ungleich-public/ungleich-staticcms
6
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ungleich-staticcms/content/u/blog/running-world-reachable-containers-on-your-notebook-with-ipv6/contents.lr
Nico Schottelius 7a5e69e8ce Link to glarnercloud in .en
2019-11-20 21:21:33 +01:00

74 lines
2.3 KiB
Markdown
Raw Blame History

title: How to run world reachable docker containers on your notebook
---
pub_date: 2019-11-20
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: no
---
_discoverable: yes
---
abstract:
With IPv6, you can do so many things faster than before
---
body:
Today [Alain](https://github.com/munen/)
from [200ok](https://200ok.ch/) and me were hacking in the
[Hacking Hotel Diesbach](https://hack.digitalglarus.ch/) and found an
interesting problem: the docker containers on Alain's notebook did not
reach the Internet.
## IPv6 only networks
It turns out that here in the Hacking Hotel, we are in an IPv6 only
network and docker by default assigns IPv4 addresses to
containers. This obviously does not work, because there is no IPv4
connectivity in an IPv6 only network...
## Turning the problem into a feature
...being in the Hacking Hotel means being inside the
*2a0a:e5c0:10::/48* network. The nice thing about IPv6 is that you
have a lot of space. With the /48 network, we have around 65'536 /64
sub networks. But enough from the IPv6 love...
... what this means is that we can just route a /64 network to Alain's
notebook and reconfigure his docker daemon to use IPv6 instead of
IPv4. Simply creating the **/etc/docker/daemon.json** with the
following content is enough:
```json
{
"ipv6": true,
"fixed-cidr-v6": "2a0a:e5c0:10:f00::/64"
}
```
This is great, as long as we work in the Hacking Hotel...
## And turning it into a demo ready state
The problem with our solution above is that the network is only routed
to his notebook, when he is in the Hacking Hotel and it will not work
outside.
Alain also has a VPN from [IPv6VPN.ch](https://IPv6VPN.ch) that
gives him a static /48 network to his notebook. Now we selected a
/64 subnet and what does it give?
**World wide reachable docker containers** on a notebook!
Isn't that sweet? Given the right firewall settings, the containers
can now be reached from anywhere in the world. From a notebook, which
can be anywhere else in the world.
## More of this
If you like hacking with IPv6, or to reproduce the docker setup above,
you are invited to join the [IPv6 Chat](https://IPv6.chat)
or to get yourself a 50% off deal on the [Black IPv6
Friday](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en)
campaign.
Reference in a new issue View git blame Copy permalink