Nginx Question posted in
The official documentation can be found here.

docker-compose creating bridge networks with range other than 172.17.0.0/16 – Nginx

I am trying to get metrics from a running nginx container ( nginx_status endpoint restricted to 127.0.0.1, 172.17.0.0/16) docker exec nginx curl 127.0.0.1/nginx_status. is good When I run the ELK metricbeat container and set nginx as the host to monitor Error fetching data for metricset nginx.stubstatus: error fetching status: error making http request: Get "http://nginx/nginx_status": dial tcp 172.27.0.6:8080: connect: connection refused. nginx container is created from a different compose file than the metricbeat. They run in different bridge network. Now I inspected both the networks and found that it is completely on different IP address range.

   "Scope": "local",
    "Driver": "bridge",
    "EnableIPv6": false,
    "IPAM": {
        "Driver": "default",
        "Options": null,
        "Config": [
            {
                "Subnet": "192.168.16.0/20",
                "Gateway": "192.168.16.1"
            }
        ]
    },
    "Internal": false,
    "Attachable": true,
    "Ingress": false,
    "ConfigFrom": {
        "Network": ""
    },

The other bridge network is on

        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "192.168.32.0/20",
                    "Gateway": "192.168.32.1"
                }
            ]
        },

This was a surprise to me. I am totally confused now and would like to know what is going on. These are my current settings

server {
        listen 127.0.0.1;
        location /nginx_status {
        stub_status on;
        access_log off;
        allow 127.0.0.1;
        allow 172.17.0.0/16;
        deny all;
    }
}
  1. How can I reliably set nginx server block ???
  2. I was thinking that docker is using only 172.17.0.0/16 range. Is this something specific to docker-compose ?
Tags:

2

Answers


  1. 0

    docker-compose WILL use any of those:

     172.17.0.0/16   
 172.18.0.0/16      
 172.19.0.0/16

    You might need to read a bit of theory ( I never had , I actually slept during the class when it was preached in school … )

    so the answer is probably

      172.16.0.0/12

    because of this text from the source above ^^^

    172.16.0.0/12 For private internal networks. IP addresses from this space should never be seen on the public Internet.

    For example this is the part of my pg_hba.conf in a postgres container

     host    all             all             172.16.0.0/12           password

    which seems to be the similar problem you had …

    Login or Signup to reply.
  2. 0

    We can specify the bridge network within docker-compose.yml by using the user defined bridge.
    I hope this is what you are looking for.

    version: "2.1"
services:
  nginx:
    image: ghcr.io/linuxserver/nginx
    container_name: nginx
    volumes:
      - ./config:/config
    ports:
      - 443:443
    restart: always
    networks:
      br-uplink:
        ipv4_address: 192.168.11.2

networks:
  br-uplink:
    driver: bridge
    name: br-uplink
    ipam:
      config:
        - subnet: "192.168.11.0/24"
          gateway: "192.168.11.1"
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search