I’ve setup a VPN client connection inside a multi-container app that is working well. The idea is to have other containers use the
vpn containers connection to the VPN.
The containers that I want to have access to my VPN are able to access services/devices on the VPN just fine. The issue is making one of my services webpages available to access from the VPN.
An example docker-compose file:
version: '2' volumes: ovpn-data: services: vpn: image: dperson/openvpn-client cap_add: - net_admin tmpfs: - /run - /tmp security_opt: - label=disable devices: - "/dev/net:/dev/net" volumes: - 'ovpn-data:/vpn' restart: unless-stopped frontend: image: docker_hub_user/container_name depends_on: - vpn network_mode: "service:vpn" restart: unless-stopped proxy: image: dperson/nginx depends_on: - frontend links: - vpn:frontend ports: - "80:80" - "443:443" tmpfs: - /run - /tmp - /var/cache/nginx restart: unless-stopped command: -w "http://frontend:8888;/vpn"
In this example, the
frontend container is a web server. This config gives me an error when trying to start the container
host not found in upstream "frontend" in /etc/nginx/conf.d/default.conf:51
Balena does not support that
links tag specified in the
proxy container. That makes sense, as it is deprecated even within
docker-compose – my question is what is an acceptable alternative approach that is supported by balena?
I can verify that this proxy configuration works if
frontend is not using
network: service:vpn - so the error is a function of connecting
vpn and so it’s apparently not available on the default network being created within the container stack?
Any advice or suggestions?