Change the IP range used by Docker
This page indicates how to change the IP ranges used by Docker.
By default, docker will use these two ranges:
172.17.0.0/16: for thebridgenetwork (also calleddocker0)172.18.0.0/16: for thedocker_gwbridgenetwork
If the procedure is followed during the installation of Cyberwatch, only steps 3 and 4 are necessary.
-
Stop the instance:
sudo cyberwatch stop -
Disconnect and remove network
docker_gwbridge
docker network disconnect -f docker_gwbridge gateway_ingress-sbox
docker network rm docker_gwbridge
-
Edit file
/etc/docker/daemon.json:{ "bip": "10.0.1.1/24", "default-address-pools": [ { "base": "10.0.2.0/18", "size": 24 } ] }The field
bip(Bridge IP) defines the IP range that network interfacedocker0can use. The example reserves IP range10.0.1.1/24to the interface. Beware, the range must end with.1, otherwise docker won’t start.The field
default-address-poolsdefines the IP range of network interfacedocker_gwbridge. The example reserves IP range10.0.2.0/24. -
Restart docker:
sudo systemctl restart docker -
Start Cyberwatch:
sudo cyberwatch start -
Check that the IPs changed:
docker network inspect bridge | grep Subnet docker network inspect docker_gwbridge | grep Subnet
Troubleshooting
Potential problem detected on CentOS.
With the suggested configuration, docker may no longer be able to restart successfully on the Cyberwatch server. The command:
systemctl restart docker
may then fail, indicating that it was impossible to create the network docker_gwbridge.
You can then use the following commands as a workaround:
ip link add name docker0 type bridge
ip addr add dev docker0 10.10.0.1/16
Warning: this is a onetime fix and must be applied each time you restart docker.
The problem can be fixed permanently by modifying the configuration file like this:
cat > /etc/docker/daemon.json <<EOL
{
"bip": "10.0.1.1/24",
"default-address-pools": [
{ "base": "10.0.64.0/18", "size": 24 }
]
}
EOL
thus giving docker a larger IP range.
Sources: