Docker 1.10 container's IP in LAN

Docker Engine General
1

Since Docker 1.10 (and libnetwork update) we can manually give an IP to a container inside a user-defined network, and that’s cool !

I want to give a container an IP address in my LAN (like we can do with Virtual Machines in “bridge” mode). My LAN is 192.168.1.0/24, all my computers have IP inside it. And I want my containers having IPs in this range, in order to reach them from anywhere in my LAN (without NAT/PAT/etc…) just like if it was any computer.

I obviously red Jessie Frazelle’s blog post and a lot of others post here and everywhere.

Reading Jessie Frazelle’s blog post, I thought (since she use public IP) we can do what I want to do ?

Indeed, if I do something like :

network create --subnet 192.168.1.0/24 --gateway 192.168.1.1 homenet
docker run --rm -it --net homenet --ip 192.168.1.100 nginx

The new interface on the docker host (br-[a-z0-9]+) take the ‘–gateway’ IP, which is my router IP. And the same IP on two computers on the network… BOOM

Thanks in advance.

1 Like
2

After looking for people who have the same problem, we went to a workaround :

Sum up :#

  • (V)LAN is 192.168.1.0/24
  • Default Gateway (= router) is 192.168.1.1
  • Multiple Docker Hosts

What do we want :

We want to have containers with ip in the 192.168.1.0/24 network (like computers) without any NAT/PAT/translation/port-forwarding/etc…

Problem

When doing this :

network create --subnet 192.168.1.0/24 --gateway 192.168.1.1 homenet

we are able to give containers the IP we want to, but the bridge created by docker (br-[a-z0-9]+) will have the IP 192.168.1.1, which is our router.

Solution

1. Setup the Docker Network

Use the DefaultGatewayIPv4 parameter :

docker network create --subnet 192.168.1.0/24 --aux-address "DefaultGatewayIPv4=192.168.1.1" homenet

By default, Docker will give to the bridge interface (br-[a-z0-9]+) the first IP, which might be already taken by another machine. The solution is to use the --gateway parameter to tell docker to assign a arbitrary IP (which is available) :

docker network create --subnet 192.168.1.0/24 --aux-address "DefaultGatewayIPv4=192.168.1.1" --gateway=192.168.1.200 homenet

We can specify the bridge name by adding -o com.docker.network.bridge.name=br-home-net to the previous command.

2. Bridge the bridge !

Now we have a bridge (br-[a-z0-9]+) created by Docker. We need to bridge it to a physical interface (in my case I have to NIC, so I’m using eth1 for that):

brctl addif br-home-net eth1

3. Delete the bridge IP

We can now delete the IP address from the bridge, since we don’t need one :

ip a del 192.168.1.200/24 dev br-home-net

The IP 192.168.1.200 can be used as bridge on multiple docker host, since we don’t use it, and we remove it.

1 Like