Hi, I figured out how to get docker containers to join an existing network with putting “networks” into the respective sections of the docker-compose.yml

If I want to also give them fixed ip’s on this network, what would the syntax look like in the docker-compose.yml?

  • MoogleMaestro@kbin.social
    link
    fedilink
    arrow-up
    3
    ·
    2 years ago

    There is a docker internal DNS, you can just resolve IPs by service name/container_name.

    Yes, and you can also control that as well by messing with docker network groups. I find the ability to network into docker servers from the host to be super simple.

    What I haven’t figured out yet is whether or not I can give my docker services their own IP on my router for access from another system on a fixed or reserved IP.

    • ChrislyBear@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 years ago

      I see. Sure, that’s a valid way to manage networking. I personally don’t like to do this manually anymore, just like I don’t drive stick shift anymore.

      If you want to expose a service to the WWW I’d recommend using a reverse proxy. E.g. I use Traefik 2; it gets the config needed automatically from 5-6 labels per container and I don’t need to bother with IPs, certificates, NAT and what have you. It just creates virtual hosts procures a LetsEncrypt certificate and directs the traffic to the target container completely on its own.
      Spinning up a container and trying it out with its own subdomain with correct SSL certificates immediately never has been easier. (I have a “*” DNS entry to my Treafik server).

      You also could try installing cloudflared and create a Cloudflare tunnel. This way you don’t even have to forward any ports in your router.

      Just some tips, if you want to explore new things :)

    • NewDataEngineer@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 years ago

      What I haven’t figured out yet is whether or not I can give my docker services their own IP on my router for access from another system on a fixed or reserved IP.

      You can. You have to set up a macvlan on your network and then assign an IP to your container that sits on your router’s subnet.

      I can only use traefik with a macvlan because Synology DSM uses ports 80 and 443. I assign traefik its own IP and use pihole’s DNS to route wildcard subdomain to it.

      I wrote a guide in my trillium notes. If you’re interested I can share.