Links between containers not working with docker-compose version 2

14
votes

Linking between containers in a version 2 docker-compose file is not working.

Only when using the 'old' version 1 format, I do see the link in /etc/hosts of the container.

I have the following basic version 2 docker-compose.yml file.

version: '2'

services:
  my-app:
    image: tomcat:8.0
    container_name: my-app1
    links:
      - my-redis
  my-redis:
    image: redis
    container_name: my-redis1

When I run the following command:

docker-compose up -d

I see that two containers are started, but no link is created in the /etc/hosts file:

docker exec -it my-app1 cat /etc/hosts
    127.0.0.1       localhost
    ::1     localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    172.18.0.3      2abb84ccada9

From 'my-app1' I can ping the other container using the IP address of 'my-redis1', but I cannot 'ping my-redis1' (based on a name).

What could be the problem here?

Additional information:

  • Docker version 1.10.0, build 590d5108
  • docker-compose version 1.6.0, build d99cad6
  • Linux kernel: 4.3.5-300.fc23.x86_64
3
dockerdocker-compose
Docker 1.10 no longer uses /etc/hosts it uses an embedded DNS server. There is a known issue with the dns server and firewald running on the host. That might be causing the problem. You should be able to ping using both the container name and the service name.dnephin
Thanks, the problem was the firewall on the host (Fedora). Docker containers are supposed to provide isolation from the host, but the new networking seem to be quite picky on the host configuration :-( ...user2030035

3 Answers

14
votes

With version 2 of docker-compose the 'services' (containers) that are in the same network are linked between them by default.

Using the below docker-compose.yml file

version: '2'

services:
  my-app:
    image: tomcat:8.0
    container_name: my-app1
    links:
      - my-redis
  my-redis:
    image: redis
    container_name: my-redis1

You just can execute ping my-app from your my-redis container and ping my-redis from your my-app container to check that they are linked.

For instance:

$ docker-compose up -d
$ docker exec -it my-app1 bash
# ping my-redis

You can get more information about that in the links below: https://blog.docker.com/2016/02/compose-1-6/ https://github.com/docker/compose/blob/master/docs/networking.md

6
votes

The problem is the firewalld of my Fedora host.

With the firewall temporarily disabled ('systemctl stop firewalld', followed by 'systemctl restart docker') everything works according to the docker documentation.

There seems to be a major problem with firewalld when used with docker, see: https://github.com/docker/docker/issues/16137.

Note that RHEL/Centos 7 also use firewalld.

-Arjen

1
votes

In my case the problem was in service name.

version: "2"
services:
    my_auth_server:
       build: auth-server
       ports: 
           - "8082:8082"

    my_api:
       build: core-api
       ports: 
           - "8081:8081"   
       links:
           - my_auth_server:auth-server # <-- here changed from auth_server to auth-server