Docker Networking Magic
I have been quiet on here as I am in the process of writing again, one of things I have been looking at is Dockers new networking features. This gave me an excuse to have a play with Weave. Rather than go into too much detail here, lets go all click bait because you won’t believe what happened next.
I launched two hosts in Digital Ocean, one in London and then one in New York City using Docker Machine;
docker-machine create \ — driver digitalocean \ — digitalocean-access-token your-digital-ocean-api-token-goes-here \ — digitalocean-region lon1 \ — digitalocean-size 1gb \mesh-london
docker-machine create \ — driver digitalocean \ — digitalocean-access-token your-digital-ocean-api-token-goes-here \ — digitalocean-region nyc2 \ — digitalocean-size 1gb \mesh-nycOnce both hosts were up and running I downloaded the Weave binaries on each host;
docker-machine ssh mesh-london ‘curl -L git.io/weave -o /usr/local/bin/weave; chmod a+x /usr/local/bin/weave’docker-machine ssh mesh-nyc ‘curl -L git.io/weave -o /usr/local/bin/weave; chmod a+x /usr/local/bin/weave’Once the binary was on each host, I launched Weave on each host making sure I provided a password so that traffic between the host machines would be encrypted;
docker-machine ssh mesh-london weave launch — password m3ga_5ecret_pa55w0rddocker-machine ssh mesh-nyc weave launch — password m3ga_5ecret_pa55w0rdNow Weave is running on both my hosts, I instructed the mesh-nyc host to connect to the IP address of the mesh-london host;
docker-machine ssh mesh-nyc weave connect “$(docker-machine ip mesh-london)”and finally check the status of the Weave cluster;
docker-machine ssh mesh-nyc weave statusThere should be two peers and 2 established connections.
This is where it gets interesting. Launching a NGINX container on the New York City host by running;
docker $(docker-machine config mesh-nyc) run -itd \ — name=nginx \ — net=weave \ — hostname=”nginx.weave.local” \ — dns=”172.17.0.1" \ — dns-search=”weave.local” \russmckendrick/nginxand then on the London host, try wgetting the page being served by NGINX (its just a plain one which says Hello from NGINX);
docker $(docker-machine config mesh-london) run -it \ — rm \ — net=weave \ — dns=”172.17.0.1" \ — dns-search=”weave.local” \russmckendrick/base wget -q -O- http://nginx.weave.localand then finally ping the NGINX container;
docker $(docker-machine config mesh-london) run -it \ — rm \ — net=weave \ — dns=”172.17.0.1" \ — dns-search=”weave.local” \russmckendrick/base ping -c 3 nginx.weave.localIf you can’t be bothered to run it yourself, and who can blame you, here is an asciicinema recording;
As you can see, with no effort on my part other than the commands above I had encrypted, multi-host container networking !!!
Don’t forget to get teardown the two Digital Ocean hosts if you brought them up;
docker-machine stop mesh-london mesh-nycdocker-machine rm mesh-london mesh-nycFor further reading on Weave Net please see their documentation.
Related Posts
Revisting Podman
Delve into the exciting features and benefits of Podman, a powerful alternative to traditional container technologies.
Running Podman on macOS
Discover how to run Podman on macOS using a virtual machine, enabling Docker compatibility and container management.
Docker Desktop Alternatives for macOS
Explore Docker Desktop alternatives for macOS: Lima, Rancher Desktop, and Minikube offer containerization and Kubernetes clustering solutions.