Reputation: 2631
How to change ip address range of docker swarm ingress network
I use a docker swarm 1.13.1, and when I init the docker swarm or join to docker swarm sometimes it creates a docker_gwbridge network in a "172.19.0.0/16" subnet.
But my computer subnet is in the same range, so when it initializes this network the docker swarm host machine becomes inaccessible from my computer.
So my question is: how can I change the subnet of the existing docker network.
> docker network ls
NETWORK ID NAME DRIVER SCOPE
ac1100164960 bridge bridge local
3838ae360f35 docker_gwbridge bridge local
f9a77266aa15 host host local
rgqnm19zbasv ingress overlay swarm
04c1c6b3ade7 none null local
Inspect the network:
> docker network inspect 3838ae360f35
[
{
"Name": "docker_gwbridge",
"Id": "3838ae360f3585f2cda8a43a939643cdd74c0db9bfb7f4f18b3b80ae07b3b9db",
"Created": "2017-03-22T13:26:50.352865644+01:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.19.0.0/16",
"Gateway": "172.19.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Containers": {
"ingress-sbox": {
"Name": "gateway_ingress-sbox",
"EndpointID": "194d965dd2997bddb52eab636950e219043215a5a1a6a60d08f34e454a0eaa56",
"MacAddress": "02:42:ac:13:00:02",
"IPv4Address": "172.19.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.enable_icc": "false",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.name": "docker_gwbridge"
},
"Labels": {}
}
]
Upvotes: 9
Views: 15981
Answers (3)
Reputation: 21
We have worked it out to change the subnet of docker_gwbridge without needing to remove all running services and stopping the docker swarm as follows:
- Disconnect all endpoints from the network.
docker network disconnect -f docker_gwbridge container_name
- Delete the existing interface:
ip link set docker_gwbridge down
ip link del dev docker_gwbridge
- Delete docker network
docker network rm docker_gwbridge
- Re-create the bridge
docker network create \
--subnet 10.11.0.0/16 \
--opt com.docker.network.bridge.name=docker_gwbridge \
--opt com.docker.network.bridge.enable_icc=false \
--opt com.docker.network.bridge.enable_ip_masquerade=true \
docker_gwbridge
- Reboot the host
Upvotes: 1
Reputation: 15112
The general way to solve this, including any (non-ingress) network that gets created for you by docker or other tools like docker-compose, is to set the default address pools in your docker daemon config.
In your case, add to /etc/docker/daemon.json (or ~/.docker/daemon.json for Docker Desktop for Mac), for example:
{
"default-address-pools": [
{
"base": "10.10.0.0/16",
"size": 24
}
]
}
With this, your docker bridge network will get a subnet of 10.10.0.0/24, and your docker swarm docker_gwbridge will get a subnet of 10.10.0.1/24. Any other network that gets created for you like from a docker-compose.yml file, will get the subsequent 10.10.0.2/24 subnet. And so on.
You didn't mention this as an issue, but unfortunately, this doesn't seem to apply to the ingress network.
Upvotes: 5
Reputation: 3559
You can create docker_gwbridge before you initialize the swarm, as explained here.
for example:
docker network rm docker_gwbridge
docker network create --subnet=172.20.0.1/16 -o com.docker.network.bridge.enable_icc=false -o com.docker.network.bridge.name=docker_gwbridge docker_gwbridge
Upvotes: 6
Related Questions
- change docker containers IP address
- Docker compose v3 specify network to be ingress?
- container and node IP addresses in Docker Swarm
- How to set base ip address for all new docker networks
- Wrong IP address in docker swarm service
- Whitelisting IP Addresses in Azure Docker Swarm
- Docker Swarm Service IP High-availability
- docker swarm published port range
- Set 1 IP for each docker service
- Docker 1.12 Swarm Service External IP