Article
Rich Taylor · Dec 28, 2018 2m read

Docker-compose default network conflicts

I recently had to diagnose a networking problem I was having when attached to our corporate network.   I was seeing an unknown bridge network being defined that shared the same IP address space as the company network thus blocking access to company resources.  This bridge network was separate from the Docker0 bridge network which the docker engine sets up.  Docker was configured with a bip (bridge ip) address to prevent docker form using an address space that create a conflict.

HOWEVER, this only applies to the Docker0 bridge.  docker-compose creates its own bridge network configurations with an ID of "br-xxxxxx" and these configurations continue to use the 172.x.x.x address space.  There is no system-wide configuration to change this behavior (as of yet).   It should be noted too that this bridge network does not go away if you stop the containers created by compose.  So even if you manually remove the interface (ip link delete br-xxxx type bridge) it will return the next time you restart the computer or even just docker.  This is only completely removed by doing docker-compose down. 

The correction for this is to configure the default network in your docker-compose.yml file.  Add the following to the bottom with an appropriate ip address for your environment.

networks:
  default:
    ipam:
      driver: default
      config:
      -  subnet: 192.168.3.0/24

this reconfigures the default network.  You could, of course, configure a custom network here and set all services to use that or create a network with docker network create then reference that external network in the yml file.

Hope this helps someone avoid wasting a bit of time dealing with this issue.

1
1 4,522
Discussion (2)2
Log in or sign up to continue

Rich,

Docker's approach to the docker0 bridge does default to 172.17.x.x, but it can be configured.  See https://docs.docker.com/network/bridge/#use-the-default-bridge-network

Note that on Linux installations of Docker, while dockerd will look for /etc/docker/daemon.json and use what it finds there, the file is not created by default.  If you try to edit the file and don't find one, this is okay - just create it, like so:

{
  "bip": "192.168.3.0/24"
}
Cheers,
Conor

Connor,

This is true for the Docker0 bridge which I have setup and noted in the post.  The problem is that docker-compose does not use this setting at all.  Unless you configure the docker-compose.yml file using one of the methods I mention you will still get a 172.x.x.x address.

Rich