When I start Docker, I am in a completely different space. The IP would be changed, and I get cut from my original network. Could I control the IP address, or change the configuration so that I can connect to other systems on my original network?
currently there is no good way to accomplish this… technically is outside the scope of what docker is trying to accomplish. I have struggled with this for years, and do not have a reliable solution. I have one miserable app that DEPENDS on direct communication, doesn’t support NAT, or gateways… direct connection between containers would make the app a super powerful component for effectively testing software…
I suppose swarm would work within the same network created by Docker. Can swarm communicate with outside?
yes, but the containers do it thru the hosts they are on, not directly
So there is no such functions as rsh, ssh, etc. between container and outside world.
eh? if you install ssh onto the container, you can ssh out… (if u have the commandline)
and it you install sshd on the container you can ssh in… BUT you have to use the HOST IP address
and ITS port… (can’t have 5 containers all wanting to use port 22 at the same time)…
so, its not ‘transparent’ this is what I mean by ‘direct’… the user has to KNOW that it a container on a host to initiate inbound connections…
Let me clarify my thought. Suppose my original IP is 100.1.1.1. Now I start Docker and the IP becomes 10.1.1.1. Then I cannot “see” (e.g., ping) 100.1.1.x. My question is can I ssh/rsh (or similar things) to 100.1.1.x from 100.1.1.x? It seems they are not reachable from each other.
For example, if I download an app in a container and the license server is on the original network. Can the app “see” the license server?
I was told this problem could be solved by namespace function of docker. Any comments on this?
in the docker model, the HOST is not important to the container, except as a transport, or data store.
100.1.1.1. Now I start Docker and the IP becomes 10.1.1.1.
so, to connect to 10.1.1.1 you need to map a port from 10.1.1.1 to 100.1.1.1 , for example, use arbitrary port 801 on the host, and send all the incoming traffic to the container on port 80, docker run parm -p 801:80
then from network outside 100.1.1.1, just connect to 100.1.1.1 using port 801.
the USER doesn’t know its a container, the container doesn’t KNOW where the traffic came from.
and tomorrow you could deploy ANOTHER of the SAME EXACT image to make another container on the SAME HOST at port 904, and now you have two of them running… try THAT with two instances of the same software (if you COULD install it twice on the same machine in two different folders…)
or how about two VERSIONS of the same software on the same host…
and, then you want to move it all to some other host… poof, same images, same rules, done…
sure… just networking THRU the host bridge…
Thanks for the tips. I will try these suggestions.
AFAIK, you have pretty much complete control over the IP space of the created containers. You don’t say if you are using plain docker run, docker compose or docker swarm. For instance, to control Docker Swarm, see the accepted answer here:
I am currently using plain docker run.