search

docker / compose

Define and run multi-container applications with Docker
https://docs.docker.com/compose/
Apache License 2.0
34.01k stars 5.23k forks source link

Attach docker0 default-bridge combined with docker-compose internal network #10362

Closed typoworx-de closed 4 weeks ago

typoworx-de commented 1 year ago

Description

I'm struggling around with this problem:

I have a docker-compose stack containing:

I have a internal network to inter connect some (other containers as well) and 'registry-ui' with registry:2. Initially I had port 5000 exposted to my host which works fine for registry.

But working with docker:dind build this container invoked by f.e. gitlab-ci-local runner this instance won't have access to my host exposed registry (running in separate compose-stack).

I was trying to attach registry:2 service to internal network and assign default-bridge docker0 to it. It works doing the attach manually. It also works by disabling network for registry:2 service and replacing it with 'network_mode: bridge' flag. But then the registry-ui frontend cannot connect anymore.

Is it somehow possible to attach the bridge 0 as external network by name or label 'com.docker.network.bridge.default_bridge' to my stack as separate network I can attach to the registry:2 container or even attach it implicit only to that container directly while having another internal network attached?

Obviously this works as it works when I'm doing manual attach. But trying to combine network with bridge and external: true won't work.

Steps To Reproduce

version: "3.7"

networks:
  my-stack:
    external: true

services:
  docker-registry:
    image: registry:2
    restart: on-failure
    hostname: registry-api.php-stack.docker
    network_mode: bridge
    networks:
      - my-stack

  docker-registry-ui:
    image: craneoperator:patched
    restart: on-failure
    depends_on:
      - docker-registry
    networks:
      - my-stack

Compose Version

Docker Compose version v2.16.0

Docker Environment

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
  scan: Docker Scan (Docker Inc., v0.8.0)

Server:
 Containers: 26
  Running: 8
  Paused: 0
  Stopped: 18
 Images: 118
 Server Version: 20.10.7
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: local
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc sysbox-runc crun io.containerd.runc.v2 io.containerd.runtime.v1.linux
 Default Runtime: crun
 Init Binary: docker-init
 containerd version: d71fcd7d8303cbf684402823e425e9dd2e99285d
 runc version: 54ebb8ca8bf7e6ddae2eb919f5b82d1d96863dea
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 5.15.89-xanmod1
 Operating System: Ubuntu 16.04.7 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 12
 Total Memory: 62.6GiB
 Name: gabriel-XMG
 ID: PZ6V:VDD5:IKCG:L27W:Q3BS:VO7L:GVQU:TELK:LD6F:5H3W:TEYI:7UKC
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Username: typoworx
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  registry-api.php-stack.docker:5000
  127.0.0.11:5000
  127.0.0.0/8
 Registry Mirrors:
  http://registry-api.php-stack.docker:5000/
 Live Restore Enabled: false

Anything else?

No response

ndeloof commented 1 year ago

bridge network is a special one and you can't combine it with user-defined networks.

To get both services in compose and your dind builder container share a common network, you can either configure the builder to join the network defined for your compose stack, or run ALL containers in your compose stack with the default bridge network.