Docker

VLAN for Docker containers

VLAN for Docker containers

Here is an example of a docker-compose file that bridges the network of docker containers to the specified VLAN. Make sure you have bridged adapter to the VLAN network and change all the network settings that are bold.

As we’ve build our network we isolated every single application we run. For each device in our network we’ve set firewall rules to only allow services/protocols/ports that are mandatory for proper operations.
Quite a bit of overkill but in turn with some proper firewall rules, gives peace of mind…

version: "3"
services:
    portainer:
        image: portainer/portainer-ce:latest
        container_name: Portainer
        restart: unless-stopped
        security_opt:
            - no-new-privileges:true
        volumes:
            - /etc/localtime:/etc/localtime:ro
            - /var/run/docker.sock:/var/run/docker.sock:ro
            - /mnt/SSD/Docker/Portainer:/data
        ports:
            - 9000:9000
        environment:
            - TZ=Europe/Amsterdam
            - VLAN=800
        networks:
            vlan800:
                ipv4_address: 192.168.3.2
        dns:
            - "192.168.33.1"
        dns_search: w-solutions.dev 

networks:
  vlan800:
    name: vlan800
    driver: macvlan
    driver_opts:
      parent: vmbr800
    ipam:
      config:
        - subnet: 192.168.3.0/24
          gateway: 192.168.33.1

Need support? Hire us!

By admin, ago
en_USEnglish
nl_NLDutch en_USEnglish