Docker Community Forums

Share and learn in the Docker community.

Connecting via VPN container and attaching / linking containers

docker

(Tarach) #1

Hi,

I have following containers VPN ( Client ), PHP and Nginx https://imgur.com/WXa03mB I need
PHP container to be able to connect to Machine 2 via VPN container but at the same time I need Nginx container to be able to connect to it.

I’ve been able to allow PHP to communicate via VPN using network_mode: "container:[container name/id]"
Unfortunately using this approach makes it impossible to use networks and links directive. Therefore Nginx cannot communicate with PHP.

How can I allow Nginx Container to communicate with PHP container ( for scripts processing ) and at the same time allow PHP container to use VPN from a separate container?

version: '2'
services:
    web:
        build:
          context: ../
          dockerfile: docker/nginx.Dockerfile
        image: 'nginx'
        working_dir: /opt/order
        volumes:
          - /opt/order:/opt/order
          - /opt/order/docker/site.conf:/etc/nginx/conf.d/site.conf
        links:
          - php # wont work because of different network
        environment:
          - VIRTUAL_PORT=80
          - VIRTUAL_HOST=order.test
        networks:
          - inside
          - outside
		  
    php:
        build:
          context: ../
          dockerfile: docker/php.Dockerfile
        image: 'php'
        working_dir: /opt/order
        volumes:
          - /opt/order:/opt/order
          - /opt/order/docker/site.conf:/etc/nginx/conf.d/site.conf
		network_mode: "container:vpn"
		
networks:
    outside:
      external:
        name: internal
    inside:
      driver: bridge

~Thanks

links network_mode https://docs.docker.com/compose/compose-file/#network_mode


(Tarach) #2

bump. I’m still stuck on this one :confused:


(Joffrey F) #3

Hi tarsch,

Just scrap the network_mode: container:... thing entirely. It’s a relic of the past before the whole networking revamp happened in Docker a few years ago. Instead, just make sure your containers are connected to the same network(s) if they need to communicate and that they have aliases that make them easily addressable and you should be fine.