Intercontainer communication access and cattle-network

drj · April 26, 2016, 8:14pm

Hi,
When i running docker daemon with icc=false and iptables=true paramaters, docker daemon just added docker network ipS to iptables. This is a big problem because rancher-agent not added castle ips on the cluster nodes. For the security communication between the containers , should work in these parameters. Otherwise they will be able to talk to each other conrainers.

Ref: https://benchmarks.cisecurity.org/en-us/?route=downloads.form.docker16.110
Section:2.1 & 2.3

drj · May 15, 2016, 6:47pm

Any answer for this question?

vincent · May 16, 2016, 6:00am

I’m not sure what the questing is, but the current network model for the overlay network assumes that all containers in an environment can talk to each other and the normal configuration of the docker daemon.

Topic		Replies	Views
Cross-host intercontainer communication trouble Rancher 1.x	27	11902	May 14, 2016
Again:Cross-host intercontainer communication trouble Rancher 1.x	5	1693	April 26, 2016
Containers can't connect via overlay network between hosts Rancher 1.x	14	4589	July 11, 2016
Cross Host Networking Issues Rancher 1.x	3	1859	April 9, 2017
Rancher Container Networking Rancher 1.x	3	877	June 21, 2016

Intercontainer communication access and cattle-network

Related Topics