all the containers change IP addresses frequently. For home assistant a static IP address of the proxy manager is mandatory in order to reach it. For jellyfin it is useful to see which device accesses jellyfin. If the IP always changes, it doesn’t work properly.

How do I fix a container IP with podman compose (or docker)

@Decronym@lemmy.decronym.xyz
bot account
link
fedilink
English
-1
edit-2
7M

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

Fewer Letters More Letters
DHCP Dynamic Host Configuration Protocol, automates assignment of IPs when connecting to a network
DNS Domain Name Service/System
HTTP Hypertext Transfer Protocol, the Web
IP Internet Protocol
VPN Virtual Private Network
nginx Popular HTTP server

[Thread #645 for this sub, first seen 31st Mar 2024, 09:55] [FAQ] [Full list] [Contact] [Source code]

@superbirra@lemmy.world
link
fedilink
English
27M

nginx is no acronym or other shit you bad bot :P

walden
link
fedilink
English
2
edit-2
7M

For my setup/workflow, individual containers don’t get static IPs, but the machine that they run on gets a static IP. Docker is running on some sort of machine (either bare metal or a VM) which gets a static IP in my router’s settings.

Jeena
link
fedilink
English
-127M

A container does not have an IP, only a network card has an IP. Containers normally use a specific port which normally is not changing like 8080 or 8123, etc. I think you misunderstood something with your setup.

@GravitySpoiled@lemmy.ml
creator
link
fedilink
English
17M

I rather worded it poorly

Nah. Your question was fine. The person who responded to you was just wrong. Hopefully you’ve seen the other replies to their comment.

poVoq
link
fedilink
English
27M

Inside the virtual docker network they do have temporary IPs and hostnames. But it is pointless to reference these IPs, just use the hostnames which should be identical to the container name.

Max-P
link
fedilink
English
7
edit-2
7M

The containers all have IPs unless you use the “host” network type, in which case it just stays in the host namespace, or “none” which ends up with an empty network namespace. And the IPs can indeed change. This is also why multiple containers can bind to the same port without colliding with eachother.

Docker kind of hides it from you because when you use -p to publish a port, it sets up a proxy process for you to pass traffic from the port on the host to the port on the container.

You usually have a docker0 bridge with an IP like 172.16.0.1, and if you run ip a in a container it’ll have a single interface with an IP of 172.16.0.2.

https://docs.docker.com/network/

Max-P
link
fedilink
English
37M

Those are just the basic ones too, when macvlan, macvtap, ipvlan gets involved it gets even crazier. You can directly attach containers to the network such that your router assigns it an IP via DHCP like it’s just another device plugged on your network.

You can also share a network namespace with multiple containers, usually kubernetes/podman pods to enable for sidecar containers like Filebeat, Consul, Envoy, etcd and so on.

If you use rootless containers, it’ll use slirp4netns to emulate the network entirely in userspace.

In the cloud you usually end up with your pods directly attached to your VPC as well, like AWS Fargate serverless offerings.

lemmyvore
link
fedilink
English
17M

You can specify a fixed IP range for a container in the private address space instead of letting Docker pick one. You can also pick a specific IP on that range for each container. You can also attach to the host public interface and get an IP from your LAN DHCP, or pick a MAC adress so you can get the same IP address each time from DHCP (as well as a name on the LAN DNS if you want).

If you have everything in a compose stack, you can use the container name. Docker (and im sure podman) will do a dns resolution to the IP.
So you can use http://jellyfin:8000 instead of http://172.28.50.11:8000 (or whatever internal docker IPs are).
Not sure if it works outside of a compose stack. Might use different container name schemes (where inside a compose stack it would be “jellyfin”, outside it might be “media-jellyfin-1” depending on folder names and various configs)

@GravitySpoiled@lemmy.ml
creator
link
fedilink
English
27M

So far I wasn’t successful with that method in home assistant. I use that method in arr

@ikidd@lemmy.world
link
fedilink
English
37M

You need to create and specify a docker network to get different compose stacks to talk together directly. Default networks are separated between stacks, and have to bounce out to the host and back in, hence are only able to use the exposed ports of the target stack.

You can also specify the IPs that individual services use inside that network if you wish, but docker should handle name resolution within a network.

@Mjpasta710@midwest.social
link
fedilink
English
8
edit-2
7M

You declare the ip in your setup, or in the yaml file. An example for the docker-compose file is in the link below. I’d expect you’ll want to declare the network and such as well, if you’re not familiar.

https://gist.github.com/natcl/3d881d00a56c8a961e6dab8ba51a5a37

@GravitySpoiled@lemmy.ml
creator
link
fedilink
English
17M

Thx. That helps a lot

@GravitySpoiled@lemmy.ml
creator
link
fedilink
English
27M

It worked, thank you

chiisana
link
fedilink
English
17M

This feels like an anti-pattern that should be avoided. Docker compose allows for scaling individual services to have more than one instance. By hard assigning an IP address to a service, how is that going to be scaled in the future?

I don’t know how to reconcile this issue directly for NPM, but the way to do this with Traefik is to use container labels (not hard assigning IP address) such that Traefik can discover the service and wire itself up automatically. I’d imagine there should be a similar way to perform service discovery in NPM?

@aksdb@lemmy.world
link
fedilink
English
47M

The bigger issue (IMO) is, that you now have a hard requirement on the startup order of your services. If another one happens to get the IP assigned automatically befor your service starts that requests it explicitly, you now have a conflict that you manually have to resolve.

DNS is the only sane solution here.

lemmyvore
link
fedilink
English
07M

DNS can also give you some headaches. If you also need to reach other things on the LAN by name, or want to have a mesh VPN going with Tailscale, now you have to juggle three DNS domains.

@aksdb@lemmy.world
link
fedilink
English
37M

I meant DNS within your container network. Exposed stuff should be mapped to host ports.

Justin
link
fedilink
English
37M

docker compose isn’t really scalable. If you need automatic, hgih availability load balancing, you should look into Kubernetes Ingress.

chiisana
link
fedilink
English
27M

It’s not as a fully scalable solution, no. Without swarm, last I checked, it cannot even really run on multiple instances. However, it does have the functionality to scale individual services within the same host if resources are available and the service can benefit from such a scaling. It is not very uncommon to see something require multiple worker instances and this breaks that paradigm.

Service discovery will certainly play a much larger role in even more orchestrated systems, but doesn’t mean it shouldn’t start here.

lemmyvore
link
fedilink
English
17M

Docker can keep track of assigned ranges. It will either allocate around them or tell you there’s a conflict if you have explicit overlaps, and refuse to start the container.

Also, for most self-hosters scaling is the least of their needs.

chiisana
link
fedilink
English
17M

Except it is explicitly being told to use a singular IP address here. So the engine is either going to go against explicit assignment or going to create a conflict within its own network. Neither of which are the expected behavior.

Just because people are self hosting, doesn’t mean they should be doing things incorrectly.

@Mjpasta710@midwest.social
link
fedilink
English
2
edit-2
7M

This was a fast response, and doesn’t cover the whole scope of handling networking in docker. As mentioned elsewhere there is a different network philosophy for Standalone Containers & Overlay networking.

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 124 users / day
  • 419 users / week
  • 1.16K users / month
  • 3.85K users / 6 months
  • 1 subscriber
  • 3.68K Posts
  • 74.2K Comments
  • Modlog