# Running Docker on two hosts, bridged with Tinc

This Gist is similar to https://gist.github.com/noteed/8656989 which uses Open
vSwitch instead of Tinc.

## Setup

Download the `install.sh` script and run it:

    > https://gist.github.com/noteed/11031504/raw/install.sh
    > sh install.sh

Then configure Tinc, and edit and run `shared-docker-tinc.sh`.

## Tinc configuration

On each host, the Tinc configuration is similar:

    /etc/tinc/
    ├── horde
    │   ├── hosts
    │   │   ├── host_1
    │   │   └── host_2
    │   ├── rsa_key.priv
    │   ├── tinc.conf
    │   ├── tinc-down
    │   └── tinc-up
    └── nets.boot

On a given host N:

* The `rsa_key.priv` must be generated, and the corresponding public key
  is put in `/etc/tinc/horde/hosts/host_n`.

* The `Address =` entry in the `host_n` file is not necessary but does
  no harm.

* The `Name =` entry in `tinc.conf` must be set to `host_n`.

* The `ConnectTo =` entry in `tinc.conf` must be set to the "other" host.

To generate Tinc public/private key pairs:

    > tincd -n horde -K

## Route

If the `BRIDGE_ADDRESS` variable is set on the two hosts as `172.16.41.1` and
`172.16.41.2`, the subnet in `tinc.conf` can be the same on both hosts:

    Subnet = 172.16.41.0/24

and the last line in `shared-docker-tinc.sh` to setup the route is not needed.

In such a configuration there is a problem: Docker will start allocating IP
addresses to containers almost identically on both hosts (e.g. you will end up
with both hosts having a container with IP `172.16.41.3`).

To avoid that problem, the `BRIDGE_ADDRESS` should be in different subnets. For
instance on host_1:

    Subnet = 172.16.41.0/24        # In tinc.conf.
    BRIDGE_ADDRESS=172.16.41.1/24  # In shared-docker-tinc.sh.
    OTHER_BRIDGE_ADDRESS=172.16.42.0

And on host_2:

    Subnet = 172.16.42.0/24        # In tinc.conf.
    BRIDGE_ADDRESS=172.16.42.1/24  # In shared-docker-tinc.sh.
    OTHER_BRIDGE_ADDRESS=172.16.41.0