lucasacchi/laboratori-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(lab-02): complete Phase 3 - Network & VPC lab

Browse Source 
Implement Lab 02 with Docker bridge networks simulating VPC/Subnets.

Test Infrastructure (RED phase):
- 6 bash test scripts for network creation, isolation, INF-02 compliance
- Fail-fast orchestration with run-all-tests.sh
- Quick validation script for development

Documentation (Diátaxis framework):
- 3 tutorials: VPC creation, container deployment, isolation verification
- 4 how-to guides: create network, inspect config, test isolation, cleanup
- 3 reference docs: Docker network commands, Compose syntax, VPC mapping
- 1 explanation: Docker ↔ VPC parallels (PARA-01/02/03/04)

Infrastructure (GREEN phase):
- docker-compose.yml with VPC networks (10.0.1.0/24, 10.0.2.0/24)
- 5 services: web, app, db, test-public, test-private
- INF-02 compliant: 127.0.0.1 bindings only, no 0.0.0.0
- Private network with --internal flag
- Multi-homed app container (public + private networks)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Luca Sacchi Ricciardi
2026-03-25 17:26:35 +01:00
parent d4c4f7d717
commit 5b2c8c37aa
22 changed files with 3988 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
labs/lab-02-network/how-to-guides/test-network-isolation.md Normal file
View File

@@ -0,0 +1,87 @@
# How-To: Testare l'Isolamento delle Reti
Guida per verificare che l'isolamento tra reti Docker funzioni correttamente.
## Test Rapido
```bash
# Crea due container in reti diverse
docker run -d --name test1 --network net1 alpine sleep 3600
docker run -d --name test2 --network net2 alpine sleep 3600
# Test: DOVREBBE FALLIRE (isolamento)
docker exec test1 ping -c 1 test2
# Cleanup
docker stop test1 test2 && docker rm test1 test2
```
## Test Completivo
### 1. Creare Reti di Test
```bash
docker network create --subnet 10.0.1.0/24 test-net1
docker network create --subnet 10.0.2.0/24 test-net2
```
### 2. Creare Container
```bash
# Container nella stessa rete
docker run -d --name c1 --network test-net1 alpine sleep 3600
docker run -d --name c2 --network test-net1 alpine sleep 3600
# Container in rete diversa
docker run -d --name c3 --network test-net2 alpine sleep 3600
```
### 3. Test Isolamento
```bash
# Stessa rete: SUCCESSO
docker exec c1 ping -c 2 -W 1 c2
# Reti diverse: FALLISCE (atteso)
docker exec c1 ping -c 2 -W 1 c3
```
### 4. Test DNS
```bash
# DNS stessa rete: SUCCESSO
docker exec c1 nslookup c2
# DNS cross-rete: FALLISCE (atteso)
docker exec c1 nslookup c3
```
### 5. Cleanup
```bash
docker stop c1 c2 c3
docker rm c1 c2 c3
docker network rm test-net1 test-net2
```
## Test con Script
Usa lo script del lab:
```bash
bash labs/lab-02-network/tests/02-isolation-verification-test.sh
```
## Risultati Attesi
| Test | Risultato Atteso | Significato |
|------|------------------|--------------|
| `ping c2` da c1 (stessa rete) | SUCCESSO | Comunicazione funziona |
| `ping c3` da c1 (rete diversa) | FALLISCE | Isolamento funzionante |
| `nslookup c2` da c1 | SUCCESSO | DNS funziona in rete |
| `nslookup c3` da c1 | FALLISCE | DNS isolato tra reti |
## Vedi Anche
- [Tutorial: Verificare Isolamento](../tutorial/03-verify-network-isolation.md)
- [Test: Isolation Verification Script](../tests/02-isolation-verification-test.sh)