search

lyft / metadataproxy

A proxy for AWS's metadata service that gives out scoped IAM credentials from STS
Other
456 stars 69 forks source link

dynamically determine docker0 ip #29

Closed ryancox closed 7 years ago

ryancox commented 7 years ago

/cc: @ryan-lane

ryan-lane commented 7 years ago

+1

ryancox commented 7 years ago

did some testing and this looks good:

root@vagrant:/code/metadataproxy# ip addr show docker0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1
172.17.0.1
root@vagrant:/code/metadataproxy# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT       tcp  --  anywhere             169.254.169.254      tcp dpt:http to:172.17.0.1:45001
DOCKER     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL
ryancox commented 7 years ago

🚀