EU-Vietnam Business Network (EVBN) > Noindex > connect a docker container to a local network

connect a docker container to a local network

What I am trying to do

I am trying to make my container available to network to all the devices not just the docker host.

Information

  • My network subnet is 9.158.143.0/24
  • my gateway is 9.1158.143.254
  • my docker host IP is 9.158.143.52 primary interface (ens160)
  • and my container IP is 9.158.143.65
  • docker-pid is docker process id
  • docker id is docker ip

What I am trying to do

I am trying to make my container available to network to all the devices not just the docker host.

I want to make the docker config such that the docker can be accessed(ssh in my case) from anywhere within my network.

Steps followed so far

  1. Start by creating a new bridge device.

    • brctl addbr br-em1

    • ip link set br-em1 up

  2. add this device to your bridge

    • brctl addif br-em1 ens160

  3. Configure the bridge with the address that used to belong to ens160

    • ip addr del 9.158.143.52/24 dev ens160

    • ip addr add 9.158.143.52/24 dev br-em1

  4. move default route to the bridge

    • ip route del default
    • ip route add default via 9.158.143.254 dev br-em1

Till this point everthing works. docker host has network connectivity.

  1. docker run -itd –name web ubuntu

  2. Create a veth interface pair:

    • ip link add web-int type veth peer name web-ext

  3. brctl addif br-em1 web-ext

  4. And add the web-int interface to the namespace of the container:

    • ip link set netns $(docker-pid web) dev web-int

  5. nsenter -t $(docker-pid web) -n ip link set web-int up

  6. nsenter -t $(docker-pid web) -n ip addr add 9.158.143.65/24 dev web-int

Till now veth is created inside docker container and internet is working inside container.

  1. nsenter -t $(docker-pid web) -n ip route del default

  2. nsenter -t $(docker-pid web) -n ip route add default via 9.158.143.254 dev web-int

The problem

These are the steps followed.after last 2 steps the internet stops working withing container. I am not able to ping docker host machine from any other machine in the network(which beforehand was working).

Is there any iptables rule which need to be added apart from these steps.
If so please help.

PS: my docker0 ip is 172.17.0.1
Link used: http://blog.oddbit.com/2014/08/11/four-ways-to-connect-a-docker/
(with linux bridge devices)

Ubuntu image used has ssh service up and running.

Bài viết liên quan
Bài viết mới
Thể Thao nổi bật