dgwharrison Posted November 8, 2018 Share Posted November 8, 2018 (edited) Hi so my dockers are getting IPs the way they're supposed to, 172.17.0.2 for example. However they don't seem to be able to communicate with each other by hostname so I can't get sonarr to talk to sabnzbd by any other means than IP. The problem is when the dockers are restarted, be that the system or manually, they're given new IP addresses, reusing the old ones. So say I tell sonarr to find sabnzbd on 172.17.0.2, after a reboot, it might be 172.17.0.3 and I have to manually reconfigure. This sucks. I've not used docker a lot, but I last time I did I recall being able to use host names. I surely can't be the only one with this problem, so I figure I've missed something. Any ideas? Edited November 12, 2018 by dgwharrison solved Quote Link to comment
whipdancer Posted November 8, 2018 Share Posted November 8, 2018 I don't have this problem. Have you checked out any of @SpaceInvaderOne's videos? It sounds like you didn't set up your dockers using (what I assume is) the common setup. Pay special attention to the configuration section in this one for Sonarr for instance. Quote Link to comment
dgwharrison Posted November 8, 2018 Author Share Posted November 8, 2018 20 minutes ago, whipdancer said: I don't have this problem. Have you checked out any of @SpaceInvaderOne's videos? It sounds like you didn't set up your dockers using (what I assume is) the common setup. Pay special attention to the configuration section in this one for Sonarr for instance. Yeah, I've done the same as he has. My problem is the IP isn't persistent, it's doled out 172.17.0.2, 172.17.0.3 etc in the order of the startup of the dockers. If you shut them all down then start them again in a different order they'll have different IP addresses. Which is obviously a pain... Quote Link to comment
dgwharrison Posted November 8, 2018 Author Share Posted November 8, 2018 (edited) The only thing I can think of is maybe my docker settings are wrong but there is nothing to adjust at all... Edited November 8, 2018 by dgwharrison Quote Link to comment
whipdancer Posted November 8, 2018 Share Posted November 8, 2018 (edited) Why are you giving your dockers their own IP addresses? I've watched almost all of his videos and I don't recall giving any of my dockers their own IP address. Edited November 8, 2018 by whipdancer Quote Link to comment
dgwharrison Posted November 8, 2018 Author Share Posted November 8, 2018 10 minutes ago, whipdancer said: Why are you giving your dockers their own IP addresses? I've watched almost all of his videos and I don't recall giving any of my dockers their own IP address. Um, I didn't make my self clear I guess, because that's not what I'm doing. What I said is that there appears to be no lease, not that there is no DHCP. DHCP is assigning 172.17.0.0/16 just fine the problem is it doesn't remember which docker (MAC address) has which IP address. This is generally referred to as the lease and for something like docker with a /16 subnet I would have thought that lease was forever in duration. Quote Link to comment
whipdancer Posted November 8, 2018 Share Posted November 8, 2018 (edited) Given my limited knowledge of dockers.... For Unraid specifically... I didn't create anything specific for my dockers when it comes to IP addresses. All my dockers inherit my server's IP address. My dockers are accessed via PORT number. Did you change the default settings under settings > docker settings? (I think it's under settings for the docker engine)? Edited November 8, 2018 by whipdancer 1 Quote Link to comment
SpaceInvaderOne Posted November 8, 2018 Share Posted November 8, 2018 5 hours ago, dgwharrison said: Hi so my dockers are getting IPs the way they're supposed to, 172.17.0.2 for example. However they don't seem to be able to communicate with each other by hostname so I can't get sonarr to talk to sabnzbd by any other means than IP. The problem is when the dockers are restarted, be that the system or manually, they're given new IP addresses, reusing the old ones. So say I tell sonarr to find sabnzbd on 172.17.0.2, after a reboot, it might be 172.17.0.3 and I have to manually reconfigure. This sucks. I've not used docker a lot, but I last time I did I recall being able to use host names. I surely can't be the only one with this problem, so I figure I've missed something. Any ideas? Is there any reason why you need to have the same ip assigned to a container or to connect through hostname each time it starts. For most purposes you would use the servers ip address and the port which the container is using to access the container. For example for me nzbget is on port 6789. So to access it i type the ip of my Unraid server (10.10.20.199) the the port So 10.10.20.199:6789 So if i wanted to configure sonarr to talk to nzbget i would tell it to use that ip as that mapping will not change. However there may be use cases where by you might want to have containers talk by host name. For example using a reverse proxy it is easier to use hostnames. To do this you have to use a custom docker network. I showed how in the video i made on letsencypt reverse proxy here that you may want to check out. https://youtu.be/I0lhZc25Sro?t=688 1 Quote Link to comment
ken-ji Posted November 11, 2018 Share Posted November 11, 2018 Just to make things clear for everybody. Docker networks do not have a real DHCP server in the the usual sense. Docker networks do not interact with a DHCP server on that subnet either What docker simply does is it grabs the next free IP in the docker network, and assign it to the container. If the container stops (or leaves the network), the IP is automatically marked as free and available for the next container that requests an IP. The correct way to have DNS-like names is to do docker linking - which I don't like as its messy and doesn't persist across reboots The other correct way that's persistent is to assign IP addresses to each container that needs it and add it into your LAN's DNS server. 1 Quote Link to comment
dgwharrison Posted November 12, 2018 Author Share Posted November 12, 2018 Hi @ken-ji, @SpaceinvaderOne & @whipdancer Thanks for your help. I ended up solving this problem by switching the network of all my dockers back to host only and referring to each docker as localhost and using the port numbers. It works fine. @SpaceInvaderOne I was actually wondering about how to get an ssl certificate with lets encrypt so I will definitely watch that video thanks. Quote Link to comment
CaryV Posted November 27, 2019 Share Posted November 27, 2019 Good job dgw! I knew I ran across some blurb long ago about how to setup Radarr and Sonarr so that the IP did not have to be respecified for the dowload client(s) each and every time that the (host) system is rebooted... gets REAL tiresome after a while. (AND, I don't quite understand why so many people didn't understand what you were talking about.) Yea, I saw all of SpaceInvaderOne's videos (when I was new to unRaid) – he does a great job of providing pertinent info in a 'condensed' format in order to shortcut the 'learning curve' (to get up and running ASAP); BUT NO, I don't recall that he went over this one. (Or, believe me, I would have done it. Maybe an updated video is in order.) So, in less than a minute, applied your resolve to see. Yep, it works! Just change specification of Network Type from "Bridge" (default) to "Host" in the docker's template and then in Settings for the Download Client(s) replace the "HARD-CODED" IP (that usually changes with every reboot of the system) with "localhost". That combined with the correct Port number (in the next field) and VOILA! Hit "Test" and "successful" communication where it didn't work before (unless the proper, CURRENT IP for unRaid server was input). (Spelled it all out here so that every one can follow what it takes to NEVER HAVE TO CHANGE THE IP ADDRESS AGAIN!) Thanks for providing the answer – this is what the 'community' is all about! 1 Quote Link to comment
Ioannis Posted November 28, 2019 Share Posted November 28, 2019 If you want your containers to be able to resolve other containers using their names, you have to use custom networks. It's easy, provides isolation and just works. AFAIK, Unraid doesn't give you the option to create custom docker networks but it's easy to do from the command-line: docker network create <your_net_name> After you create a network, assign all the containers you want to communicate with each other using their names to this network. For example, you could put sonarr, radarr, sabnzbd in a network called "media". Those containers will then be able to communicate with the rest that are on the same network using just the container's name. If a container needs to contact another container that is on a different network (e.g. the default "bridge" network), it will have to use the server's IP. If you try this and it works and you 're happy, you need to configure Unraid to remember custom docker networks across reboots. This is a yes/no option in the docker settings page (you need to stop the docker engine first and switch to advanced view to see the option IIRC - sorry not in front of Unraid UI atm). HTH Quote Link to comment
dnLL Posted March 26, 2020 Share Posted March 26, 2020 On 11/11/2018 at 2:00 AM, ken-ji said: Just to make things clear for everybody. Docker networks do not have a real DHCP server in the the usual sense. Docker networks do not interact with a DHCP server on that subnet either What docker simply does is it grabs the next free IP in the docker network, and assign it to the container. If the container stops (or leaves the network), the IP is automatically marked as free and available for the next container that requests an IP. The correct way to have DNS-like names is to do docker linking - which I don't like as its messy and doesn't persist across reboots The other correct way that's persistent is to assign IP addresses to each container that needs it and add it into your LAN's DNS server. This is an old thread/post but I can't find accurate information anywhere. Can't dockers get IP addresses assigned by my DHCP server (which is my pfSense router) rather than having Unraid just giving them the first "free" address (which bypasses completely the DHCP server which can create IP duplicates if not configured in a separate subnet)? What if I would like to have my router (pfSense) in-between my dockers and the LAN? I guess it's just a limitation of the docker engine since it shares the host's ressources such as the NIC. Quote Link to comment
ken-ji Posted March 26, 2020 Share Posted March 26, 2020 1 hour ago, dnLL said: Can't dockers get IP addresses assigned by my DHCP server (which is my pfSense router) rather than having Unraid just giving them the first "free" address (which bypasses completely the DHCP server which can create IP duplicates if not configured in a separate subnet)? This seems to be caused by the simple fact that there is no DHCPv4 client running in any container. Add to the fact that usually userland processes are not allowed to touch the network settings of the container, so the engine has to assign the IP (or the container specifies the IP to be assigned. I guess that its possible to have a DHCP-like plugin to the docker network system, but the developers were never interested in developing such a plugin. In IPv6, the same is in effect with the exception of the fact that SLAAC is configured at the kernel level, so the container can auto learn and set IPv6 networking, but again, DHCPv6 also doesn't assign IPv6 addresses to containers. 1 hour ago, dnLL said: What if I would like to have my router (pfSense) in-between my dockers and the LAN? I guess it's just a limitation of the docker engine since it shares the host's ressources such as the NIC. Still won't work as the container engine does not actually consult with what's on the LAN and just obeys how the docker network has been configured. Quote Link to comment
dnLL Posted March 26, 2020 Share Posted March 26, 2020 40 minutes ago, ken-ji said: This seems to be caused by the simple fact that there is no DHCPv4 client running in any container. Add to the fact that usually userland processes are not allowed to touch the network settings of the container, so the engine has to assign the IP (or the container specifies the IP to be assigned. I guess that its possible to have a DHCP-like plugin to the docker network system, but the developers were never interested in developing such a plugin. In IPv6, the same is in effect with the exception of the fact that SLAAC is configured at the kernel level, so the container can auto learn and set IPv6 networking, but again, DHCPv6 also doesn't assign IPv6 addresses to containers. Still won't work as the container engine does not actually consult with what's on the LAN and just obeys how the docker network has been configured. Interesting. So static IPs that magically "fit" into my network design are the best option if I can't have DHCP reservations and do need fixed IPs for whatever reason, correct? And if I want network isolation... well, that means I need hardware isolation which means dockers isn't adapted for that specific need and I should use VMs, correct? I'm looking at Wireshark right now and when my dockers are talking to the WAN, they do go through my router and the firewall (ie. having a static IP, I could block communications of a specific docker to the WAN). They also go through pfSense if they have to talk to my desktop. However, they don't go through pfSense when they're talking to anything related to Unraid (host, VM or docker), it stays inside Unraid network. Is there any way to configure Unraid networks to actually go through my firewall? I made a separate thread for this: Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.