Hi,
I figured out how to get docker containers to join an existing network with putting “networks” into the respective sections of the docker-compose.yml
If I want to also give them fixed ip’s on this network, what would the syntax look like in the docker-compose.yml?
There is a docker internal DNS, you can just resolve IPs by service name/container_name.
Yes, and you can also control that as well by messing with docker network groups. I find the ability to network into docker servers from the host to be super simple.
What I haven’t figured out yet is whether or not I can give my docker services their own IP on my router for access from another system on a fixed or reserved IP.
What I haven’t figured out yet is whether or not I can give my docker services their own IP on my router for access from another system on a fixed or reserved IP.
You can. You have to set up a macvlan on your network and then assign an IP to your container that sits on your router’s subnet.
I can only use traefik with a macvlan because Synology DSM uses ports 80 and 443. I assign traefik its own IP and use pihole’s DNS to route wildcard subdomain to it.
I wrote a guide in my trillium notes. If you’re interested I can share.
I see. Sure, that’s a valid way to manage networking. I personally don’t like to do this manually anymore, just like I don’t drive stick shift anymore.
If you want to expose a service to the WWW I’d recommend using a reverse proxy. E.g. I use Traefik 2; it gets the config needed automatically from 5-6 labels per container and I don’t need to bother with IPs, certificates, NAT and what have you. It just creates virtual hosts procures a LetsEncrypt certificate and directs the traffic to the target container completely on its own.
Spinning up a container and trying it out with its own subdomain with correct SSL certificates immediately never has been easier. (I have a “*” DNS entry to my Treafik server).
You also could try installing cloudflared and create a Cloudflare tunnel. This way you don’t even have to forward any ports in your router.
Just some tips, if you want to explore new things :)
I do not use docker-compose, but if it helps point you in the right direction, I’ve been using Mac VLANs to have all my containers have their own MAC address and IP.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
I have never cared about the IP addresses of my docker containers and never will.
Why do you? There is a docker internal DNS, you can just resolve IPs by service name/container_name.
Yes, and you can also control that as well by messing with docker network groups. I find the ability to network into docker servers from the host to be super simple.
What I haven’t figured out yet is whether or not I can give my docker services their own IP on my router for access from another system on a fixed or reserved IP.
You can. You have to set up a macvlan on your network and then assign an IP to your container that sits on your router’s subnet.
I can only use traefik with a macvlan because Synology DSM uses ports 80 and 443. I assign traefik its own IP and use pihole’s DNS to route wildcard subdomain to it.
I wrote a guide in my trillium notes. If you’re interested I can share.
I see. Sure, that’s a valid way to manage networking. I personally don’t like to do this manually anymore, just like I don’t drive stick shift anymore.
If you want to expose a service to the WWW I’d recommend using a reverse proxy. E.g. I use Traefik 2; it gets the config needed automatically from 5-6 labels per container and I don’t need to bother with IPs, certificates, NAT and what have you. It just creates virtual hosts procures a LetsEncrypt certificate and directs the traffic to the target container completely on its own.
Spinning up a container and trying it out with its own subdomain with correct SSL certificates immediately never has been easier. (I have a “*” DNS entry to my Treafik server).
You also could try installing cloudflared and create a Cloudflare tunnel. This way you don’t even have to forward any ports in your router.
Just some tips, if you want to explore new things :)
I do not use docker-compose, but if it helps point you in the right direction, I’ve been using Mac VLANs to have all my containers have their own MAC address and IP.