johanels/akvorado
1
0
Fork 0
mirror of https://github.com/akvorado/akvorado.git synced 2025-12-12 06:24:10 +01:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

docker: set bridge name

Browse Source 
Docker can easily break the firewall rules such that masquerading
happens internally.

```
ip saddr 247.16.12.0/24 oifname != "br-65eaa81ed142" counter packets 812 bytes 132030 masquerade
ip saddr 247.16.12.0/24 oifname != "br-fa3db0ecc1de" counter packets 0 bytes 0 masquerade
ip saddr 247.16.12.0/24 oifname != "br-c7a7788478c5" counter packets 0 bytes 0 masquerade
```

When the "current" bridge is the second one, inter-container
communication gets masqueraded. I didn't find an associated issue.
This commit is contained in:
Vincent Bernat
2025-08-19 23:03:45 +02:00
parent 67da65827f
commit f8161d9375
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
console/data/docs/99-changelog.md
View File

@@ -15,6 +15,7 @@ identified with a specific icon:
- 💥 *docker*: update Kafka data volume mount path (check [PR
#1900](https://github.com/akvorado/akvorado/pull/1900) for the consequences if
you upgrade from a previous beta)
- 🌱 *docker*: enforce bridge name
- 🌱 *docker*: add cAdvisor to the monitoring stack
- 🌱 *docker*: update Prometheus to 3.5.0
- 🌱 *docker*: update node-exporter to 1.9.1

7
docker/docker-compose.yml
View File

@@ -4,8 +4,11 @@ networks:
enable_ipv6: true
ipam:
config:
- subnet: 247.16.12.0/24
- subnet: fd1c:8ce2:6fb:1::/64
- subnet: 247.16.14.0/24
- subnet: fd1c:8ce3:6fb:1::/64
driver: bridge
driver_opts:
com.docker.network.bridge.name: br-akvorado
volumes:
akvorado-kafka: