Telnet issues in docker networks
by esolve from LinuxQuestions.org on (#518V8)
in a host machine (its LAN ip is 192.168.0.94), I have the following services
1) mysql , its docker-compose.yml is as below. It creates a bridge network called `mysql_default`i1/4it is assigned a VIP 172.24.0.2
Quote:
2) nacos, its docker-compose.yml is as below. It starts 3 services, and all of them are in the same bridge network and with a fixed IP address.
Quote:
3) user service, for this service, I create a docker swarm in the host and a docker overlay network called `pica_net` and the service resides in this overlay network
Quote:
I find that it is not possible for user service to connect to Nacos service, so I do a series of telnet connection test to the following IP-Port pairs
a: (target at nacos containers with their VIPs in the overlay network) 10.0.2.10:8848/10.0.2.11:8848/10.0.2.12:8848
b: (target at nacos container 1 with LAN IP of host machine) 192.168.0.94:8848
c: (target at nacos container 2 with LAN IP of host machine) 192.168.0.94:8849
d: (target at nacos container 3 with LAN IP of host machine) 192.168.0.94:8850
e: (target at mysql container with LAN IP of host machine) 192.168.0.94:3306
f: (target at mysql container with its VIP in the bridge network) 172.24.0.2:3306
according to my test, my observation is:
1) on the host machine, successfully telnet to all the above IP-Port pairs
2) from inside `mysql` container: successfully telnet to `a`,`b`, but failed in telnet to `c` and `d`
3) from inside `user` container: successfully telnet to `e`,`f`, but failed in telnet to `a`, `b`, `c`, `d`
4) from inside `nacos` containers: successfully telnet to `e`,`f`, but failed in telnet to `a`, `b`, `c`, `d`
from all of them ping to the above LAN IP or VIPs are all successful
I'm wondering why there are failures in telnet as indicated in 2), 3) and 4), what are the reasons? and how can I make the telnet successful?
1) mysql , its docker-compose.yml is as below. It creates a bridge network called `mysql_default`i1/4it is assigned a VIP 172.24.0.2
Quote:
| version: '2' services: mysql: image: mysql:5.7 restart: always container_name: mysql volumes: - /etc/localtime:/etc/localtime - /data/mysql:/var/lib/mysql ports: - 3306:3306 |
2) nacos, its docker-compose.yml is as below. It starts 3 services, and all of them are in the same bridge network and with a fixed IP address.
Quote:
| version: "2" services: nacos1: container_name: nacos1 image: nacos:latest networks: nacos_net: ipv4_address: 10.0.2.10 ports: - 8848:8848 volumes: - /root/nacos/application.properties:/app/conf/application.properties nacos2: container_name: nacos2 image: nacos:latest networks: nacos_net: ipv4_address: 10.0.2.11 ports: - 8849:8848 volumes: - /root/nacos/application.properties:/app/conf/application.properties nacos3: container_name: nacos3 image: nacos:latest networks: nacos_net: ipv4_address: 10.0.2.12 ports: - 8850:8848 volumes: - /root/nacos/application.properties:/app/conf/application.properties networks: nacos_net: ipam: driver: default config: - subnet: "10.0.2.0/24" |
3) user service, for this service, I create a docker swarm in the host and a docker overlay network called `pica_net` and the service resides in this overlay network
Quote:
version: "3" services: pica_user: #container_name: pica_user image: pica-user:latest networks: - pica_net ports: - 8010:8010 deploy: replicas: 1 update_config: parallelism: 1 delay: 3s restart_policy: condition: on-failure volumes: - /root/pica/user/logs:/app/logs entrypoint: ["java", "-Xmx150m", "-Xss512k", "-Dserver.port=8810", "-Dspring.profiles.active=prod", "-jar", "/app/pica-user.jar"] networks: pica_net: external: true |
I find that it is not possible for user service to connect to Nacos service, so I do a series of telnet connection test to the following IP-Port pairs
a: (target at nacos containers with their VIPs in the overlay network) 10.0.2.10:8848/10.0.2.11:8848/10.0.2.12:8848
b: (target at nacos container 1 with LAN IP of host machine) 192.168.0.94:8848
c: (target at nacos container 2 with LAN IP of host machine) 192.168.0.94:8849
d: (target at nacos container 3 with LAN IP of host machine) 192.168.0.94:8850
e: (target at mysql container with LAN IP of host machine) 192.168.0.94:3306
f: (target at mysql container with its VIP in the bridge network) 172.24.0.2:3306
according to my test, my observation is:
1) on the host machine, successfully telnet to all the above IP-Port pairs
2) from inside `mysql` container: successfully telnet to `a`,`b`, but failed in telnet to `c` and `d`
3) from inside `user` container: successfully telnet to `e`,`f`, but failed in telnet to `a`, `b`, `c`, `d`
4) from inside `nacos` containers: successfully telnet to `e`,`f`, but failed in telnet to `a`, `b`, `c`, `d`
from all of them ping to the above LAN IP or VIPs are all successful
I'm wondering why there are failures in telnet as indicated in 2), 3) and 4), what are the reasons? and how can I make the telnet successful?