Docker Networking Issues

Software & Web Applications
1

I’m new to Docker, currently running just a PLEX server and a Unifi Controller under Ubuntu 20.04…

I recently started to explore things like Greylog and LibreNMS and I’m running into an issue.

I set up PLEX and Unifi as macvlan hosts, mostly so I wouldn’t have to fuss with forwarding or specifying ports, and also because they are on two different dot1q VLANs.

The problem I am having is, Greylog and LibreNMS have several separate containers instead of just one. One for the database, one for memcache, one for syslog-nsg, etc, etc. It appears that if these are done in a non-macvlan environment, it would work rather seamlessly without requiring each container to have it’s own “real” IP. I can port scan each container’s IP for the appropriate app and it appears to respond, but they don’t seem to be able to communicate with each other.

My preference would be to run all of LibreNMS’ associated containers within the same macvlan host, but if that’s not possible, is there any way I can get around the limitation of docker not allowing containers to communicate directly with each other, or the docker host itself? Should I just ditch macvlan altogether?

2

I think you have to create a docker-only network for each of those containers (Greylog for example). I think only one actually needs to be accessible outside of Docker to the rest of the network.

That one will have 2 networks associated with it, 1 for the Greylog network, and 1 with a macvlan address.

This from what I understand from looking into trying to get Zabbix working.

Anyone please correct me on any of this, as I am still trying to get Zabbix working via Portainer.

3

Holy thread-necro, I forgot about this post. :slight_smile:

So anyway, I figured it out. I haven’t gotten Greylog or syslogng working, but to make librenms talk to the other service containers, they’re literally just all on separate macvlan IPs. I’m probably going against the grain by ditching the 172-net/“docker-only” network stuff but to me, as a network guy, that just seems alien. (I did the same thing w/photoprism + mariadb).

You basically just specify (through environment variables or what-have-you) in your docker-compose.yaml file, to connect to the IP or hostname rather than the other docker service container name and it just works.