I'm trying to connect to a remote mongo-db instance that has restricted access to its local network. So, I create an ssh tunnel, which allows me to connect:
ssh -L [port]:localhost:[hostport] [username]@[remote-ip]
However, when I want to connect to the same mongo-db service from a docker container the connection times out.
I tried to specify a bind address like so
ssh -L 172.17.0.1:[port]:localhost:[host-port] [username]@[remote-ip]
And connect to the remote mongo-db from a docker container at 172.17.0.1:[port], but without success. What's my mistake?
Note: I am looking for a solution that works on both Linux and Mac.
I am suggesting something like this:
version: "3"
services:
sshproxy:
image: docker.io/alpine:latest
restart: on-failure
volumes:
- ./id_rsa:/data/id_rsa
command:
- sh
- -c
- |
apk add --update openssh
chmod 700 /data
exec ssh -N -o StrictHostkeyChecking=no -i /data/id_rsa -g -L 3128:localhost:3128 alice@remotehost.example.com
client:
image: docker.io/alpine:latest
command:
- sh
- -c
- |
apk add --update curl
while :; do
curl -x http://sshproxy:3128 http://worldtimeapi.org/api/timezone/America/New_York
sleep 5
done
Here I'm setting up an ssh tunnel that provides access to a remote http proxy, and then in another container I'm accessing that proxy over the ssh tunnel. This is pretty much exactly what you're looking to do with mongodb.
In a real environment, you would probably be using pre-built images, rather than installing packages on-the-fly as I've done in this example.