Hello everyone,

I am very new to Linux, so please bear with me if I have some basic questions.

I have installed the latest version of Ubuntu and chose Docker through Snap during installation (according to Google information).

The path of the Docker installation is: /snap/docker/current/config. The root directory, according to Portainer, is portainer/snap/docker/common/var-lib-docker.

Docker uses the 172.16.0.0/16 network by default, which causes issues with accessibility over VPN and other networks that operate in the 172.20.x.x range, etc.

I found out that you can change the network settings in the daemon.json file. However, I cannot edit this file using either sudo vi or sudo nano.

According to Google, the following entry in the daemon.json should help, adjusting the network to a /24 subnet starting from 33, which would be ideal in my case:

json
{
“log-level”: “error”,
“bip”: “172.26.33.1/24”
}

thanks a lot!!

We must have been using a different Google. Never use the snap package

More information here: https://youtu.be/ItSuWaxdHhA?t=91

Hello, thanks for the response.

I can’t follow you.

Am I not allowed to use snap? Do I have to reinstall?

It comes from the Ubuntu installation.

But what does that change about my problem?

I am currently glad that my docker is running, as I really don’t know much about Linux and docker Linux.

The Snap installation for Docker is broken, so yes, uninstall and reinstall from a better source

What is broken? How do I change the default IP range now? Reinstalling for someone who has no idea is not easy, without data loss.

Don’t you think I should first change the IP range, then learn, and then reinstall? Everything else is running stable.

And why I’m not allowed to use snap and what exactly it is, should be something to learn beforehand.

Feel free to use whatever Docker distribution you want. Though, if you want to have vanilla Docker behavior, that aligns with the official documentation, we do recommend to use Docker from the official docker repos.

Every other distribution may or may not be modified in some areas we don’t know about, to align with the philosophy of the os, and their own versions of the depencies. The support channel for non-vanilla docker distributions are either the Linux Distribution’s support channel, or the maintainer of that particular distribution.

The snap version definitely does not behave like vanilla docker in terms of what host paths can be used for bind-volumes and where the configuration is stored. The support channel for the snap version is whatever canonical provides for it - they should be able to tell you where the config is stored.

Hello,
I will definitely reinstall everything. But before that, I need time to create a copy of the VM to test everything, and that doesn’t happen quickly. I also don’t understand why I have the snap version—I selected it during the Ubuntu installation, asking it to install snap.

I am also happy to take tips on how to make a full backup of all containers and then restore it. Maybe a checkpoint for the reinstallation would be enough.

But then I am stuck again with the problem that the networks are 172.20.0.0/16. And exactly that is used by all my VPN networks, behind which are around 400 devices all using 172.20.0.0.

So, I still need to change that afterwards.

By default, the docker0 interface should have the ip 172.17.0.1 and use the subnet 172.17.0.1/16

With vanilla docker, you can configure the default bridge ip in /etc/docker/daemon.json like this:

 "bip": "172.17.0.1/24",
 "default-address-pools": [
    {
      "base": "172.30.0.0/16",
      "size": 24
    },
    {
      "base": "172.31.0.0/16",
      "size": 24
    }
  ],

bip defines the ip of the docker0 interface and the subnet cidr it uses. You will need to stop Docker and delete the docker0 interface, in order to be re-created after restarting Docker (a reboot should do it as well).

The default-address-pools are the subnet pools used for user defined networks, if they are created without specifying the subnet during creation. Docker needs to be restarted in order to use the modified settings. The base will define the broader cidr range pool, while size defines the subnet bits used for created networks (24 = 256 ips, is the default value).

Note: existing docker bridge networks will continue to use their cidr ranges. The easiest fix is to docker compose down so the network gets removed as well, and will be re-created based on the default-address-pool settings.

You can run this command to identify which docker network uses conflicting ranges:

docker inspect --format '{{.Name}}:{{(index .IPAM.Config 0).Subnet}}' $(docker network ls -q)

Note: rendering the output of host and none networks will raise errors. For the sake of a simpler command, I didn’t add logic to the format expression to prevent it.

Thank you for the help.
I give up. I’m reinstalling the server completely and hope I can transfer the data over.
I ran various tests, and afterwards, Docker didn’t work at all. I restored yesterday’s backup.

I really don’t have any experience with Linux and Docker yet.

So, I’d be very grateful if you could answer a few questions for me.

1. Ubuntu or Debian?
2. The exact commands to change the IP range. The one from earlier was good, but maybe there’s a guide from someone who ran all the commands on a fresh installation without any containers to change the range: 172.30.0.0/24. The third octet should be sequential.

Thank you and sorry for my current lack of knowledge.

It’s a matter of taste. I personally used Ubuntu for years, but feel like moving to Debian, because Ubuntu migrates more and more packages to snap packages. I am not against snap, but depending on the package, you are either forced to find solution for problems that are introduced by how snap works, or you don’t notice any difference to the normal package version.

It depends on which range you want to change. The subnet for the default bridge aka the docker0 interface? We usually don’t use the default bridge, and use user defined bridges instead.

Then the question is if you want to modify the default-address-pools (Which makes more sense in your situation), or configure a network created in a compose file. But then a /24 network is probably not enough. If you are fine with 172.30.0.0/16, it would make more sense to use it.

Please share the output of: cat /etc/docker/deamon.json, so I can tie in the default-address-pools configuration, without risking loosing any pre-existing configuration.

There is no file in /etc/docker. Do I need to create it?

grafik1018×580 22.8 KB

okay… i created daemon.json.

{
  "default-address-pools":
  [
    {"base":"10.200.0.0/16","size":27}
  ]
}
~

i think its working:

grafik1969×484 38.5 KB

You are allowed to use anything, but anything that is not the official Docker will give you more headache espacially when you are a beginner. And as I always say, everyone should always start with official documentations so use Google for finding the official documentation and search for the installation guide or specific config files. The Docker documentation even has its AI next to the documentation search bar to give you links.

That we know the standard, official way to install and operate Docker I use snap packages sometimes, but when it comes to Docker, I feel it was a mistake to create a snap package for Docker and recommending that to install when you install the operating system. So similarly to @meyay I’m not against snap in general, but I am definitely against snap when it comes to Docker or other container engine.

Since there was no question in your first post regarding that config, I did not react to that part. As far as I remember, changing “bip” also changes the pools of user defined networks (I may be wrong) since the first user-defined network by default is 172.18.0.0/16, so I was waiting for you to be able to edit the config file.

Thanks for the reply. After being told not to use snap and wanting to do it right from the start, I tried migrating to Debian and tested the networks.

In the process, I broke the snap Docker installation. Now I’ve installed Debian and manage everything with Portainer. Changing the bridge IP (BIP) also worked.
Nginx is running, OpenVAS is running, TeslaMate is set up, and then some other unnecessary stuff. I think Portainer is the right solution for beginners.