Docker networking: Docker overlay network with Consul

By | 12/12/2016

Introduction

I have said it before already, container technology is great. As long as you launch containers on a single host, life is easy. However, running containers on multiple hosts is a bit more difficult, mainly related to the multi-host networking. Luckily Docker has improved on this after the acquisition of Socketplane in 2015.

In this post, we will investigate how multi-host networking with Docker works.

Prepare the Docker hosts

Execute the below bash script. It will create 3 hosts. One host will be running the external KV store (consul) while the two other hosts will be used to run containers.

#!/bin/bash

set -e

# Docker Machine Setup
docker-machine create \
    -d virtualbox \
    consul

docker $(docker-machine config consul) run -d \
    -p "8500:8500" \
    -h "consul" \
    progrium/consul -server -bootstrap

docker-machine create \
    -d virtualbox \
    --virtualbox-disk-size 50000 \
    --engine-opt="cluster-store=consul://$(docker-machine ip consul):8500" \
    --engine-opt="cluster-advertise=eth1:0" \
    node-01

docker-machine create \
    -d virtualbox \
    --virtualbox-disk-size 50000 \
    --engine-opt="cluster-store=consul://$(docker-machine ip consul):8500" \
    --engine-opt="cluster-advertise=eth1:0" \
    node-02

Note: if you are running Docker 1.12 you could use swarm-mode and with that you don’t need an external KV store anymore. We will try this later, but in this post I wanted to test the network between two standalone hosts.

When the script is finished, you will see three hosts running:

WAUTERW-M-G007:docker wauterw$ docker-machine ls
NAME      ACTIVE   DRIVER       STATE     URL                         SWARM   DOCKER    ERRORS
consul    -        virtualbox   Running   tcp://192.168.99.105:2376           v1.12.3
node-01   -        virtualbox   Running   tcp://192.168.99.106:2376           v1.12.3
node-02   -        virtualbox   Running   tcp://192.168.99.107:2376           v1.12.3

The IP addresses for the nodes are 192.168.99.106 and 192.168.99.107 respectively.

Let’s have a look at the various networks on this host.

WAUTERW-M-G007:docker wauterw$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
4a4108c4ee92        bridge              bridge              local
1dfa158a5f0d        host                host                local
a3c1bf6b2b1b        none                null                local
WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
86ed80f7033c        bridge              bridge              local
c8e590484c9b        host                host                local
a2ee4efd1120        none                null                local

Historically, these three networks are part of Docker’s implementation. When you run a container you can use the –network flag to specify which network you want to run a container on. So as expected, we see 3 networks:

  • bridge: The bridge network represents the docker0 network present in all Docker installations. The Docker daemon connects containers to this network by default.
  • host: The host network adds a container on the hosts network stack. You’ll find the network configuration inside the container is identical to the host.
  • none: The none network adds a container to a container-specific network stack. That container lacks a network interface.

Let’s have a look at the bridge network. From below command output, you can see that Docker is creating a network with subnet 172.17.0.0/16. This network is also available on the second host, node-02.

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "4a4108c4ee925389c4e64024ab4ebeb641418f433f9f30406a73246db9c1e12d",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]
WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "86ed80f7033c7d64fd7d49c0072ab7c04e733d02204781bbc94c30387347e233",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

Notice that our host has indeed a docker0 interface as well as an eth0 and eth1 interface

node01

node02

Create an overlay network

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker network create -d overlay mynetfb669e6d67075afcc89c6cd5cab6503d2b5496abf010e129dc5a0fa13d9c95ddWAUTERW-M-G007:docker wauterw$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
4a4108c4ee92        bridge              bridge              local
1dfa158a5f0d        host                host                local
fb669e6d6707        mynet               overlay             global
a3c1bf6b2b1b        none                null                local
WAUTERW-M-G007:~ wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
86ed80f7033c        bridge              bridge              local
c8e590484c9b        host                host                local
fb669e6d6707        mynet               overlay             global
a2ee4efd1120        none                null                local

Note that the overlay is added on both hosts immediately with the same ID. Next, let’s inspect the mynet network in more detail:

WAUTERW-M-G007:docker wauterw$ docker network inspect mynet
[
    {
        "Name": "mynet",
        "Id": "fb669e6d67075afcc89c6cd5cab6503d2b5496abf010e129dc5a0fa13d9c95dd",
        "Scope": "global",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "10.0.0.0/24",
                    "Gateway": "10.0.0.1/24"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

The mynet overlay network has a subnet 10.0.0.0/24.

Launch containers without overlay

In this section, we will first create some containers without specifying to which network they belong. By default Docker will assume that they are part of the bridge network.

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker run -itd --name container-01 ubuntu:14.04
Unable to find image 'ubuntu:14.04' locally
14.04: Pulling from library/ubuntu

ba76e97bb96c: Pull complete
4d6181e6b423: Pull complete
4854897be9ac: Pull complete
4458f3097eef: Pull complete
9989a8de1a9e: Pull complete
Digest: sha256:062bba17f92e749bd3092e7569aa06c6773ade7df603958026f2f5397431754c
Status: Downloaded newer image for ubuntu:14.04
ef490a761a728e029ea71d191b81d521ca36e18318341260c7e8609f8ef70062
WAUTERW-M-G007:~ wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker run -itd --name container-02 ubuntu:14.04
Unable to find image 'ubuntu:14.04' locally
14.04: Pulling from library/ubuntu

ba76e97bb96c: Pull complete
4d6181e6b423: Pull complete
4854897be9ac: Pull complete
4458f3097eef: Pull complete
9989a8de1a9e: Pull complete
Digest: sha256:062bba17f92e749bd3092e7569aa06c6773ade7df603958026f2f5397431754c
Status: Downloaded newer image for ubuntu:14.04
1a3502101e49b7569dff1d519774705adf0a9992f5645d56617eb0c26aec0a71

As mentioned, these containers use the bridge network. Let’s verify this:

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
ef490a761a72        ubuntu:14.04        "/bin/bash"         About a minute ago   Up About a minute                       container-01
WAUTERW-M-G007:docker wauterw$ docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "4a4108c4ee925389c4e64024ab4ebeb641418f433f9f30406a73246db9c1e12d",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "ef490a761a728e029ea71d191b81d521ca36e18318341260c7e8609f8ef70062": {
                "Name": "container-01",
                "EndpointID": "20cdec7139c6088dc401fdd4f04700656ace85fa8ff6ee13b4e9f561788f2612",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]
WAUTERW-M-G007:~ wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
1a3502101e49        ubuntu:14.04        "/bin/bash"         About a minute ago   Up About a minute                       container-02
WAUTERW-M-G007:~ wauterw$ docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "86ed80f7033c7d64fd7d49c0072ab7c04e733d02204781bbc94c30387347e233",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "1a3502101e49b7569dff1d519774705adf0a9992f5645d56617eb0c26aec0a71": {
                "Name": "container-02",
                "EndpointID": "d7f2858a1db6c9826ff817e3de9dddeb99ccbb2feebcdcdc49614c8a5abc061d",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

From above command output, you can see that container-01 with ID ef490a761a72 and container-02 with ID 1a3502101e49 belong to the bridge network.

Ping between containers without overlay

Let’s find out the IP addresses for container-01 (running on node-01) and container-02 (running on node-02). As they are both part of the respective bridge network on their host, we can assume they will get an IP address in subnet 172.17.0.0/16.

WAUTERW-M-G007:docker wauterw$ docker exec container-01 ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:11:00:02
          inet addr:172.17.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1296 (1.2 KB)  TX bytes:648 (648.0 B)
WAUTERW-M-G007:~ wauterw$ docker exec container-02 ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:11:00:02
          inet addr:172.17.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1296 (1.2 KB)  TX bytes:648 (648.0 B)

As a matter of fact, they both received IP address 172.17.0.2. If we would execute a ping command from container-01 to 172.17.0.2, we would simply get a reply from container-01 so that does not bring us a lot of value. So let’s try something else instead.

We will launch an additional container, called container-03 and we will use the nginx image. This will in fact just expose a webserver. We will then also launche an additional container, container-04, which will run the wget command to retrieve the default nginx page.

WAUTERW-M-G007:docker wauterw$ docker run -itd --name=container-03 nginx
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
386a066cd84a: Pull complete
7bdb4b002d7f: Pull complete
49b006ddea70: Pull complete
Digest: sha256:9038d5645fa5fcca445d12e1b8979c87f46ca42cfb17beb1e5e093785991a639
Status: Downloaded newer image for nginx:latest
b08ee52b4baa874f5b6f8ed4667f48222c8a6b2d69fe42124b96f88ad93a6656
WAUTERW-M-G007:~ wauterw$ docker run -it --name=container-04 --rm busybox wget -qO- http://container-03
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
56bec22e3559: Pull complete
Digest: sha256:29f5d56d12684887bdfa50dcd29fc31eea4aaf4ad3bec43daf19026a7ce69912
Status: Downloaded newer image for busybox:latest
wget: bad address 'container-03'

You can see here already that we cannot reach container-03 (running on node-01) from container-04 (running on node-02).

Launch containers with overlay

Next, we will launch an additional two containers, one on each host. We will provide the –net option to connect them to the overlay network we defined earlier.

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker run -itd --name container-05 --net=mynet ubuntu:14.04
e894cf873c10fe553b59e6c8c9fced0d0090f0e7090b143d4ec181c3ba71e451
WAUTERW-M-G007:~ wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker run -itd --name container-06 --net=mynet ubuntu:14.04
8d03466e77ee5045ad04fbc3947b5e2eda7711984c79aa168d9d5b4f59cdb20a

You will also see now that Docker has created an additional network called docker_gwbridge. While the mynet network has type overlay, the docker_gwbridge has type bridge. The overlay

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
4a4108c4ee92        bridge              bridge              local
6c1b131717d6        docker_gwbridge     bridge              local
1dfa158a5f0d        host                host                local
fb669e6d6707        mynet               overlay             global
a3c1bf6b2b1b        none                null                local
WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
86ed80f7033c        bridge              bridge              local
7b94d4e06714        docker_gwbridge     bridge              local
c8e590484c9b        host                host                local
fb669e6d6707        mynet               overlay             global
a2ee4efd1120        none                null                local
WAUTERW-M-G007:~ wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker network inspect docker_gwbridge
[
    {
        "Name": "docker_gwbridge",
        "Id": "6c1b131717d69cfc3b34c2b390cef71f728d3e56365374221f89548e13139b85",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "e894cf873c10fe553b59e6c8c9fced0d0090f0e7090b143d4ec181c3ba71e451": {
                "Name": "gateway_e894cf873c10",
                "EndpointID": "e536fa3a0f52ad7646e12a4d7612eb347b982b561f549452959bd74ef3b5fe0b",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.enable_icc": "false",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.name": "docker_gwbridge"
        },
        "Labels": {}
    }
]
WAUTERW-M-G007:~ wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker network inspect docker_gwbridge
[
    {
        "Name": "docker_gwbridge",
        "Id": "7b94d4e06714bf55fd5b682aaf909d2d256dd7c6d1848ae1f03217e9d9e32f21",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "8d03466e77ee5045ad04fbc3947b5e2eda7711984c79aa168d9d5b4f59cdb20a": {
                "Name": "gateway_8d03466e77ee",
                "EndpointID": "ee0b6ef48e8090626e050035dd370a9179ab514c24f70a6b28b4e2ec7e39d132",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.enable_icc": "false",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.name": "docker_gwbridge"
        },
        "Labels": {}
    }
]
WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
e894cf873c10        ubuntu:14.04        "/bin/bash"              9 minutes ago       Up 9 minutes                            container-05
b08ee52b4baa        nginx               "nginx -g 'daemon off"   2 hours ago         Up 2 hours          80/tcp, 443/tcp     container-03
ef490a761a72        ubuntu:14.04        "/bin/bash"              2 hours ago         Up 2 hours                              container-01
WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
8d03466e77ee        ubuntu:14.04        "/bin/bash"         8 minutes ago       Up 8 minutes                            container-06
1a3502101e49        ubuntu:14.04        "/bin/bash"         2 hours ago         Up 2 hours                              container-02

From the above output, we can see that docker_gwbridge has subnet 172.18.0.0/16 and that container-05 and container-06 belongs to this network but as you can see below, they also belong to the overlay network mynet with a subnet 10.0.0.0/24

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker network inspect mynet
[
    {
        "Name": "mynet",
        "Id": "fb669e6d67075afcc89c6cd5cab6503d2b5496abf010e129dc5a0fa13d9c95dd",
        "Scope": "global",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "10.0.0.0/24",
                    "Gateway": "10.0.0.1/24"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "e894cf873c10fe553b59e6c8c9fced0d0090f0e7090b143d4ec181c3ba71e451": {
                "Name": "container-05",
                "EndpointID": "b89c30bd06716b9cb4e21ba6b3e018211ee2fd1ec16e25b58a862e85520a4a7f",
                "MacAddress": "02:42:0a:00:00:02",
                "IPv4Address": "10.0.0.2/24",
                "IPv6Address": ""
            },
            "ep-8817f3a22628fdc551d67fa5d0226e3c00c870b7aa47605586488603eaf2b8fd": {
                "Name": "container-06",
                "EndpointID": "8817f3a22628fdc551d67fa5d0226e3c00c870b7aa47605586488603eaf2b8fd",
                "MacAddress": "02:42:0a:00:00:03",
                "IPv4Address": "10.0.0.3/24",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]
WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker network inspect mynet
[
    {
        "Name": "mynet",
        "Id": "fb669e6d67075afcc89c6cd5cab6503d2b5496abf010e129dc5a0fa13d9c95dd",
        "Scope": "global",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "10.0.0.0/24",
                    "Gateway": "10.0.0.1/24"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "8d03466e77ee5045ad04fbc3947b5e2eda7711984c79aa168d9d5b4f59cdb20a": {
                "Name": "container-06",
                "EndpointID": "8817f3a22628fdc551d67fa5d0226e3c00c870b7aa47605586488603eaf2b8fd",
                "MacAddress": "02:42:0a:00:00:03",
                "IPv4Address": "10.0.0.3/24",
                "IPv6Address": ""
            },
            "ep-b89c30bd06716b9cb4e21ba6b3e018211ee2fd1ec16e25b58a862e85520a4a7f": {
                "Name": "container-05",
                "EndpointID": "b89c30bd06716b9cb4e21ba6b3e018211ee2fd1ec16e25b58a862e85520a4a7f",
                "MacAddress": "02:42:0a:00:00:02",
                "IPv4Address": "10.0.0.2/24",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

Last but not least, let’s have a look at the IP addresses allocated to the containers. Here you can clearly see that our containers have an eth0 interface to mynet and eth1 to docker_gwbridge.

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-01)
WAUTERW-M-G007:docker wauterw$ docker exec container-05 ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:0a:00:00:02
          inet addr:10.0.0.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:aff:fe00:2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1450  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1206 (1.2 KB)  TX bytes:648 (648.0 B)

eth1      Link encap:Ethernet  HWaddr 02:42:ac:12:00:02
          inet addr:172.18.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:acff:fe12:2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1206 (1.2 KB)  TX bytes:648 (648.0 B)

WAUTERW-M-G007:docker wauterw$ eval $(docker-machine env node-02)
WAUTERW-M-G007:~ wauterw$ docker exec container-06 ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:0a:00:00:03
          inet addr:10.0.0.3  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:aff:fe00:3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1450  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1206 (1.2 KB)  TX bytes:648 (648.0 B)

eth1      Link encap:Ethernet  HWaddr 02:42:ac:12:00:02
          inet addr:172.18.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:acff:fe12:2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1206 (1.2 KB)  TX bytes:648 (648.0 B)

The hosts themselves have a docker0 interface (172.17.0.1 on both hosts), a docker_gwbridge interface (172.18.0.1 on both hosts ), an eth0 interface (10.0.2.15 on both hosts), an eth1 interface (192.168.99.106 for node-01 and 192.168.99.107 for node-02) and an additional two veth interfaces.

Pinging containers with overlay network

Let’s then finally test if we can ping from container-05 to container-06.

From container-05 to container-06:

WAUTERW-M-G007:docker wauterw$ docker exec container-05 ping 10.0.0.3
PING 10.0.0.3 (10.0.0.3) 56(84) bytes of data.
64 bytes from 10.0.0.3: icmp_seq=1 ttl=64 time=0.479 ms
64 bytes from 10.0.0.3: icmp_seq=2 ttl=64 time=0.643 ms
64 bytes from 10.0.0.3: icmp_seq=3 ttl=64 time=0.481 ms
64 bytes from 10.0.0.3: icmp_seq=4 ttl=64 time=0.610 ms
64 bytes from 10.0.0.3: icmp_seq=5 ttl=64 time=0.496 ms
64 bytes from 10.0.0.3: icmp_seq=6 ttl=64 time=0.603 ms
^C

From container-06 to container-05:

WAUTERW-M-G007:~ wauterw$ docker exec container-06 ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.404 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.489 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=0.486 ms
64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=0.505 ms

That’s it for now. Quite a lengthy post, but I wanted to provide enough details for you to follow along. Hope you enjoyed!

Leave a Reply

Your email address will not be published. Required fields are marked *