Maximum number of docker networks
Maximum number of docker networks
Hey guys, I was happily running 44 docker containers for a while on Debian host. Today I tried to add a new service (uptime-kuma) using portainer stacks, but I got this error:
Error response from daemon: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network
Quick google led me to this link where I found possible problem with max number of docker networks. I did docker network prune, it removed 5 networks that were not in use and viola, uptime-kuma is working now!
Am I reaching the limit? What to do if I need 10 more services on the same host? I bet I saw some people in this community running many more services
Docker network pools are huge by default. I had to change this as well.
This article covers the issue and the solution in detail:
https://straz.to/2021-09-08-docker-address-pools/If you just want the solution, skip to the section titled How to configure docker to allow >500 bridge networks. I think you'll need to remake all your networks after making the change, if I remember correctly.
Here's my config now:
$ sudo cat /etc/docker/daemon.json { "default-address-pools": [ { "base":"172.16.0.0/12", "size":24 }, { "base":"172.17.0.0/12", "size":24 }, { "base":"172.18.0.0/12", "size":24 }, { "base":"172.19.0.0/12", "size":24 }, { "base":"172.20.0.0/12", "size":24 }, { "base":"172.21.0.0/12", "size":24 }, { "base":"172.22.0.0/12", "size":24 }, { "base":"172.23.0.0/12", "size":24 }, { "base":"172.24.0.0/12", "size":24 }, { "base":"172.25.0.0/12", "size":24 }, { "base":"172.26.0.0/12", "size":24 }, { "base":"172.27.0.0/12", "size":24 }, { "base":"172.28.0.0/12", "size":24 }, { "base":"172.29.0.0/12", "size":24 }, { "base":"172.30.0.0/12", "size":24 }, { "base":"172.31.0.0/12", "size":24 } ], "log-opts": { "max-size": "1g" } }I'm pretty sure all of those entries are in the same /12 network - 172.16.0.0/12. Apparently there's nothing wrong with it, but I think you can significantly simplify that config by just removing all the extra ones
Thx, Ill read that, it looks promising
It sounds like your outgrowing docker. Maybe switch to Kubernetes at some point?
Oh rly? Im still reading about what others said and feels like I can still continue with docker. Ive heard about kubernetes many times. Even tho some people use them on single node, isnt that made for multiple nodes setup? I have to learn more about kubernetes
Only if there was IPv6: https://docs.docker.com/config/daemon/ipv6/
Just run all your containers with IPv6 randomly generated prefixes and this won't ever be a problem, you'll also get more IP spacing than you'll ever require. Then use your reverse proxy to convert between the "public" IPv4 space and the internal docker IPv6 networks.
Another option is to reduce the size of your IPv4 pools like this guy described.
then you'd limit the existing network addresses using subnets, as suggested by another answer in that question
sounds like your issue isnt with the number of networks, but how youre addressing them. fix that.
if youve got a container that only needs a single or a few ip's then its defined network should reflect that.
Thank you! This will be more clear after more research I hope. My understanding of docker networks is still meh...gonna change it now