In some cases, it is useful to have containers running on two different docker bridge networks to communicate with each other. The easist thing is to remove the docker created isolation rules so that containers running on different bridged docker networks wont have their packets dropped by iptable rules. One other way is to add forward rules so that their packet will be accepted. Here is an example, assume there are two bridged docker networks b1 172.19.0.0/16 and b2 172.20.0.0/16. By default the containers running on these two separate networks are isolated (on purpose). With the following two Iptable rules, containers can communicate with each other.
iptables -I FORWARD -s 172.19.0.0/16 -d 172.20.0.0/16 -j ACCEPT
iptables -I FORWARD -d 172.20.0.0/16 -s 172.19.0.0/16 -j ACCEPT
No comments:
Post a Comment