Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
docker_notes:docker [2025-03-02 Sun wk09 08:54] – [network troubleshooting] baumkpdocker_notes:docker [2025-06-21 Sat wk25 12:15] (current) – [Networks] baumkp
Line 126: Line 126:
   * Then pull the latest portainer/agent: ''%%docker pull portainer/agent%%'', default is latest if version is not specified.   * Then pull the latest portainer/agent: ''%%docker pull portainer/agent%%'', default is latest if version is not specified.
 <code yaml>docker run -d   -p 9001:9001   --name portainer_agent   --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent</code> <code yaml>docker run -d   -p 9001:9001   --name portainer_agent   --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent</code>
 +
 +It would seem remote agents by default do not show out of date images, can be toggled on/off under ''Host > Setup "Show image up to date indicators for Stacks, Services and Containers"''
  
  
Line 260: Line 262:
 ===reference=== ===reference===
   *[[https://devdojo.com/bobbyiliev/how-to-change-the-docker-ps-output-format|How to change the docker ps output format]]   *[[https://devdojo.com/bobbyiliev/how-to-change-the-docker-ps-output-format|How to change the docker ps output format]]
 +  *[[https://dev.to/cicube/docker-cheat-sheet-most-useful-commands-ghl|Docker Cheat Sheet - Most Useful Commands]]
   *Docker Docs   *Docker Docs
     *[[https://docs.docker.com/reference/cli/docker/container/ls/|docker container ls]]     *[[https://docs.docker.com/reference/cli/docker/container/ls/|docker container ls]]
Line 286: Line 289:
     * ''docker network create network_named''     * ''docker network create network_named''
   - Host (Appears on the host machine as if installed there, no separate network.)   - Host (Appears on the host machine as if installed there, no separate network.)
-  - MACVLAN +    -If you use the host network mode for a container, that container's network stack isn't isolated from the Docker host (the container shares the host's networking namespace), and the container doesn't get its own IP-address allocated.   
 +  - MACVLAN 
 +    -The macvlan network assigns a unique MAC address to each container, making it appear to be a physical device on your network, just like a traditional virtual machine. The Docker daemon then routes the traffic to containers on the basis of their MAC address. It also allows you to assign an IP address from the same subnet in which the Docker host resides. This avoids the use of the host network, there is no NAT overhead, and you won't run into network performance issues.  
     - MACVLAN (without subVLAN) this create a new ip address on the host machine     - MACVLAN (without subVLAN) this create a new ip address on the host machine
-      * <code bash>docker network create -d macvlan \+      * <code bash>docker network create 
 +-d macvlan \
 --subnet 192.168.1.0/24 \ --subnet 192.168.1.0/24 \
 --gateway 192.168.1.1 \ --gateway 192.168.1.1 \
--o parent=br0 +-o parent=br0 network_named</code>
-network_named</code>+
       * No host DHCP access so need to specify ip address when creating container (docker cli ''%%--ip 192.168.1.14%%''). If not specified docker DHCP will assign and could cause clash with host.       * No host DHCP access so need to specify ip address when creating container (docker cli ''%%--ip 192.168.1.14%%''). If not specified docker DHCP will assign and could cause clash with host.
       * May be problem with multiple MACs on common switch port.  Need to set promiscuous mode on network, e.g. ''sudo ip link set br0 promisc on''.       * May be problem with multiple MACs on common switch port.  Need to set promiscuous mode on network, e.g. ''sudo ip link set br0 promisc on''.
Line 298: Line 303:
   - IPVLAN    - IPVLAN 
     - IPVLAN on host subnet, this create a new ip address on the host machine, but not with new MAC number, it uses the host MAC number     - IPVLAN on host subnet, this create a new ip address on the host machine, but not with new MAC number, it uses the host MAC number
-      * <code bash>docker network create -d ipvlan \+      * <code bash>docker network create 
 +-d ipvlan \
 --subnet 192.168.1.0/24 \ --subnet 192.168.1.0/24 \
 --gateway 192.168.1.1 \ --gateway 192.168.1.1 \
--o parent=br0 +-o parent=br0 network_named</code>
-network_named</code>+
       * No host DHCP access so need to specify ip address when creating container (docker cli ''%%--ip 192.168.1.14%%''). If not specified docker DHCP will assign and could cause clash with host.       * No host DHCP access so need to specify ip address when creating container (docker cli ''%%--ip 192.168.1.14%%''). If not specified docker DHCP will assign and could cause clash with host.
       * May be problem with shared MAC with multiple IP address, but less likely than MACVLAN.       * May be problem with shared MAC with multiple IP address, but less likely than MACVLAN.
     - IPVLAN on separate subnet using the host machine as gateway, but not with new MAC number, it uses the host MAC number     - IPVLAN on separate subnet using the host machine as gateway, but not with new MAC number, it uses the host MAC number
-      * <code bash>docker network create -d ipvlan \+      * <code bash>docker network create 
 +-d ipvlan \
 --subnet 192.168.1.0/24 \ --subnet 192.168.1.0/24 \
 -o parent=br0 -o ipvlan_mode=l3 \ -o parent=br0 -o ipvlan_mode=l3 \
---subnet 192.168.10.0/24 +--subnet 192.168.10.0/24 network_named</code>
-network_named</code>+
       * No host DHCP access so need to specify ip address when creating container (docker cli ''%%--ip 192.168.1.14%%''). If not specified docker DHCP will assign and could cause clash with host.       * No host DHCP access so need to specify ip address when creating container (docker cli ''%%--ip 192.168.1.14%%''). If not specified docker DHCP will assign and could cause clash with host.
       * May be problem with shared MAC with multiple IP address, but less likely than MACVLAN.       * May be problem with shared MAC with multiple IP address, but less likely than MACVLAN.
Line 316: Line 321:
   - None network - no assigned network, container has no external network connectivity   - None network - no assigned network, container has no external network connectivity
  
 +====References====
 +  *[[https://www.aidenwebb.com/posts/dockers-seven-network-types-and-when-to-use-them/|Dockers seven network types and when to use them]]
 +  *[[https://dev.to/wallacefreitas/docker-networking-a-comprehensive-guide-3d5j|Docker Networking: A Comprehensive Guide]]
 +  *[[https://dev.to/abhay_yt_52a8e72b213be229/unlocking-advanced-docker-networking-macvlan-vs-ipvlan-38o4|Unlocking Advanced Docker Networking: Macvlan vs. Ipvlan]]
 +  *[[https://ipwithease.com/macvlan-vs-ipvlan-understand-the-difference/|MacVLAN vs IPvlan: Understand the difference]]
 +  *[[https://medium.com/@dyavanapellisujal7/docker-macvlan-and-ipvlan-explained-advanced-networking-guide-b3ba20bc22e4|Docker MacVLAN and IPVLAN Explained: Advanced Networking Guide]]
 +  *[[https://4sysops.com/archives/macvlan-network-driver-assign-mac-address-to-docker-containers/|Macvlan network driver: Assign MAC address to Docker containers]]
 +  *[[https://4sysops.com/archives/configuring-ipvlan-networking-in-docker/|Configuring IPvlan networking in Docker]]
 =====network troubleshooting===== =====network troubleshooting=====
 A lot of containers are setup to be small and hence do not include many, if any of the tools required to diagnose problems.  A small docker image ''netshoot'' includes the most common networking tools and when attached to the same docker network can be used to diagnose the network and containers networks thereon. A lot of containers are setup to be small and hence do not include many, if any of the tools required to diagnose problems.  A small docker image ''netshoot'' includes the most common networking tools and when attached to the same docker network can be used to diagnose the network and containers networks thereon.