux box with root permissions etc., but I host a third-party docker image in the ‘global’ namespace (docker image creation etc., is not under our control) but need for the docker instance (via, bash/curl) to reach the service running inside ‘protected’ namespace.
3.The docker container before being run, is provided environment variables and via that, we tell the docker application of the presence of the service at 192.168.1.1:10000. Since, I have control on the startup of the docker as well as the host Linux environment, can docker run be provided options to ‘see’ the localhost network in some way - I have heard of “–network” switch in docker command but not sure. Other could be some form of brctl options but not sure again and hence this query.
4.Caveat is that, I cannot modify the docker image during build or packaging as that is not under my control. Apart from that, I can try any other reasonable options.
Thoughts? Details of environment below.
Thanks in advance
SR
Client:
Version: 18.05.0-ce
API version: 1.37
Go version: go1.9.2
…
OS/Arch: linux/amd64
Experimental: false
Orchestrator: swarm
Server:
Engine:
Version: 18.05.0-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.9.2
…
OS/Arch: linux/amd64
Experimental: false