New to Docker need assistance

Hello Everyone,

I am very new to docker although I understand how it works I am having issues on the networking side of things. I tried to create a network with docker network create to get the containers to talk on my network I have two segments xxx.xxx.1.0 (net1) and xxx.xxx.10.0 (net10).

I have some ips I need to exclude so I used this to create it:
docker network create –driver=bridge --subnet=xxx.xxx.10.0/24 --ip-range=xxx.xxx.10.0/24 --gateway=xxx.xxx.10.1 MYNET --aux-address=xxx.xxx.10.xxx

The driver bridge I am not sure if it’s correct because 172.17.0.0/16 is assigned to it. What do I use to bridge my network to the host adapter? Also is there a way to exclude an ip-range without having to make my command 30 words long (by word I mean –aux-address=xxx.xxx.10.xxx)

Can I do this in the Dockerfile if so does someone have a good tutorial that I can look at?

My Docker version is:
Server:
Engine:
Version: 17.12.1-ce
API version: 1.35 (minimum version 1.12)
Go version: go1.9.4
Git commit: 7390fc6
Built: Tue Feb 27 22:15:56 2018
OS/Arch: linux/amd64
Experimental: false

My OS is Debian 9.3

Hardware is 32 gb of ram AMD 8 core cpu with 16tb of external storage.

Thank you,
Michael

so, good luck with this… i have been struggling for a couple years to do what you want… and it works sometimes (on my real linux hardware box) and not others. (any VM, windows, linux or mac).

i wrote some bash scripts to launch my containers

NETWORK=

get the address of the docker host, its gw and netmask, to use on the containers network, so its addresses are good and route thru the proper gateway router

#!/bin/bash
# ip_address_for_network
ROUTE_INFO=$(ip route | grep default )
IPGW=$(echo $ROUTE_INFO | awk '{ print $3}')
IP_INTERFACE=$(echo $ROUTE_INFO | awk '{ print $5}')
OUR_ADDRESS=$(ip addr | grep -A1 $IP_INTERFACE | grep "inet " | awk '{print $2}' | awk -F "/" '{print $1}')
NETINFO=$(ip route | grep -m1 $OUR_ADDRESS | awk '{print $1}')
echo --gateway=$IPGW --subnet=$NETINFO

create the network with that info and some name (if it doesn’t already exist)

'docker network create ./ip_address_for_network $NETWORK_NAME'

calc a mac address for the containers planned hostname

#!/bin/bash
# mac_from_hostname
echo $1|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'

use a busybox container to call dhcp server on my network to get a free ip address

#!/bin/bash 
# ip_address_for_container
echo $(docker run  --net $2 --rm --cap-add NET_ADMIN --mac-address $1 busybox udhcpc -x "hostname:$3" 2>&1 | grep lease | awk '{print $4}')

then use all that info when starting the container

MAC_ADDRESS=$(./mac_from_hostname $DASHBOARD_NAME)
CONTAINER_IP_ADDRESS=$(./ip_address_for_container $MAC_ADDRESS $NETWORK_NAME $DASHBOARD_NAME)
NETWORK+="--net $NETWORK_NAME  --mac-address $MAC_ADDRESS --ip $CONTAINER_IP_ADDRESS "

CONTAINER_ID=$(docker run --rm $DAEMON --name=$DASHBOARD_NAME $NETWORK -h VS-DASHBOARD .....

warning, creating the same network address range across multiple docker hosts will cause duplicate IP addresses assigned to containers, unless YOU write code to manage assignment, if you cannot use DHCP… which will almost never work. cause the protocl uses UDP, using MAC addresses… which will fail if the docker host is not running its network adapter in promiscuous mode (really never allowed in production environments, azure, aws, …)

1 Like

Thank for your response Sam, I appreciate it.

glad I could provide info.

the app i started using docker for will NOT run using the docker networking.
due to its internal networking design.

the systems the components run on MUST be directly addressable, as the app doesn’t support NAT at all.

and I understand that my attempted use is outside the docker intended design.

Yes I am not sure why they did that. It’s unfortunate, Well I know why they did so they can be Isolated from the real world so to speak.

the objective was to install multiple apps, some of the same at different levels on the same host at the same time, without having to muck up the host at all. and without having to use virtualization, which is not available everywhere

AND make those ‘encapsulated’ apps (images) portable to other systems with the same runtime… customer install goes away…

lots of good objectives… just not some that would help me (and you)

That makes sense, I should know this lol we use it at work where we have a Joyent Triton cloud with the DockerAPI exposed to joyent so we can create docker containers and some how they have it exposed to our networks so when I create a container there all i have to do is

docker run -dit -p 9116:9116 --name test-app --label triton.cns.service=“test-app” –label ext.network.public=“NetworkName” image

The bold part is what I am wondering how it is implemented so that I can give it an ip.

But yes i know what ya mean.