Skip Navigation
Jump
Help needed with docker networking
  • $ docker network ls
    NETWORK ID     NAME                      DRIVER    SCOPE
    47d7bd010d65   actual_default            bridge    local
    c9afc79390f9   adguard-macvlan           macvlan   local
    3a8fbecbed47   adguard_default           bridge    local
    fdb88264fc66   bridge                    bridge    local
    078b97ad2a50   changedetection_default   bridge    local
    2f5d5c4d885e   chrony_default            bridge    local
    6ee278839eb5   cloudflared_default       bridge    local
    64ef9d8e9078   code-server_default       bridge    local
    370b7446a782   dockcheck-web_default     bridge    local
    27f8bdb73cdd   docker_default            bridge    local
    84feb7866bbc   gas_default               bridge    local
    20c5c7d0e41c   host                      host      local
    36b43a1c0e41   mariadb_default           bridge    local
    7efb8579909c   minecraft_default         bridge    local
    582fcfe7ef42   mosquitto_default         bridge    local
    80229d3d7fc6   nginx-authentik-network   bridge    local
    9a50fa17458f   none                      null      local
    76dba8f49616   paperless-ngx_default     bridge    local
    2c7172560839   paperless_default         bridge    local
    1a5bd74b7982   swirl_default             bridge    local
    5fca91da43b4   tasmobackup_default       bridge    local
    94789ed7f516   traefik_default           bridge    local
    fd6af99c1356   uptime-kuma_default       bridge    local
    033da28c9628   water_default             bridge    local
    fb05222675d9   webtop_default            bridge    local
    1c48df1568d1   zigbee2mqtt_default       bridge    local
    

    lots of stuff!

    1
  • Running multiple containers on a debian host. Debian Host IP = 192.168.1.80 Running adguard on this host from within a docker container. I need to know why other containers cannot access adguard at 192.168.1.80:53.

    Here is my docker-compose.yml for adguard: ``` version: "3.9" services: adguardhome: image: adguard/adguardhome container_name: adguardhome ports: - 53:53/tcp - 53:53/udp - 3000:3000/tcp

    - 3001:80/tcp

    - 3002:8902/tcp volumes: - ./conf:/opt/adguardhome/conf - ./data:/opt/adguardhome/work restart: always network_mode: host #bridge = same outcomes the following commands demonstrate what is and isn't working: debian$ nslookup google.com 192.168.1.80 [success] debian$ docker compose exec node-red bash bash-5.1$ nslookup google.com 192.168.1.80 ;; connection timed out; no servers could be reached ``` but doing the same commands from (for instance) my home assistant container, it works as expected. Difference in the compose files for node red and HA are that node red uses it's own network while HA is on the host network. But I don't think I should need to put every container on the host network, right?

    Appreciate any help! Thanks

    2

    How to prevent rogue docker containers from wreaking havoc?

    There was a recent post about whether to enable ufw and it made me ask: how protected I am from a rogue docker container? I have a single server with 15-20 docker containers running at any given time. Should one get hacked or be malicious from the get go, are there (hopefully easy to implement for an armchair sysadmin) best practices to mitigate such an event? Thanks!

    24