Using duplicated dockers with 2 different IPv4 addresses

amstel · February 27, 2023, 9:53pm

Hi,

using Docker version 23.0.0 (API version 1.42).
using Ubuntu 20.04.5 LTS (GNU/Linux 5.4.0 x86_64).

my network config shows that I have got 2 public IPv4s (and I would like to use both of them for 2 duplicated containers/dockers, so each will use a different IP).

the network config is:

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:9d:76:07:42 txqueuelen 0 (Ethernet)
RX packets 520889 bytes 74507880 (74.5 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 509268 bytes 281414710 (281.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

venet0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP> mtu 1500
inet 127.0.0.1 netmask 255.255.255.255 broadcast 0.0.0.0 destination 127.0.0.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 0 (UNSPEC)
RX packets 1667193 bytes 709308452 (709.3 MB)
RX errors 0 dropped 3 overruns 0 frame 0
TX packets 1726381 bytes 204244032 (204.2 MB)
TX errors 0 dropped 4278 overruns 0 carrier 0 collisions 0

venet0:0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP> mtu 1500
inet xx.xx.xx.xx netmask 255.255.255.0 broadcast 2.56.116.255 destination xx.xx.xx.xx
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 0 (UNSPEC)

venet0:1: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP> mtu 1500
inet xx.yy.yy.yy netmask 255.255.255.0 broadcast 45.150.19.255 destination xx.yy.yy.yy
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 0 (UNSPEC)

veth559a670: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 96:af:3d:01:71:85 txqueuelen 0 (Ethernet)
RX packets 32074 bytes 3151758 (3.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 31990 bytes 13192381 (13.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

veth7f7dab2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 0e:ab:7c:6a:44:82 txqueuelen 0 (Ethernet)
RX packets 16102 bytes 21980784 (21.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 21922 bytes 4579149 (4.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

vethbd21ca5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 6a:cf:1b:6c:d7:f3 txqueuelen 0 (Ethernet)
RX packets 59714 bytes 8580337 (8.5 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 70255 bytes 28744673 (28.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

right now when I install the 2nd docker, it uses the same default IPv4 (venet0:0).
how do I force the 2nd to use the other IP? (venet0:1)

Thank you!

rimelek · February 28, 2023, 12:13am

Please, explain what you mean by “install the second docker”.

Docker is the app that runs containers. It does matter which one you are talking about.

Again, what do you mean by “use”? Do you want two different containers to be available on different IP addresses but on the same port? Do you want the outgoing traffic to go through different network interfaces so remote servers see different IPs?

amstel · February 28, 2023, 7:30am

Thanks for replying.

Yes, I want to run two instances of the same container.
each with its own data, own name and also own IP address.

Do you want the outgoing traffic to go through different network interfaces so remote servers see different IPs?
Yes, outgoing and incoming data should be directed in different interface, so each will use a different IP.

Thanks.

rimelek · February 28, 2023, 9:28pm

You can’t run two instances of a container. A container is an instance of an image if you want to call it that. It’s like an object is an instance of a class in programming.

I am still guessing, but maybe macvlan or ipvlan is what you are looking for, but I don’t see the point of using that. Since it seems you are still learning the concepts, can you explain what you want to achieve? Every container has its own ip address (let’s not complicate it with the expceptions for now) and you can run multiple apps on one machine, you don’t need a LAN ip for the containers as you don’t have a LAN ip for every process running on your machine. A container is just a process with an additional isolation…

amstel · February 28, 2023, 9:42pm

Thanks for replying.

I would like to run 2 containers of the same image, but each will get a different external IPv4.

for example,
running 2 containers of ‘owncloud’,
each will have its own database and own IPv4.
btw, I need to use the IP and not ngix with hostnames.

rimelek · March 1, 2023, 11:06pm

Then as I mentioned, you want macvlan.

Although you don’t need a special network to simply asssign two ip addresses to the host and access the containers on different ip addresses by forwarding ports to the containers from specific ip addresses. It would not affect outgoing traffic though.

amstel · March 5, 2023, 9:58am

Hello,
I have found a solution for this situation,
does not invole macvlan nor ipvlan.

just putting if here if someone will ever need it:

Step 1

# Creating 2 different local networks (nw1 & nw2)
# and then route it via the desired IP addresses
sudo docker network create --driver bridge --subnet=172.18.0.2/16 --ip-range=172.18.0.2/16 nw1
sudo iptables -t nat -I POSTROUTING -p all -s 172.18.0.2/16 ! -o bridge -j SNAT --to-source FIRST_IPv4

sudo docker network create --driver bridge --subnet=172.19.0.2/16 --ip-range=172.19.0.2/16 nw2
sudo iptables -t nat -I POSTROUTING -p all -s 172.19.0.2/16 ! -o bridge -j SNAT --to-source SECOND_IPv4

Step 2

# run the docker with '--net', for example:
docker run -dt --name my_docker_name1 --net=nw1 --restart=unless-stopped docker_image_name
docker run -dt --name my_docker_name2 --net=nw2 --restart=unless-stopped docker_image_name