Link to home
Start Free TrialLog in
Avatar of Chris Waddilove
Chris WaddiloveFlag for Canada

asked on

Docker Networking Accessible on LAN?

Hello All!


I have been trying to learn more about Docker and I've had success in the past with Arch using Docker built-in. Ubuntu is my preference so I've been trying to get a Docker host set up on my existing Ubuntu machine with some rough success. I am under the impression that once a container is deployed using Bridge networking, it should automatically be routed through iptables to the host's IP (at least it seemed to work this way in Arch out of the box).


I have installed Docker & Portainer (using host networking) on Ubuntu 22.04. Both are working great. If I switch Portainer to Bridge networking, it's no longer accessible on the LAN. I can still access it using lynx @ localhost:9443 on the Ubuntu host itself, but it's obviously a bit clunky without a proper GUI.


I've tried deploying multiple containers using Bridge networking, and they all start just fine, console looks fine, but I can only connect via localhost. I can see the port listening in netstat, I can see the iptables rule, and I've opened the port using UFW. If I switch the same containers to Host networking, I am able to access them fine on the LAN. 


While I'm sure I could roll out most if not all of my containers using Host networking, I'd prefer the added layer of security of Bridge networking. Unfortunately due to the fairly generic nature of my problem, searching for help online has left me quite frustrated coming up empty. I am wondering if there is something I am clearly missing here, or where to continue troubleshooting.


Thanks for reading!

Avatar of Peter Hutchison
Peter Hutchison
Flag of United Kingdom of Great Britain and Northern Ireland image

You need to assign a custom bridged network address to the docker configuration:

See Networking with standalone containers | Docker Documentation 


Avatar of Chris Waddilove
Chris Waddilove
Flag of Canada image

ASKER

Sorry "Bridge networking" is what I meant instead of "Docker networking", it's been a long day. I've amended the original post.

Avatar of noci
noci

special bridges, or proxies running on the host.

If you have a lot of such taks, you may want to check a better fitting (network wise) container model: LXD.

In LXD each container get it's own address.   proxmox is an environment that helps a lot to manage such farms.

ASKER CERTIFIED SOLUTION
Avatar of Jason Potter
Jason Potter
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Chris Waddilove
Chris Waddilove
Flag of Canada image

ASKER

I wish I would have done some more troubleshooting before switching to host networking. The only thing I can assume is there was either something wrong specifically with that, or with my portainer install. As soon as portainer didn't work using bridge, I switched to host (where it worked) and continued from there.

I basically started fresh by removing all the containers and volumes. Updated all of my compose yaml's, and tried again without host networking. I was able to start up one of the containers that was previously giving me issues manually. I tried portainer again (without host networking) and it worked fine this time. I deployed another 3 containers using portainer (one of which was giving me issues previously, in addition to the one I mentioned before this). All of them are working fine now, no extra steps required for networking.

Thanks for the assistance!