Can I Assign a Docker Container to eth1?

[bnevets27]

Is it possible to assign a docker container to a different physical port then unRAID, ie eth1?

[bnevets27]

Maybe I didn't explain what I want to do very well? I would like a docker container to have a unique IP address. Additionally I would prefer if I could also have that docker use a secondary Ethernet port exclusively.  Is that possible?

 

Sent from my SM-N900W8 using Tapatalk

 

 

[Squid]

There was a docker container that experimented with that (pipework?) but I'm not sure if it worked. 

 

I'm sure you could really look at the docker run reference and do that through the extra parameters of the template

 

Sent from my LG-D852 using Tapatalk

 

 

[bnevets27]

After reading up on this more via google. It does not seem this is an easy task at all. I guess that explains the lack of responses.

 

Pipework is the docker that is supposed to kinda of do this from what I can tell but its not the most efficient way to do it. Looks like this is something that might become easier over time.

 

I can't believe I'm the only one interested in this though. 

[Bjonness406]

I can't believe I'm the only one interested in this though. 

You are not 

[unevent]

Pipework works, but should not be any need for it on 6.2 as Docker is high enough version to have the new networking capabilities.  Can definitely assign each Docker a specific IP (and MAC address if desired) using pipework.

[bnevets27]

Well that is good news.  Being able to give a docker a specific IP.  But what I would also like to do is assign the docker to a specific physical NIC.  Is that possible in 6.2?

 

Sent from my SM-N900W8 using Tapatalk

 

 

[joelones]

I'd like to know this as well, in fact I asked a similar question some time ago. Since I'm running in ESXi, I'd like to add another NIC (eth1) and assign a particular docker to it. Any headway on this?

 

So 6.2 will have the ability to assign a docker to a specific IP/interface?

[Helmonder]

I am interested also... Am running plex as a VM at the moment because I need it to have a seperate IP address... Would love to use the dockerized version..

[unevent]

For 6.1.x, install the Pipework Docker, no config change for it is necessary.  For your Docker you want to set specific IP, set the network type to 'none', in the extra parameters specify the IP.  In the example below I also specify a custom MAC, but you don't need to unless you need to.

 

-e 'pipework_cmd=br0 @CONTAINER_NAME@ 192.168.2.201/[email protected] 00:0X:XX:XX:XX:E5'

 

Substitute the IP address/CIDR@gateway and a valid random MAC address (or remove it).

 

I have never tried to specify the interface as I chose a different method to isolate traffic, but the Pipework documentation has a section on it: Connect a container to a local physical interface.

 

[bnevets27]

So looks like the answer for 6.1.x is pipework.  Thanks unevent.

 

But since 6.2 is around the corner I would like to know how to implement it in 6.2.

 

There is some useful information in the following quote (thanks Wob76 for the links)

 

 

 

Is this still the best way to get a container on the local LAN if using 6.2 (hand hence docker 1.10)

 

https://hub.docker.com/r/dreamcat4/pipework/ now recommends alternatives for L2 bridging if using Docker 1.10

 

They link to this page (http://stackoverflow.com/questions/35742807/docker-1-10-containers-ip-in-lan)

 

I tried following those steps but get stuck when attempting to bridge the bridge, I am using a bond and the tells me the interface is already bridge and can't be linked.

 

I am trying to move my plex docker onto a different IP so I can monitor its bandwidth usage.

 

 

 

In summary it does definitely looks possible to now natively assign a IP to a docker.  What doesn't seem clear is how to assign a docker a NIC.  It does seem easy enough to assign docker as a whole a NIC but individual containers.  It does sound possible but it also seems like there is a problem (or advantage for some) that the docker assigned a unique NIC now has to talk to the other dockers over the LAN. This is just what I take away from the stackoverflow discussion. 

 

 

 

Sent using Tapatalk

 

[Flick]

6.2 is out. Anyone gotten this to work? I enabled two NICs via the GUI and validated that both are active. However, routing the Deluge docker doesn't seem to be as clear as I would like....

[tinglis1]

I have attempted to use the advanced networking functions with no luck. So I went back to using pipework.

Unraid 6.2 uses docker 1.10 and from what I can tell from the guides online for most are using docker versions newer than that. When looking for help elsewhere on this I usually got the answer of "update docker".

 

 

Sent from my iPhone using Tapatalk

[Flick]

I have attempted to use the advanced networking functions with no luck. So I went back to using pipework.

Unraid 6.2 uses docker 1.10 and from what I can tell from the guides online for most are using docker versions newer than that. When looking for help elsewhere on this I usually got the answer of "update docker".

Ok, thank you. I'll continue to wait <somewhat> patiently. :-)

[tinglis1]

Ok, thank you. I'll continue to wait <somewhat> patiently. :-)

 

What are you trying to do exactly? Is the docker to be run on a physically separate network?

I have static ip addresses for almost all of my dockers to be able to manage traffic or allow for port access.

It is possible just not using the internal docker networking features.

 

 

Sent from my iPad using Tapatalk

[Flick]

What are you trying to do exactly? Is the docker to be run on a physically separate network?

It was said best by someone else trying to do the same thing:

I have a motherboard with two ethernet ports.  One is currently unused.  I'd like to use the second ethernet port (eth1) to allow my dockers to reach the internet (WAN) without impacting traffic on the primary port (eth0) which serves the LAN.  eth0 and eth1 will be on different subnets.

 

I suppose there are two steps here, one is getting Unraid to use eth1, and the other is to configure the dockers to use eth1 instead of eth0 for their attempts to reach hosts outside the LAN subnet.  So for example, in the Deluge docker, I would want the host web UI to be served on eth0, so clients can access the UI on port 8112, but I want the docker's bittorrent activity to occur only on eth1.  Also, I do not want Unraid to serve SMB clients on eth1, only on eth0.

 

Has anyone tried this?

 

The Deluge example is exactly what I'd like to do, with eth1 directly connected to my backup ISP whilst eth0 is on my primary ISP/network. From a physical standpoint, I have this configured and working. eth0 is, as it always has been, connected to my LAN. eth1 is now connected to a WAN/Internet connection and has pulled an IP address from that gateway.

[tinglis1]

In theory this should be achievable using pipework, although I haven't used it with a separate nic.

 

Have a look at the pipework docker; the opening post contains most of the info you need to get started. Pipework Docker

 

- Start by getting the pipework docker from Community Applications. Make sure you get the correct version for your version of unraid.

- I think you may need to remove the second nic from being assigned to unraid. I am not sure about this step and it may need some testing.

- Change the network type to 'None' in the deluge container. Then add the additional parameter of:

-e 'pipework_cmd=eth1 @CONTAINER_NAME@ 192.168.1.100/[email protected]'

make sure you change your ip address and subnet to match.

 

The only part of this process that hasn't been tested is the use of eth1 instead of br0.

 

[Flick]

In theory this should be achievable using pipework, although I haven't used it with a separate nic.

 

Have a look at the pipework docker; the opening post contains most of the info you need to get started. Pipework Docker

 

- Start by getting the pipework docker from Community Applications. Make sure you get the correct version for your version of unraid.

- I think you may need to remove the second nic from being assigned to unraid. I am not sure about this step and it may need some testing.

- Change the network type to 'None' in the deluge container. Then add the additional parameter of:

-e 'pipework_cmd=eth1 @CONTAINER_NAME@ 192.168.1.100/[email protected]'

make sure you change your ip address and subnet to match.

 

The only part of this process that hasn't been tested is the use of eth1 instead of br0.

 

I'll give it a look, thank you. BTW, going by your sig, our Unraid systems are virtually identical.

[tinglis1]

My signature is pretty much up to date. Just changed my unraid version to reflect what i am actually using.

My build has been stable for years now and for the last year I have been using it as my primary workstation as well with GPU passthrough.

[JorgeB]

th The only part of this process that hasn't been tested is the use of eth1 instead of br0.

 

With v6.2 you can bridge all NICs, so eth1 becomes br1, just FYI in case it doesn't work with eth1.

[tinglis1]

@johnnie.black

That is good to know.

Do you have to do anything special to get br1 active?

 

@Flick

I would recommend trying br1 instead of eth1.

 

 

[JorgeB]

Network Settings -> Enable bridging -> Yes

 

E.g., eth4 is for my secondary ISP, have one VM that uses br4

[tinglis1]

I might have to have another go at the Docker networking feature now that I know that unraid creates the other bridges.

This was where I got stuck last time. I could get the IP assigned to the container but could get it to communicate to the NIC.

 

In saying that, my pipework solution is working exactly how I need it to without any interaction so this is probably very low on my list of things to do.

[johnodon]

Docker v1.10 has the ability to assign static IPs to containers, however, you can only do so for a custom, user-defined network.  See here:  https://blog.jessfraz.com/post/ips-for-all-the-things/

 

I haven't had the balls to run the first command to create the network.  If someone is more adventurous that me, have at it and report back. 

 

John

 

 

[tinglis1]

Docker v1.10 has the ability to assign static IPs to containers, however, you can only do so for a custom, user-defined network.  See here:  https://blog.jessfraz.com/post/ips-for-all-the-things/

 

I had a good go at it when 6.2 was in the beta stages and was met by a few issues. It has been a while and cannot remember the details but some of the issues I remember encountering were:

- Unable to successfully connect the docker network to an NIC in unraid. I think the info about the bridges being created a few posts back might be able to help this though.

- When creating the network in docker there was some trickery required to create a gateway the same as your home network. I remember loosing network connectivity from unraid a few times trying that one out as it redirected all unraid traffic back to my docker network.

- Lack of ability to make it work in a set and forget mode. I needed to make scripts that were executed on docker startup to create the network etc.

- I spent a significant amount of time on it and did not get a working result so went back to trying to get pipework going on unraid 6.2. That was a more successful mission.

 

Check out this link if you want to have a go at it. This has a workaround for the gateway issue. Note that this is still an open issue on github so I don't think it matters that we are running Docker 1.10.

 

I may try again at this later but a pipework docker is working in a set and forget mode it is not high on my priority list. Though I do have a couple of dockers that I would like to have their own IP but down behave very well with pipework.

This maybe more viable once the gateway issue is resolved or if all the required steps/scripts are built into unraid/plugin to make it a seamless experience.

 

Ideally, I would like to see the day when you just select a static/dynamic IP from the docker config screen and all the required work is done behind the scenes.