Docker MySQL Container Incoming Connection from Gateway Address Instead of Source Container
Clash Royale CLAN TAG#URR8PPP
Docker MySQL Container Incoming Connection from Gateway Address Instead of Source Container
I have a basic stack of containers on their own user-defined network with a subnet of 172.21.0.0/16
. My MySQL container's address is 172.21.0.2
and the PHP/Apache container's address is 172.21.0.3
.
172.21.0.0/16
172.21.0.2
172.21.0.3
Until this point I had to permit MySQL to allow incoming connections via PHP from 172.21.0.3
, which made perfect sense. Now, it seems as though the connections are coming from 172.21.0.1
, the gateway, and this doesn't make much sense to me. My (basic to intermediate) understanding suggests that the gateway should only be used when traffic is destined for an address outside of its local network - but obviously in this case MySQL and PHP/Apache are on the same network.
172.21.0.3
172.21.0.1
Two of our environments have started acting like this, and while it's a simple fix to permit connections from the gateway address, I'm hesitant to proceed without an understanding as to what has happened and why. This also seems to add extra delay to database queries within the application.
Logging in to an affected environment via phpMyAdmin displays "User: root@172.21.0.1" in the "Database Server" information pane. An unaffected environment displays "root@phpmyadmin_1.test_default" (user@[container].[network]).
Both environments are using the exact same images, and the same version of Docker - 18.06.1-ce
. Other than a version upgrade of Docker, nothing else has changed with regards to the docker-compose.yml
I was using.
18.06.1-ce
docker-compose.yml
Why has my environment started acting like this? Should I prefer the connection coming in from the actual source, and not via the gateway? How can I return to that way of operation?
Thank you for any guidance or knowledge.
1 Answer
1
For anyone else that experiences a similar rut, I'm of the mind that this was caused by an upgrade of Docker from 18.03.1-ce
to 18.06.1-ce
via Docker's own repository. Performing a server reboot after this operation has (for now) restored sense to the networking of the stack.
18.03.1-ce
18.06.1-ce
The connection to my MySQL container is now correctly coming from the PHP/Apache container and not from the gateway address of the bridge network. The lag this introduced is gone, and I'm able to remove the privilege associated with the gateway address.
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.