Communicating between Docker containers in different networks on the same host Communicating between Docker containers in different networks on the same host docker docker

Communicating between Docker containers in different networks on the same host


docker containers docker-networking

Containers in different networks can not communicate with each other because iptables drop such packets. This is shown in the DOCKER-ISOLATION-STAGE-1 and DOCKER-ISOLATION-STAGE-2 chains in the filter table. 

    sudo iptables -t filter -vL

Rules can be added to DOCKER-USER chain to allow communication between different networks. In the above scenario, the following commands will allow ANY container in mynetwork1 to communicate with ANY containers in mynetwork2.

The bridge interface names of the network (mynetwork1 and mynetwork2) need to be found first. Their names are usually look like br-07d0d51191df or br-85f51d1cfbf6 and they can be found using command "ifconfig" or "ip link show". Since there are multiple bridge interfaces, to identify the correct ones for the networks of interest, the inet address of the bridge interface (shown in ifconfig) should match the subnet address shown in command 'docker network inspect mynetwork1' 

    sudo iptables -I DOCKER-USER -i br-########1 -o br-########2 -j ACCEPT    sudo iptables -I DOCKER-USER -i br-########2 -o br-########1 -j ACCEPT

The rules can be fine tuned to allow only communications between specific IPs. E.g, 

    sudo iptables -I DOCKER-USER -i br-########1 -o br-########2 -s 172.17.0.2 -d 172.19.0.2 -j ACCEPT    sudo iptables -I DOCKER-USER -i br-########2 -o br-########1 -s 172.19.0.2 -d 172.17.0.2 -j ACCEPT

docker containers docker-networking

Issue

Two containers cannot communicate because there are not on the same network.

Solution a)

Connect one container into the other network overlay (this may not meet the constraint you have).

Solution b)

Create a third network and plug both containers into this network.

How to

The command docker run accept only one occurrence of the option --net, what you have to do is to docker start the containers and then to docker network connect them to a shared network.

The answer you are looking for is here: https://stackoverflow.com/a/34038381/5321002

docker containers docker-networking

According to Docker Docs Containers can only communicate within networks but not across networks You can attach a container to two networks and be able to communicate that way.

edit: Although at that point why have two networks in the first place.

Here's the link:

https://docs.docker.com/engine/userguide/networking/dockernetworks/

-Bruce

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last