facebooktwittergoogle_pluslinkedinmailby feather

During the installation of Docker Engine and UCP(Universal Control Plane), there is a risk that the networks it chooses by default like 172.17.0.0/16, 172.18.0.0/16, 172.19.0.0/16, 172.20.0.0/16 may overlap with your existing LANs in your organization. Although there are some related posts:

https://forums.docker.com/t/dtr-network-overlaps-corporate-lan/22193/2

https://blog.docker.com/2016/03/docker-networking-design-philosophy/

https://github.com/docker/docker.github.io/blob/master/engine/userguide/networking/default_network/build-bridges.md

IMHO they do not provide a practical solution for that particular case…

Beside, there are the following open issues under github:

https://github.com/docker/docker/issues/21776

https://github.com/docker/docker/pull/29376

Here is a workaround we have founded and applied and working:

  • Before the installtion of Docker Engine/UCP, create a virtual interface or extend the netmask of the current interface covering all corporate networks:
ifconfig eth0:0 <yourinternalcorporateIPAddress> netmask <netmask> up
  • After you finalize the Docker Engine, swarm or UCP, you will notice that it uses A Class(10.x.x.x/x) or C Class(192.168.x.x/x) rather than 172.x.x.x !!!! Docker installation is smart that it jumps to other network classes.
  • Revert back your network interface you the initial state ad that's all!!