Connect through openvpn client container from another container

Question

I setup an openvpn client container based on alpine that connects to a openvpn server, don't know where is it. The idea is I want to reach a server is in this vpn network not from the container with openvpn (which I can ping successfully) but from another one, like a curl or ping to that server.

I setup a basic bridge in docker and both the container (the openvpn client and the bash where I try to launch curl) are connected to it.

Am I miss something? Because i can't reach any server is connected to the vpn.

Answer 1

The second solution of ajankuv is probably better but with the configuration I found on dperson/openvpn-client I was able to successfully reach the openvpn net from another container.

The docker openvpn client

docker run -it --privileged --name vpn --device /dev/net/tun <my_openvpn_image>

The other container is run with --net=container:vpn

docker run --rm --net=container:vpn --device /dev/net/tun byrnedo/alpine-curl <server_in_vpn>

Now I think that probably I misconfigured the docker bridge

Answer 2

A Docker container with a vpn connection won't enable vpn on the entire host unless you route all traffic from the host to it. This is probably possible with some fancy routing tables but id suggest against it.

You better off making the host run a client, and then routing the traffic from the docker containers to it. This would be way easier to accomplish.

Other option is to build a base container with the vpn and then add extra services into it which in itself is not fun or recommend.