зеркало из
https://github.com/iharh/notes.git
synced 2025-10-29 20:56:06 +02:00
52 строки
1.7 KiB
Plaintext
52 строки
1.7 KiB
Plaintext
for gluetun
|
|
https://stackoverflow.com/questions/59340558/route-docker-container-traffic-through-a-vpn-container
|
|
for nginx-proxy
|
|
https://github.com/nginx-proxy/nginx-proxy
|
|
https://github.com/nginx-proxy/docker-gen
|
|
http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/
|
|
|
|
2023
|
|
https://blog.bartzz.com/how-to-route-docker-container-through-another-container/
|
|
--network container:<name>
|
|
network_mode: service:<name>
|
|
|
|
FROM ubuntu:20.04
|
|
RUN apt-get update && apt-get install -y \
|
|
iproute2 iptables openvpn
|
|
CMD ["sh"]
|
|
|
|
docker build -t my-router .
|
|
docker run --cap-add=NET_ADMIN --device /dev/net/tun -d --name my-container my-router
|
|
# --device list Add a host device to the container
|
|
# --privileged --net=host
|
|
|
|
docker exec -it my-container bash
|
|
echo 1 > /proc/sys/net/ipv4/ip_forward
|
|
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
|
|
# if NAT is needed, where eth0 - output inet device
|
|
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
exit
|
|
|
|
# at host
|
|
docker inspect my-container | grep '"IPAddress"'
|
|
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container_name
|
|
CONTAINER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' my-container)
|
|
# something like 172.17.0.2
|
|
|
|
ip route add default via <IP_CONTAINER> dev docker0
|
|
|
|
******************************************
|
|
|
|
docker bridge network does not support fixed ip-addresses
|
|
docker network create \
|
|
--subnet=192.168.1.0/24 \
|
|
my_custom_network
|
|
|
|
docker run --rm -dit \
|
|
--net my_custom_network \
|
|
--ip 192.168.1.100 \
|
|
--name my_container \
|
|
nginx
|
|
|
|
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' my_container
|