Hi,
I’ve currently run a few containers through a vpn container.
One thing I noticed is that if I compose the containers with
network_mode: service: vpn
I cannot reach the web ui via their respective ports from inside the container but using
network_mode: container: vpn
I can reach them.
If I curl from inside the container to check the IP both run through the vpn container.
It also isn’t providing more safety as it seems as I use one compose file for the vpn and all the containers that should network through is and use the
depends on: vpn
variable so it creates the vpn container first and then the others. It also seems that there is no connectivity at all if the vpn container isn’t running, so the “killswitch” also works.
So what’s the point of using network_mode: service instead of network_mode: container or what are the exact differences?
A docker service is more a docker cluster related feature, where you have the possibility to scale your service to more nodes.
If the compose file you found was build for docker swarm, thats why it dosnt work as expected, instead you should then use docker stack deploy…
Or you can convert it to work with network container
Funnily enough in his example using docker run he uses the --net=container:vpn whereas in his compose example he uses network_mode: service: vpn (in a case in which he deploys another container together with the vpn container as a stack which I did, too).
I’m no programmer, I learned a tiny bit of php in engineering school lol, but that just didn’t work out for me (webuis of the containers couldn’t be reached from within the network) so I tinkered around an then used network_mode: container: vpn which worked as expected.
Now I just wanted to know what the differences are.
