Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Docker creates an IP address that conflicts with internal network when deploying a compose environment to server from pipeline

Tags:

docker

networking

docker-compose

Currently, we are deploying a compose environment stack to an ubuntu server. In the compose file, we are not defining an address and utilizing the underlying default docker bridge network that docker compose comes with out of the box.

The server IP is in the 10.x.x.x range.

docker0, by default, spins up as 172.17.0.0 and increments the second octet on each deployment (172.18.0.0, 172.19.0.0, etc.) on our server - no problem there.

However, when this spins up and is deployed from our pipeline, there is another network created on the server when compose is up and running, and it is named as br-xxxxxxxxxxx where x is some randomized character. The problem occurs here, as this br- network binds to a 192.168.x.x address.

My question is, why does the docker daemon not infer the conflicting address before deploying the compose environment?

I can verify that this indeed is a problem, as once this occurs, I am unable to ssh into the server.

Thank you in advance!

This is related to another question I asked, but it is a completely separate issue I noticed while working through this, so I decided to make a separate post.

A link for the related question: What happens when docker daemon runs out of network IP addresses to allocate when deploying compose environments?

like image 860
Thomas Avatar asked Mar 05 '23 01:03

Thomas

1 Answers

In the /etc/docker/daemon.json file, you can specify the following for the default bridge and the user created bridge networks:

{
  "bip": "10.15.0.1/24",
  "default-address-pools": [
    {"base": "10.20.0.0/16", "size": 24},
    {"base": "10.40.0.0/16", "size": 24}
  ]
}

These address pools require 18.06, I believe, and define a pool for docker to select from when creating bridge networks. This is useful if docker does not see a route to the private network you wish to avoid using.

This is part of my tips and tricks talk given at DockerCon recently (you can press "P" for the presenter notes): https://sudo-bmitch.github.io/presentations/dc2019/tips-and-tricks-of-the-captains.html#21

like image 173
BMitch Avatar answered Mar 07 '23 04:03

BMitch
Sign in to Comment

Related questions

How to reject docker registries in kubernetes?
"gcloud auth configure-docker" on GCP VM instance with Ubuntu not setup properly?
Expand ARG value in CMD [Dockerfile]
Run Python script without web server into Docker?
Stripe TLS 1.2 Webhook issue
Node-sass binding problem in Docker container
Azure DevOps: Add Azure Container Registry in Build Pipeline from different account

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!