Enable Networking between Docker Containers and Vagrant

General
1

I’m attempting to create an environment with two Vagrant-administered VMs. One of the VMs hosts several Docker containers (“docker_host”). I need network connectivity between the VM not hosting Docker (“server”) and the Docker containers. I have connectivity between the VMs, between the Docker host VM and the containers, between containers, and between the “server” VM and the Docker virtual gateway for the containers’ Docker network.

My Vagrant VMs are addressed in the 10.1.10.0/24 subnet. My containers are in 10.1.1.0/24 (as well as some other container-specific subnets to isolate service-specific databases from outside access). Those subnets can change, but I can’t put the VMs or containers on the host’s subnet, as is suggested here.

I have manually added a routing rule for the 10.1.1.0/24 subnet to the “server” VM. The routing tables are shown below the Vagrantfile and docker-compose file.

Does anyone have suggestions on how to get the containers accessible from the “server” VM? How do I configure the “docker_net” network’s gateway to forward external traffic?

Vagrantfile:

Vagrant.configure("2") do |config|

  config.vm.define "docker_host" do |host|

    host.vm.box = "bento/centos-7.2"
    host.vm.box_check_update = false

    host.vm.synced_folder ".", "/vagrant", disabled: true
    host.vm.synced_folder "config/", "/home/vagrant/.config"
    host.vm.synced_folder “sync/“, "/home/vagrant/sync”

    host.vm.network "forwarded_port", guest: 8080, host: 8080
    host.vm.network "forwarded_port", guest: 8443, host: 8443

    host.vm.network "private_network", ip: "10.1.10.2"

    host.vm.hostname = "docker_host"
    host.vm.define "docker_host"

    host.vm.provision "docker"

    # configure the Docker containers/etc. with Ansible
    host.vm.provision "ansible_local" do |ansible|
      ansible.playbook = "playbook.yml"
      ansible.provisioning_path = "/home/vagrant/.config/ansible"
    end

    host.ssh.forward_agent = true

  end

  
  config.vm.define "server" do |server|

    server.vm.box = "server_box"
    server.vm.box_check_update = false

    server.vm.network "forwarded_port", guest: 8443, host: 8444

    server.vm.network "private_network", ip: "10.1.10.3"

    server.vm.hostname = "server"
    server.vm.define "server"

    # the server image isn't configured for/with SSH, so this speeds up `vagrant up`
    server.vm.boot_timeout = 1

  end

end

docker-compose.yml:

version: '3.2'

services:

  # Container to check if container5-db is up before allowing container5 to start
  # Design from Dariusz Pasciak, https://8thlight.com/blog/dariusz-pasciak/2016/10/17/docker-compose-wait-for-dependencies.html
  start-dependencies:
    image: dadarek/wait-for-dependencies
    depends_on:
      - container5-db
      - container3
    command: container5-db:27017 container3:3306
    networks:
      container5_net:
        ipv4_address: 10.1.2.99

  container1:
    build:
      context: sync/container1
      dockerfile: Dockerfile
    networks:
      docker_net:
        ipv4_address: 10.1.1.2
    extra_hosts:
      - "server:10.1.10.3"
    ports:
      - 8080:8080
      - 8443:8443

  container2:
    build:
      context: sync/container2
      dockerfile: Dockerfile
    networks:
      container2_net:
        ipv4_address: 10.1.0.2
    extra_hosts:
      - "server:10.1.10.3"
    volumes:
      - type: bind
        source: ./sync/container2/
        target: /usr/local/bin

  container3:
    build:
      context: sync/container3
      dockerfile: Dockerfile
    environment:
      - MYSQL_DATABASE=database
      - MYSQL_ROOT_PASSWORD=secret
    networks:
      flaresuite_net:
        ipv4_address: 10.1.1.3
    extra_hosts:
      - "server:10.1.10.3"

  container4:
    build:
      context: sync/container4Java
      dockerfile: Dockerfile
    networks:
      flaresuite_net:
        ipv4_address: 10.1.1.4
    extra_hosts:
      - "server:10.1.10.3"

  container5:
    build:
      context: sync/container5
      dockerfile: container5.Dockerfile
    networks:
      flaresuite_net:
        ipv4_address: 10.1.1.5
      container5_net:
        ipv4_address: 10.1.2.2
    extra_hosts:
      - "container5-db:10.1.2.3"
      - "server:10.1.10.3"

  container5-db:
    image: mongo
    networks:
      container5_net:
        ipv4_address: 10.1.2.3
    ports:
      - "27017:27017"
    command: mongod

networks:
  container2_net:
    ipam:
      config:
        - subnet: 10.1.0.0/24

  docker_net:
    ipam:
      config:
        - subnet: 10.1.1.0/24

  container5_net:
    ipam:
      config:
        - subnet: 10.1.2.0/24

Routing table on “docker_host”:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG    100    0        0 enp0s3
10.0.2.0        0.0.0.0         255.255.255.0   U     100    0        0 enp0s3
10.1.0.0        0.0.0.0         255.255.255.0   U     0      0        0 br-69cebfa3367f
10.1.1.0        0.0.0.0         255.255.255.0   U     0      0        0 br-9b1d3bebf9bb
10.1.2.0        0.0.0.0         255.255.255.0   U     0      0        0 br-b026f00efa6d
10.1.10.0       0.0.0.0         255.255.255.0   U     0      0        0 enp0s8
169.254.0.0     0.0.0.0         255.255.0.0     U     1003   0        0 enp0s8
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0

Routing table on “server”:

Kernel IP routing table
Destination   Gateway    Genmask Flags   Metric Ref Use Iface
10.1.10.0     0.0.0.0    255.255.255.0    U 0 0 0 eth0
10.1.1.0      10.1.10.2  255.255.255.0    U 0 0 0 eth0
169.254.0.0   0.0.0.0    255.255.0.0        U 1003 0 0 eth0
0.0.0.0       10.1.10.1  0.0.0.0 UG 0 0 0 eth0