Pages

Sunday, August 5, 2018

Container Networking - 3

So now we have seen how containerised applications can be accessed using the dockerO bridge on one single host , but how does containers running on 2 different hosts will be accessed.

 Before moving into how 2 containers talk to each other on two different hosts, let's see how two containers can be linked to each other,
Container - Container linking 
Docker provides us an easy way to link one container with another. The --link flag allows to connect any number of docker containers without the need to expose containers internal ports to the outside world. Start the first sandbox1 container using,
[root@manja17-I13330 ~]# docker run -it --name=sandbox1 docker.io/jagadesh1982/testing-service /bin/bash
root@9cb2d169d553:/usr/src/app# hostname -I
172.17.0.3
root@9cb2d169d553:/usr/src/app# ip link list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
110: eth0@if111: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
    link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
root@9cb2d169d553:/usr/src/app#
Get the Ip address from the first sandbox1 using the hostname -I command. Start the second container sandbox2 linking this container to the sandbox1 by using the link flag as,
[root@manja17-I13330 ~]# docker run -it --name sandbox2 -h sandbox2 --link sandbox1:sandbox1 docker.io/jagadesh1982/testing-service /bin/bash
root@sandbox2:/usr/src/app# hostname -I
172.17.0.4
root@sandbox2:/usr/src/app# cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3      sandbox1 9cb2d169d553
172.17.0.4      sandbox2
root@sandbox2:/usr/src/app# ping sandbox1
PING sandbox1 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: icmp_seq=0 ttl=64 time=0.308 ms
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.114 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.109 ms
^C--- sandbox1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.109/0.177/0.308/0.093 ms
We can see that the first sandbox1 containers details including Ip address are added to the /etc/hosts file in the second container ( sandbox2 ). We can also ping the sandbox1 from sandbox2 at any point once we link the containers. If we run a env command in the second container , we can see
root@sandbox2:/usr/src/app# env
HOSTNAME=sandbox2
GPG_KEY=C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
TERM=xterm
SANDBOX1_ENV_PYTHON_VERSION=2.7.14
SANDBOX1_ENV_PYTHON_PIP_VERSION=10.0.1
PYTHON_VERSION=2.7.14
PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/usr/src/app
LANG=C.UTF-8
SANDBOX1_ENV_GPG_KEY=C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
PYTHON_PIP_VERSION=10.0.1
SHLVL=1
HOME=/root
SANDBOX1_NAME=/sandbox2/sandbox1
SANDBOX1_ENV_LANG=C.UTF-8
These variables give us details about the first container. The services running on a port in sandbox1 can now be accessed using the env variables that are available in the second container (sandbox2).
Container network mode
In this mode of networking, docker forces to reuse the networking namespace of another container.  This is used to let one container consume the network space of the another container. Lets see how the container network mode will be used,
Create a container named sandbox1 as,
[root@manja17-I13330 ~]# docker run -it --name=sandbox1 docker.io/jagadesh1982/testing-service /bin/bash
root@1a6cf6a9c578:/usr/src/app# hostname -I
172.17.0.2
root@1a6cf6a9c578:/usr/src/app# ip link list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
120: eth0@if121: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
root@1a6cf6a9c578:/usr/src/app# 
If we see the container details, we can see the IP address as well as the network details even. Now start another container by attaching the network space of the first container sandbox1 as below,
[root@manja17-I13330 ~]# docker run -it --net=container:1a6cf6a9c578 docker.io/jagadesh1982/pingpong-java /bin/bash
root@1a6cf6a9c578:/# ifconfig
bash: ifconfig: command not found
root@1a6cf6a9c578:/# hostname -I
172.17.0.2
root@1a6cf6a9c578:/# ip link list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
120: eth0@if121: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
Now if we see above , the network space is same as well as ip address and other details even.


By
Labels: , ,

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )