Docker networking and accessories #41
Comments
|
MRSK is designed for multi-server operation, so the internal network idea breaks down pretty quick with that. You'd have to unstrip all of that when you go to scale it. So I think we're better off keeping the network host transparent. |
|
@tbuehlmann I think I had a similar issue to yours. I try to run mrsk on Synology NAS that has docker installed. Next to web service, I have docker with postgres and redis on the same host. In order to connect web service with the database and Redis one has to add does the trick. If you run docker with One remark! Currently, mrsk version 0.9.1 is available in RubyGems ( |
|
Right, I thought a networking was a thing with mrsk, but it wasn't. Right now I just use the host's IP address from inside the container and that works well. |
|
Another option here is to create the docker network yourself by sshing into the machine, and then specify the network name in your deploy.yml. From there, you can refer to your db server by "app-db" or whatever instead of by the public ip address. For example: servers:
web:
hosts:
- 10.0.1.183
options:
"network": "my-network"
traefik:
options:
network: "my-network"
accessories:
db:
image: postgres:14
host: 10.0.1.183
... etc
options:
network: "my-network" |
|
Had the same "issue" while trying to set up a dev/staging server which would self contain its accessories to reduce server cost.
#!/usr/bin/env bash
REMOTE_HOST="user@host"
NETWORK_NAME="my-network"
# SSH into the remote host and execute Docker commands
ssh "$REMOTE_HOST" << EOF
# Check if the Docker network already exists
if ! docker network inspect "$NETWORK_NAME" &>/dev/null; then
# If it doesn't exist, create it
docker network create "$NETWORK_NAME"
echo "Created Docker network: $NETWORK_NAME"
else
echo "Docker network $NETWORK_NAME already exists, skipping creation."
fi
EOFAlso to bear in mind, accessories might still have ports mapped to the host ports despite it not being necessary since using the docker bridge network. You might want to deny trafic on those (if using ufw, see https://www.howtogeek.com/devops/how-to-use-docker-with-a-ufw-firewall/). But overall, it feels like this dev/staging custom setup should be very minimal and ideally non-existent. Would be great to have this type of setup best practice documented somehow, along with notions like role, destination, etc. Happy to help once I understand it properly. |
This is a very old thread at this point but did you need to do anything special to deploy to your Synology NAS? I've been trying over and over and in spite of absolutely having docker installed and accessible both for root and an admin user, it keeps failing to detect docker (docker -v fails so it tries to reinstall it). |
|
I don't remember to be honest. try with kamal if you get similar responses to the following commands: |
When having an accessory (like redis or mysql), I'd like to access that from within my app using its docker name (like "my-app-redis"), similar to how it works with docker-compose.
This doesn't work right now as the service and the accessory are both using the default docker network and this kind of hostname resolution/dns only seem to work for user-defined networks. Creating a docker network and using that for services and accessories works, but then traefik won't be able to route traffic to the service without further configuration or connecting traefik to the same network.
Is the idea of creating a shared default docker network for traefik, the service and accessories something we want to pursue in the gem or is this something the user should take care of? A simple
network: <network>deploy.yml option for service, traefik and accessories would suffice to generate the required--networkdocker args I guess.The text was updated successfully, but these errors were encountered: