Do i always need to use the --link command to link to containers to one another or can i just ping the ip of the 2nd container from the 1st container.
Example:
Container 1 running mysql (tcp 3306) : ip 10.0.0.7
Container 2 running lamp : ip 10.0.0.8
can 0.8 not just directly connect to 0.7 they are on the same bridge ?
Thanks once again for the help
Regards
Hareem Haque
It depends even on your network topology.
If you choose "secure" setup with --icc=false you will have to use --link for dockers to communicate.
Documentation at [1] explains it.
Link:
[1] - https://docs.docker.com/articles/networking/#communication-between-containers
Regards
Paolo
Basically, I added --icc=true to my docker opts and restarted docker. I just ran a test connecting a php container to a mysql container without using --link. Everything works great. I see no error. I can now easily connect containers together via bridge ip address.
If you want to connect containers on different hosts, the best option available right now is using Weave:
https://github.com/zettio/weave
Another is Open vSwitch, but it's too messy for my taste. Docker's acquisition of SocketPlane could result in something usable, but we are not there yet. I would go with Weave.
Related
I have a MySQL instance running in a docker container, available on my host system at port 3333. I already tested the connection via the MySQL workbench to verify, that the user I created is able to login to the SQL server.
I also have a wikijs (installation guide found here) instance running in a container.
I have provided all the required environment variables, including the information of the user I already tested, but the container always says that the connection was refused.
Does anybody have an idea on what the problem is?
No information does not help solving your problem but a wild guess:
By default docker containers are joining a virtual network separate from host named bridge.
You can't reach host by localhost or 127.0.0.1, because this is pointing to your docker container itself. To reach host directly either let container use hosts IP by --network=host (with some disadvantages) or use host.docker.internal as DNS-Name instead of an IP.
BUT you should not take the way over host, connect directly to the mySQL-container by using the alias or IP or the container. You'll get that by docker inspect <containername>. No need to map ports then..
Kindly try adjusting the port to 3306 and see if it works
I read all I could find, but documentation on this scenario is scant or unclear for podman. I have the following (contrived) ROOTLESS podman setup:
pod-1 name: pod1
Container names in pod1:
p1c1 -- This is also it's assigned hostname within pod1
p1c2 -- This is also it's assigned hostname within pod1
p1c3 -- This is also it's assigned hostname within pod1
pod-2 name: pod2
Container names in pod2:
p2c1 -- This is also it's assigned hostname within pod2
p2c2 -- This is also it's assigned hostname within pod2
p2c3 -- This is also it's assigned hostname within pod2
I keep certain containers in different pods specifically to avoid port conflict, and to manage containers as groups.
QUESTION:
Give the above topology, how do I communicate between, say, p1c1 and p2c1? In other words, step-by-step, what podman(1) commands do I issue to collect the necessary addressing information for pod1:p1c1 and pod2:p2c1, and then use that information to configure applications in them so they can communicate with one another?
Thank you in advance!
EDIT: For searchers, additional information can be found here.
Podman doesn't have anything like the "services" concept in Swarm or Kubernetes to provide for service discovery between pods. Your options boil down to:
Run both pods in the same network namespace, or
Expose the services by publishing them on host ports, and then access them via the host
For the first solution, we'd start by creating a network:
podman network create shared
And then creating both pods attached to the shared network:
podman pod create --name pod1 --network shared
podman pod create --name pod2 --network shared
With both pods running on the same network, containers can refer to
the other pod by name. E.g, if you were running a web service in
p1c1 on port 80, in p2c1 you could curl http://pod1.
For the second option, you would do something like:
podman pod create --name pod1 -p 1234:1234 ...
podman pod create --name pod2 ...
Now if p1c1 has a service listening on port 1234, you can access that from p2c1 at <some_host_address>:1234.
If I'm interpreting option 1 correctly, if the applications in p1c1 and p2c1 both use, say, port 8080; then there won't be any conflict anywhere (either within the pods and the outer host) IF I publish using something like this: 8080:8080 for app in p1c1 and 8081:8080 for app in p2c1? Is this interpretation correct?
That's correct. Each pod runs with its own network namespace
(effectively, it's own ip address), so services in different pods can
listen on the same port.
Can the network (not ports) of a pod be reassigned once running? REASON: I'm using podman-compose(1), which creates things for you in a pod, but I may need to change things (like the network assignment) after the fact. Can this be done?
In general you cannot change the configuration of a pod or a
container; you can only delete it and create a new one. Assuming that
podman-compose has relatively complete support for the
docker-compose.yaml format, you should be able to set up the network
correctly in your docker-compose.yaml file (you would create the
network manually, and then reference it as an external network in
your compose file).
Here is a link to the relevant Docker documentation. I haven't tried this myself with podman.
Accepted answer from #larsks will only work for rootful containers. In other words, run every podman commands with sudo prefix. (For instance when you connect postgres container from spring boot application container, you will get SocketTimeout exception)
If two containers will work on the same host, then get the ip address of the host, then <ipOfHost>:<port>. Example: 192.168.1.22:5432
For more information you can read this blog => https://www.redhat.com/sysadmin/container-networking-podman
Note: The above solution of creating networks, only works in rootful mode. You cannot do podman network create as a rootless user.
I have:
Zabbix server (computer A)
Zabbix agent (computer B)
Mysql (computer B)
But all of this components work inside Docker containers. How could I monitor Mysql by Zabbix in this case?
I saw this page (https://www.zabbix.com/integrations/mysql). But i think, this won't work in my case.
You can definitely use "Template DB MySQL by Zabbix agent":
if the Zabbix Agent is not dockerized:
and the MySQL port is published/mapped:
just follow the instructions.
else:
map the port, and follow instructions.
else:
check that mysql client is present in the docker image, add it if missing
link that container to the MySQL container, and follow instructions.
I have a MySql container and another docker container with Jython app.
Inside Jython app - this is a connection string to connect to MySql (it works on host):
mysql_url_string jdbc:mysql://localhost/...
This does not work with 2 docker containers (1 Mysql, 2 Jython app).
What IP address I should use for connection string (instead of localhost)?
Thanks.
Instead of using an IP address (as they may change unless you specifically define network configuration), you can simply link the 2 containers together and refer to them by container name.
version: "3"
services:
mysql:
container_name: mysql
image: somethingsomething/mysql:latest
jython
container_name: jython
image: somethingsomething/jython:latest
links:
- mysql
environment:
jdbc_url: jdbc:mysql://mysql:3306
This linking can also be done via CLI (see: https://linuxconfig.org/basic-example-on-how-to-link-docker-containers)
If you simply must use IP addresses, you can obtain the IP address after linking by checking the /etc/hosts files inside the containers.
Edit Note:
There are alternative ways to approach this without 'linking' but without need more detailed information for how your containers are set up already it's difficult to provide this.
i.e. whether they are standalone containers on host network or bridged network, or created as a docker service with an overlay, or something else!
The different scenarios change the way addressing is created and used for inter container communication so the means of looking up the IP address won't be the same.
I am trying to understand PCF concepts and thinking that once i am done with creating mysql services in PCF, how i can manage that database like creating tables and maintaining that table just like we do in pur traditional environment using mySqldeveoper. I came across one service like PivotalMySQLWeb and tried but didnt liked it much. So if somehow i can get connection details of mysql service , i can use that to connect using sql developer.
The links #khalid mentioned are definitely good.
http://docs.pivotal.io/p-mysql/2-0/use.html
https://github.com/andreasf/cf-mysql-plugin#usage
More generally, you can use an SSH tunnel to access any service, not just MySQL. This also allows you to use whatever tool you would like to access the service.
This is documented here, but if for some reason that goes away here are the steps.
Create your target service instance, if you don't have one already.
Push an app, any app. It really doesn't matter, it can be a hello world app. The app doesn't even need to use the service. We just need something to connect to.
Either Bind the service from #1 to the app in #2 or create a service key using the service from #1. If you bind to the app, run cf env <app> or if you use a service key run cf service-key MY-DB EXTERNAL-ACCESS-KEY and either one will give you your service credentials.
Run cf ssh -L 63306:us-cdbr-iron-east-01.p-mysql.net:3306 YOUR-HOST-APP, where 63306 is the local port you'll connect to on your machine and us-cdbr-iron-east-01.p-mysql.net:3306 are the host and port from the credentials in step #3.
The tunnel is now up, use whatever client you'd like to connect to your service. For example: mysql -u b5136e448be920 -h localhost -p -D ad_b2fca6t49704585d -P 63306, where b5136e448be920 and ad_b2fca6t49704585d are the username and database name from step #3 and 63306 is the local port you picked from step #4.
Additionally, if you want to connect aws-rds-mysql (instantiated from Pivotal Cloud Foundry) from IntelliJ, you can use the DB-Navigator Plugin (https://plugins.jetbrains.com/plugin/1800-database-navigator) inside IntelliJ, through which, database manipulation can be performed.
After creating the ssh tunnel $ cf ssh -L 63306:<DB_HOSTNAME>:3306 YOUR-HOST-APP (as also mentioned in https://docs.pivotal.io/pivotalcf/2-4/devguide/deploy-apps/ssh-services.html),
Go to DB Navigator plugin and click on custom under new connection.
Enter the URL as: jdbc:mysql://:password>#localhost:63306/<database_name>
The following thread might be helpful for you as well How do I connect to my MySQL service on Pivotal Cloud Foundry (PCF) via MySQL Workbench or CLI or MySQLWeb Database Management App?