March 10, 20188 yr @ken-ji @bonienl I'm not an expert on docker or networking so I'm not sure if this is possible. What I want is to create a second docker network so I can run 2 containers listening on the same IP but different ports. I think I need a new network for this because I want one container to listen on port 80 and the other on 443. These ports are currently used by unRAID so I cant have the containers running on the bridge network with the same IP as unRAID. I only have one eth device and I cant use VLANs, just to make it harder/impossible Is there a way I can do this? Thanks in advance Edited March 10, 20188 yr by cheesemarathon
March 12, 20188 yr You can do this "in a really manual way", but I only recommend it if you understand iptables yourself. First you'll need to assign another IP to unRAID eth0/br0/bond0 192.168.1.0/24 is our LAN 192.168.1.1 - router 192.168.1.2 - unRAID 192.168.1.3 - unRAID 2nd IP When a container is created, there should be no port mappings Then the iptables fun begins. Grab the IP of the container docker inspect container_name | grep IpAddress assume: 172.17.0.2 then setup iptables mappings for it iptables -t nat -A DOCKER ! -i docker0 -d 192.168.1.3 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.17.0.2:80 iptables -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT Caveat: It's been a while since I've done something like this so my iptables commands is likely missing something. But the bottom line is that you can use iptables to NAT connections to the 2nd IP, even on ports occupied by unRAID or other containers. Hope this helps.
March 12, 20188 yr change network type in the docker from host/bridge to custom/bro and assign a new ip address to the docker. make sure you list those addresses in your router otherwise you may have conflicts.
March 12, 20188 yr @1812 Its not quite what he wanted. He wanted to use two docker containers and make them share the same IP. On 3/11/2018 at 3:49 AM, cheesemarathon said: What I want is to create a second docker network so I can run 2 containers listening on the same IP but different ports. I think I need a new network for this because I want one container to listen on port 80 and the other on 443. These ports are currently used by unRAID so I cant have the containers running on the bridge network with the same IP as unRAID. So I gave him a possible solution.
March 12, 20188 yr 7 hours ago, ken-ji said: @1812 Its not quite what he wanted. He wanted to use two docker containers and make them share the same IP. So I gave him a possible solution. assign the same ip and change the assigned ports.
March 12, 20188 yr Author 6 minutes ago, 1812 said: assign the same ip and change the assigned ports. I tried this. Changing the network type to custom works for the first IP but the second container you try to create the command fails. As the IP is already used. Unless I'm doing something wrong?.....
March 12, 20188 yr Author 10 hours ago, ken-ji said: You can do this "in a really manual way", but I only recommend it if you understand iptables yourself. First you'll need to assign another IP to unRAID eth0/br0/bond0 192.168.1.0/24 is our LAN 192.168.1.1 - router 192.168.1.2 - unRAID 192.168.1.3 - unRAID 2nd IP When a container is created, there should be no port mappings Then the iptables fun begins. Grab the IP of the container docker inspect container_name | grep IpAddress assume: 172.17.0.2 then setup iptables mappings for it iptables -t nat -A DOCKER ! -i docker0 -d 192.168.1.3 -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.17.0.2:80 iptables -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT Caveat: It's been a while since I've done something like this so my iptables commands is likely missing something. But the bottom line is that you can use iptables to NAT connections to the 2nd IP, even on ports occupied by unRAID or other containers. Hope this helps. Thanks for the help. I will try this later this week.
March 12, 20188 yr 1 minute ago, cheesemarathon said: I tried this. Changing the network type to custom works for the first IP but the second container you try to create the command fails. As the IP is already used. Unless I'm doing something wrong?..... weird. I swear I did this a month ago... guess I could be wrong?
March 12, 20188 yr Author Just now, 1812 said: weird. I swear I did this a month ago... guess I could be wrong? Do you still have the containers running? Check the config?
March 12, 20188 yr 1 minute ago, cheesemarathon said: Do you still have the containers running? Check the config? no, I was playing around with some things. if I can find a some time today, I'll try and replicate, if I can.
March 12, 20188 yr Author no, I was playing around with some things. if I can find a some time today, I'll try and replicate, if I can.ThanksSent from my Pixel using Tapatalk
March 12, 20188 yr You can not assign twice the same IP address within a custom network, Docker does not allow that. Another way to achieve your goal is to set both containers as "bridge" network and make use of port translation. Since ports 80 and 443 are already used by unRAID, you can assign different 'host' ports to the containers, e.g. 8080 -> 80 and 8443 -> 443. This has the advantage that everything can be done thru the GUI and doesn't require special tricks.
March 12, 20188 yr Author 9 minutes ago, bonienl said: You can not assign twice the same IP address within a custom network, Docker does not allow that. Another way to achieve your goal is to set both containers as "bridge" network and make use of port translation. Since ports 80 and 443 are already used by unRAID, you can assign different 'host' ports to the containers, e.g. 8080 -> 80 and 8443 -> 443. This has the advantage that everything can be done thru the GUI and doesn't require special tricks. Unfortunately this won't work. The application is for a download cache for steam, Origin, Windows updates etc. I cant change the port they get their updates from there for the containers must run on port 80 and 443
March 12, 20188 yr 5 minutes ago, cheesemarathon said: Unfortunately this won't work. The application is for a download cache for steam, Origin, Windows updates etc. I cant change the port they get their updates from there for the containers must run on port 80 and 443 If you are running unRAID 6.5 (currently in RC), you have the possibility to change the unRAID ports and make 80 + 443 available to your containers. Maybe useful for you? In this case you would assign "host" network to your containers. Edited March 12, 20188 yr by bonienl
March 12, 20188 yr found a minute, attempted to recreate using Krusader, docker hung, crashed server, spilled my coffee, scared the dog, morning ruined. probably shouldn't do what I said.
March 12, 20188 yr Author 12 minutes ago, 1812 said: found a minute, attempted to recreate using Krusader, docker hung, crashed server, spilled my coffee, scared the dog, morning ruined. probably shouldn't do what I said. Haha, that actually made me laugh rather hard. I think I'll stay clear of your suggestion.... Just moved to 6.5 to try bonienl's suggestion
March 12, 20188 yr found a minute, attempted to recreate using Krusader, docker hung, crashed server, spilled my coffee, scared the dog, morning ruined. probably shouldn't do what I said.Don't worry, it's all in the name of science. Sent from my LG-H815 using Tapatalk
Archived
This topic is now archived and is closed to further replies.