I have an ubuntu server running docker with one container. My server ip address is 172.31.12.29/20 in my vpc. It has tow bridges (docker0 ans lxcbr0).
My container ip address is 172.17.0.2/16.
The host and the container can ping themselves.
I have another server in my vpc with 172.31.1.233/20 for ip address. I just want my to reach my containers from this server but I don't know how to do this.
My two servers can ping themselves to.
I try to do this configuring my vpc routes table to route 172.17.0.0/16 targeted requests to 172.31.12.29 but it doesn't work.
Any idea ?
Best Answer
It sounds like you also need to disable Source/Destination IP Check on the instance hosting the containers (and you need the static route in the VPC route table, pointing to that instance by id). VPC network infrastructure drops IP traffic with IP addresses that don't make sense based on what the infrastructure knows internally about IP addresses associated with each instance. This setting changes that functionality on instances where you apply it. If you have a NAT instance, you'll notice this is already done for that instance, otherwise it wouldn't be able to route external traffic to/from other instances.
http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-ModifyInstanceAttribute.html
This is also on Instance Actions in the console.