Juniper/open-nti

ip subnet of docker 172.17.0.0/16 - how to change ?

agould123 opened this issue · 1 comments

Is this true of all open-nti installs ? I mean is this part of the automatic install that it assigns 172.17.0.0/16 to the interface (docker0) and all the docker imaged endpoints on that subnet ?

The reason I ask is I actually use this 172.17.0.0/16 ip network in my operational management network elsewhere and it's causing reachability issues when i try to access the open-nti items like grafana etc (when sourcing my web requests from for instance, 172.17.199.199)

Question - is it possible to change this docker subnet to something different like 172.29.0.0/16 ? .....or even better... 172.29.0.0/24 ?

I see this ...

root@netmon04:~/open-nti# arp -an -i docker0
? (172.17.0.3) at 02:42:ac:11:00:03 [ether] on docker0
? (172.17.0.8) at 02:42:ac:11:00:08 [ether] on docker0
? (172.17.0.2) at 02:42:ac:11:00:02 [ether] on docker0
? (172.17.0.4) at 02:42:ac:11:00:04 [ether] on docker0
? (172.17.0.7) at 02:42:ac:11:00:07 [ether] on docker0
? (172.17.143.157) at on docker0

root@netmon04:~/open-nti# ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:48:9c:c4:9e
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:48ff:fe9c:c49e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9736 errors:0 dropped:0 overruns:0 frame:0
TX packets:10845 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5736141 (5.7 MB) TX bytes:23601041 (23.6 MB)

-Aaron

Try with link_local_ips (never tested though)

https://docs.docker.com/compose/compose-file/compose-file-v2/#link_local_ips

Something like

  input-jti:
    image: $INPUT_JTI_IMAGE_NAME:$IMAGE_TAG
    container_name: $INPUT_JTI_CONTAINER_NAME
    environment:
     - "INFLUXDB_ADDR=opennti"
     - "OUTPUT_INFLUXDB=true"
     - "OUTPUT_STDOUT=false"
    ports:
     - "$LOCAL_PORT_JTI:50000/udp"
     - "$LOCAL_PORT_ANALYTICSD:50020/udp"
    volumes:
     - /etc/localtime:/etc/localtime
    links:
      - opennti
     networks:
      open_nti:
        ipv4_address: 172.29.0.1
  
  input-syslog:
    image: $INPUT_SYSLOG_IMAGE_NAME:$IMAGE_TAG
    container_name: $INPUT_SYSLOG_CONTAINER_NAME
    environment:
     - "INFLUXDB_ADDR=opennti"
     - "OUTPUT_INFLUXDB=true"
     - "OUTPUT_STDOUT=false"
    ports:
     - "$LOCAL_PORT_EVENT:6000/udp"
    volumes:
     - /etc/localtime:/etc/localtime
    links:
      - opennti
     networks:
      open_nti:
        ipv4_address: 172.29.0.2
  
  input-snmp:
    #image: $INPUT_SNMP_IMAGE_NAME:$IMAGE_TAG
    build: $INPUT_SNMP_DIR
    container_name: $INPUT_SNMP_CONTAINER_NAME
    ports:
     - "$LOCAL_PORT_SNMP:162/udp"
    volumes:
     - /etc/localtime:/etc/localtime
     - ./$INPUT_SNMP_DIR/templates/telegraf.tmpl:/data/templates/telegraf.tmpl
    links:
      - opennti
     networks:
      open_nti:
        ipv4_address: 172.29.0.3
  
  input-oc:
    #image: telegraf:1.5
    build: $INPUT_OC_DIR
    container_name: $INPUT_OC_CONTAINER_NAME
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./$INPUT_OC_DIR/telegraf.tmpl:/source/telegraf.tmpl
    ports:
      - "$LOCAL_PORT_OC:50051/udp"
    links:
      - opennti
     networks:
      open_nti:
        ipv4_address: 172.29.0.4
  
  kapacitor:
      image: kapacitor:1.5.0
      container_name: kapacitor
      environment:
        KAPACITOR_HOSTNAME: $KAPACITOR_CONTAINER_NAME
        KAPACITOR_INFLUXDB_0_URLS_0: http://opennti:8086/
      ports:
        - "9092:9092"
      links:
        - opennti
     networks:
      open_nti:
        ipv4_address: 172.29.0.5
  
  chronograf:
      image: quay.io/influxdb/chronograf:1.5.0.1
      container_name: $CHRONOGRAF_CONTAINER_NAME
      environment:
        INFLUXDB_URL: http://opennti:8086/
        KAPACITOR_URL: http://kapacitor:9092/
      ports:
        - "8888:8888"
      links:
        - opennti
     networks:
      open_nti:
        ipv4_address: 172.29.0.6
  
  opennti:
    image: $MAIN_IMAGE_NAME:$IMAGE_TAG
    container_name: $MAIN_CONTAINER_NAME
  # Uncomment environment to allow anonymous grafana access
  # and disable user sign up
    environment:
      - "GF_PATHS_PROVISIONING=/src/provisioning"
  #   - "GF_USERS_ALLOW_SIGN_UP=false"
  #   - "GF_AUTH_ANONYMOUS_ENABLED=true"
    volumes:
     - ./$LOCAL_DIR_GF_PROVISIONING:/src/provisioning
     - ./$LOCAL_DIR_DASHBOARD:/src/dashboards
     - ./$LOCAL_DIR_DATA:/opt/open-nti/data
     - /etc/localtime:/etc/localtime
    ports:
     - "$LOCAL_PORT_STATSD:8125/udp"
     - "$LOCAL_PORT_NGINX:80"
     - "$LOCAL_PORT_GRAFANA:3000"
     - "$LOCAL_PORT_INFLUXDB:8083"
     - "$LOCAL_PORT_INFLUXDB_API:8086"
     networks:
      open_nti:
        ipv4_address: 172.29.0.7
  
  networks:
    open_nti:
      driver: bridge
      ipam:
        driver: default
        config:
        - subnet: 172.29.0.0/24
          gateway: 172.29.0.1

Regards