Creating Docker Bridge kills my ssh and network configuration on centos9

naseweis · January 24, 2024, 3:21pm

Hey i’m pretty new to docker.

I have a testlab with ip range 10.0.100.0/24 and the vm server Centos9 docker running on has ip 10.0.100.6

Now i want to bridge this network so i have from everywhere access to my containers but …

If i run:

docker network create --driver=bridge --subnet=10.0.100.0/24 br0

took this from the docs: docker network create | Docker Docs

I loose my connection via ssh and it creates a cryptical br-232423414… interface with the ip address 10.0.100.1

whats bad because this is my standart gateway. Can someone help me creating a bridge in Docker ?

what do i miss?

Thx

meyay · January 24, 2024, 3:24pm

A docker bridge network is supposed to be subnet private to the docker host. Just use a subnet that does not collide with your lan subnet range, or any subnet that is reached via routing.

naseweis · January 24, 2024, 3:38pm

Thx for you’re reply but than i cannot access the containers from my other devices ?

Maybe i misunderstood something on docker?!

If i make an ubuntu container and want access it from outside of the host what i gonna do?
Sure i can make something with reverse proxy. But is this than the only possibility?

meyay · January 24, 2024, 4:07pm

Excellent first question. Since every getting started guide should have provided the answer to that question, I assume you didn’t follow any getting started guides or tutorials.

I just google for “docker getting started” and the first link took me you to the getting started guide. If you followed that guide, you would find the answer on the second page of the guide: Containerize an application | Docker Docs

Trying to use docker without building up the knowledge first might be very frustrating and time-consuming without getting nowhere. If you are really interested in learning the docker concepts and how things are done in docker, I can highly recommend this free self-paced training: Introduction to Containers

naseweis · January 24, 2024, 4:14pm

I read this already i’ve just asked if there is any other solution than reverse proxy than. I try this out thx.

meyay · January 24, 2024, 5:29pm

I am sure most of the tutorials do not even cover a reverse proxy, as it’s not needed, unless of course you specifically want to use a reverse proxy.

The tutorial you shared discusses published ports, which is indeed the intended approach to make container ports accessible on the docker host.
See: https://docs.docker.com/network/#published-ports

naseweis · January 25, 2024, 4:50pm

Hey,

i found out the solution. MACVLAN allows you to give every docker container a seperate IP address in your network and acts like a switch.

Create the Network:

docker network create -d macvlan \
--subnet 10.0.100.0/24 \
--gateway 10.0.100.1 \
-o parent=enp1s0 \
virtualswitch

Run your container:

docker run -itd --rm --network virtualswitch \
--ip 10.0.100.100 \
--name centos mycentos \

The problem with this is that one interface have than multiple mac addresses so you have to set on the host:

ip link set enp1s0 promisc on

there are even better layer 3 ways to do so all explained here : https://www.youtube.com/watch?v=bKFMS5C4CG0

just someone have the same problem.