I have two "user" networks: the LAN on 192.168.10.0/24
and Wireguard on 192.168.20.0/24
. I also host on 192.168.10.2
a docker engine that powers a dozen of containers and a few networks that all neatly land on 172.XX.0.0/16
. Everything works great.
I added a set of new containers to host a Graylog service. I used the docker-compose.yml
provided by the repo, with a few minor changes: a connection to a docker srv
network that allows web containers to be connected to a caddy
reverse proxy. The full docker-compose.yaml
is as follows:
version: '2'
services:
# MongoDB: https://hub.docker.com/_/mongo/
mongodb:
image: mongo:4.2
volumes:
- mongo_data:/data/db
networks:
- default
# Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
volumes:
- es_data:/usr/share/elasticsearch/data
environment:
- http.host=0.0.0.0
- transport.host=localhost
- network.host=0.0.0.0
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
ulimits:
memlock:
soft: -1
hard: -1
mem_limit: 1g
networks:
- default
# Graylog: https://hub.docker.com/r/graylog/graylog/
graylog:
image: graylog/graylog:4.3
volumes:
- graylog_data:/usr/share/graylog/data
environment:
# CHANGE ME (must be at least 16 characters)!
- GRAYLOG_PASSWORD_SECRET=XXX
# Password: admin
- GRAYLOG_ROOT_PASSWORD_SHA2=XXXXX
- GRAYLOG_HTTP_EXTERNAL_URI=https://graylog.XXXX/
entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh
links:
- mongodb:mongo
- elasticsearch
restart: always
depends_on:
- mongodb
- elasticsearch
ports:
# Graylog web interface and REST API
#- 9000:9000
# Syslog TCP
- 1514:1514
# Syslog UDP
- 1514:1514/udp
# GELF TCP
- 12201:12201
# GELF UDP
- 12201:12201/udp
networks:
- default
- srv
# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
volumes:
mongo_data:
driver: local
es_data:
driver: local
graylog_data:
driver: local
networks:
default:
srv:
external: true
name: srv
For some reason the docker network that was automatically created was on 192.168.16.0/20
and it took me quite a lot of time to understand why Wireguard was not working anymore: this network contains 192.168.20.0/24
and the wireguard traffic was routed there...
Whe shutting down Graylog and manually deleting 192.168.16.0/20
everything is back to normal.
My question: why would a docker composition pick a wildly different network from the ones other containers use? How is this choice driven if there is nothing in docker-compose.yml
that would hint at the network to use?