I have a server running multiple web apps, each in their own docker containers. Many of these apps have database containers. I want to connect these databases to my prometheus docker container using prom/mysqld_exporter in a docker container.
All the apps are created with docker-compose, and each app uses its own network (172.16.nn.0/24, where nn is different for each app). Even if the database exposes a port, they are all bound to 127.0.0.1, so can't be connected to except by the host itself.
My plan was to have a monitor docker-compose file, with a mysqld_exporter for each database, connecting directly to the appropriate ip address port 3306 in each app's database container.
I am running ufw (firewall). Of course, I have fallen foul of the fact that docker prevents routing between its different networks.
One solution would be to add each mysqld_exporter to the same docker-compose file as the database it is going to monitor. But it would be really nice not to have to alter the docker-compose files for the web apps.
Is there another robust way of allowing connection between specific ip addresses and ports in different containers, or do I have to bite the bullet and modify the app docker-compose files?