0

I have multiple interfaces from my main server, e.g. (eno1, eno2, eno3, etc.) and multiple interfaces from an additional ethernet card, e.g. (enp7s0f0, enp7s0f1, etc.). I want to set up all my docker-compose.yaml files to use the different interfaces, e.g. I want to have service_1 use eno2, service_2 to use eno3, and service_3 use enp7s0f0. I want traffic in on specified ports and all traffic out to use the different interfaces.

Below is a sample docker-compsoe.yaml:

version: '3.7'

services:
    service_1:
        build: .
        networks: 
            - eno2
        ports:
            - 7878:7878

networks:
   eno2:
      driver: macvlan
      driver_opts:
          parent: eno2
      ipam:
          driver: default

I'm not sure the proper format for specifying a different interface I've looked over the Docker Compose Networking page, but can't seem to find what I'm looking for. I need a solution that is fully contained in a docker-compose.yaml file.

Edit: The macvlan appears to be what I'm trying to configure. Following post from here, I've edited Docker Compose file. However, I'm still not able to spin up multiple images that send outbound traffic through different interfaces, and activity goes through the default interface (eno1).

Improve this question
1
  • ever find an answer to this? Commented Apr 19, 2022 at 0:25

2 Answers 2

Reset to default
3

The network interfaces are operating in the host's namespace, and unless you are using the host network, you will not be able to even see them in your containers, since docker will create interface for the container namespace.

You can restrict the traffic flow by making the container's port be binded only to a given IP address (that belongs to one of the network interfaces).

Assuming you want to use enp7s0f0 for the service, and the interface has address 10.0.1.102 than you can specify the docker-compose as follows:

version: '3.7'

services:
    service_1:
        build: .
        networks: 
            - eno1
        ports:
            - "10.0.1.102:7878:7878"

networks:
   eno1:
Improve this answer
Sign up to request clarification or add additional context in comments.
0

I found the docker-compose.yaml file able to recognize these options as I was working through the best way to uncover the root problem.

Here's the working docker.compose.yaml:

version: '3.7'

services:
    service_1:
        build: .
        networks: 
            - secure_web
        ports:
            - 7878:7878

networks:
   secure_web:
      driver: macvlan
      driver_opts:
          parent: eno1
      ipam:
          driver: default

You may want to additionally follow the following guides if you are looking for this solution:

Reading through those gave me a good refresher to tidy up exactly what I was looking for.

Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.