Recently, after trying docker1.9, it has its own network function. In this function, the container uses the automatically created docker_gwbridge bridge to access the external network. How does the docker host access the interior of the overlay network (for example, other hosts join the container of the overlay network at the same time)? 1. Try to point the route to the overlay to docker_gwbridge, but cannot access the containers added to this overlay by other hosts, because there is no backhaul route, it is also unrealistic to add a backhaul route to each started container. 2. On the host machine, reverse agents are opened in the containers. 3. Open iptables in the container to do nat. 4. Traditional mode does nat mapping for container to host port. 5. If one container in the overlay can be designated as the default route for the entire overlay, everything will be all right. However, up to 1.10.2, gateway will be automatically assigned to a certain bridge and can only be modified by each container. However, individuals are unwilling to give each container such high permissions. The above solutions have various defects and inconveniences. I wonder if you have any simpler and more efficient solutions?
This problem can be solved by using docker machine docker swarm. Please refer to official documents for details.