lucasacchi/laboratori-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
62562fe68a2150b4be4ca1a21b03b51f8f04c01f
laboratori-cloud/labs/lab-02-network/how-to-guides/test-network-isolation.md
Luca Sacchi Ricciardi 5b2c8c37aa feat(lab-02): complete Phase 3 - Network & VPC lab 
Implement Lab 02 with Docker bridge networks simulating VPC/Subnets.

Test Infrastructure (RED phase):
- 6 bash test scripts for network creation, isolation, INF-02 compliance
- Fail-fast orchestration with run-all-tests.sh
- Quick validation script for development

Documentation (Diátaxis framework):
- 3 tutorials: VPC creation, container deployment, isolation verification
- 4 how-to guides: create network, inspect config, test isolation, cleanup
- 3 reference docs: Docker network commands, Compose syntax, VPC mapping
- 1 explanation: Docker ↔ VPC parallels (PARA-01/02/03/04)

Infrastructure (GREEN phase):
- docker-compose.yml with VPC networks (10.0.1.0/24, 10.0.2.0/24)
- 5 services: web, app, db, test-public, test-private
- INF-02 compliant: 127.0.0.1 bindings only, no 0.0.0.0
- Private network with --internal flag
- Multi-homed app container (public + private networks)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-25 17:26:35 +01:00

1.9 KiB
Raw Blame History

How-To: Testare l'Isolamento delle Reti

Guida per verificare che l'isolamento tra reti Docker funzioni correttamente.

Test Rapido

# Crea due container in reti diverse
docker run -d --name test1 --network net1 alpine sleep 3600
docker run -d --name test2 --network net2 alpine sleep 3600

# Test: DOVREBBE FALLIRE (isolamento)
docker exec test1 ping -c 1 test2

# Cleanup
docker stop test1 test2 && docker rm test1 test2

Test Completivo

1. Creare Reti di Test

docker network create --subnet 10.0.1.0/24 test-net1
docker network create --subnet 10.0.2.0/24 test-net2

2. Creare Container

# Container nella stessa rete
docker run -d --name c1 --network test-net1 alpine sleep 3600
docker run -d --name c2 --network test-net1 alpine sleep 3600

# Container in rete diversa
docker run -d --name c3 --network test-net2 alpine sleep 3600

3. Test Isolamento

# Stessa rete: SUCCESSO
docker exec c1 ping -c 2 -W 1 c2

# Reti diverse: FALLISCE (atteso)
docker exec c1 ping -c 2 -W 1 c3

4. Test DNS

# DNS stessa rete: SUCCESSO
docker exec c1 nslookup c2

# DNS cross-rete: FALLISCE (atteso)
docker exec c1 nslookup c3

5. Cleanup

docker stop c1 c2 c3
docker rm c1 c2 c3
docker network rm test-net1 test-net2

Test con Script

Usa lo script del lab:

bash labs/lab-02-network/tests/02-isolation-verification-test.sh

Risultati Attesi

Test Risultato Atteso Significato
ping c2 da c1 (stessa rete) SUCCESSO Comunicazione funziona
ping c3 da c1 (rete diversa) FALLISCE Isolamento funzionante
nslookup c2 da c1 SUCCESSO DNS funziona in rete
nslookup c3 da c1 FALLISCE DNS isolato tra reti

Vedi Anche

Reference in New Issue View Git Blame Copy Permalink