Join Log in
Score:-2
avatar Server

How can I run two docker containers in the same network namespace?

sn flag
dewijones92

I want to run two docker containers in the same Linux network namespace.
My goal is to route all my torrent traffic through OpenVPN.
This script successfully creates a openvpn client container.
I can successfully enter this namespace and verify my IP address is indeed the OpenVPN IP address.

My issue is - How do I run the qbittorent docker container inside the openvpn network namespace?

Is there some sort of flag when starting a docker container to specify the network namespace to run in?
Any other possible solutions?
It is my understanding that I can not change the network namespace of a an already running process
Thanks

UPDATE SOLUTION
add this
--net=container:$openvpn_client

openvpn_client="openvpn-client"
torrent_client="torrent_client"
dewinettorrent_ns="dewinettorrent_ns"

function getpid {
        pid="$(docker inspect -f '{{.State.Pid}}' "$1")"
        echo $pid
}

docker rm -f $openvpn_client
docker rm -f $torrent_client
ip netns delete $dewinettorrent

ip netns pids $dewinettorrent_ns | xargs -t kill -9

docker run -d  \
  --privileged \
  --name=$openvpn_client \
  --volume /home/dewi/code/dot-files/vpn/:/data/vpn \
  --volume /home/dewi/code/dewi_projects/ivacy_vpn_auth:/data/vpn/auth-user-pass \
  docker-openvpn-client-dewi


docker run  -d \
  --name=$torrent_client \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/London \
  -e WEBUI_PORT=8080 \
  -p 9080:8080 \
  -v /path/to/appdata/config:/config \
  -v /path/to/downloads:/downloads \
  lscr.io/linuxserver/qbittorrent

mkdir -p /var/run/netns;
ln -fs "/proc/$(getpid $openvpn_client)/ns/net" /var/run/netns/$dewinettorrent_ns

mkdir -p /etc/netns/$dewinettorrent_ns/
echo 'nameserver 8.8.8.8' > /etc/netns/$dewinettorrent_ns/resolv.conf

docker exec -i $openvpn_client bash /data/scripts/entry.sh &

ip netns exec $dewinettorrent_ns curl icanhazip.com #successfully returns back my VPN IP address
162
0 + 0
in flag
Gerald Schneider
That's documented.
1
Reply
Score:1
avatar Server
co flag
BMitch

Yes, using the --net flag.

docker run ... --name app1 image1
docker run ... --net container:app1 --name app2 image2

E.g.

$ docker run --rm -d --name nginx nginx
351aa6f8dbfd46600bb6e7466e49fa1a62bc9d41e3c3001b4f1f55bce33a4720

$ docker run -it --rm --net container:nginx nicolaka/netshoot bash
bash-5.1# ss -lnt
State                    Recv-Q                   Send-Q                                     Local Address:Port                                      Peer Address:Port                   Process                   
LISTEN                   0                        511                                              0.0.0.0:80                                             0.0.0.0:*                                                
LISTEN                   0                        511                                                 [::]:80                                                [::]:*                                                
bash-5.1# exit
exit
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.