Hey guys, I was happily running 44 docker containers for a while on Debian host. Today I tried to add a new service (uptime-kuma) using portainer stacks, but I got this error:

Error response from daemon: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network

Quick google led me to this link where I found possible problem with max number of docker networks. I did docker network prune, it removed 5 networks that were not in use and viola, uptime-kuma is working now!

Am I reaching the limit? What to do if I need 10 more services on the same host? I bet I saw some people in this community running many more services

  • @[email protected]
    link
    fedilink
    English
    18
    edit-2
    9 months ago

    Docker network pools are huge by default. I had to change this as well.

    This article covers the issue and the solution in detail:
    https://straz.to/2021-09-08-docker-address-pools/

    If you just want the solution, skip to the section titled How to configure docker to allow >500 bridge networks. I think you’ll need to remake all your networks after making the change, if I remember correctly.

    Here’s my config now:

    $ sudo cat /etc/docker/daemon.json
    {
      "default-address-pools": [
        { "base":"172.16.0.0/12", "size":24 },
        { "base":"172.17.0.0/12", "size":24 },
        { "base":"172.18.0.0/12", "size":24 },
        { "base":"172.19.0.0/12", "size":24 },
        { "base":"172.20.0.0/12", "size":24 },
        { "base":"172.21.0.0/12", "size":24 },
        { "base":"172.22.0.0/12", "size":24 },
        { "base":"172.23.0.0/12", "size":24 },
        { "base":"172.24.0.0/12", "size":24 },
        { "base":"172.25.0.0/12", "size":24 },
        { "base":"172.26.0.0/12", "size":24 },
        { "base":"172.27.0.0/12", "size":24 },
        { "base":"172.28.0.0/12", "size":24 },
        { "base":"172.29.0.0/12", "size":24 },
        { "base":"172.30.0.0/12", "size":24 },
        { "base":"172.31.0.0/12", "size":24 }
      ],
      "log-opts": {
        "max-size": "1g"
      }
    }
    
    • @[email protected]
      link
      fedilink
      English
      49 months ago

      I’m pretty sure all of those entries are in the same /12 network - 172.16.0.0/12. Apparently there’s nothing wrong with it, but I think you can significantly simplify that config by just removing all the extra ones

      • @[email protected]
        link
        fedilink
        English
        6
        edit-2
        9 months ago

        Could simplify it by making a 28 block at most. That is 14 IPs per bridge which seems like way more than one would generally need anyhow.

        {
          "default-address-pools": [
            { "base":"172.16.0.0/12", "size":28 },
          ]
        }
        
        • @5PACEBAR
          link
          English
          39 months ago

          Had to do exactly that last week when I hit Docker’s rather low network limit.

  • Possibly linux
    link
    fedilink
    English
    89 months ago

    It sounds like your outgrowing docker. Maybe switch to Kubernetes at some point?

    • @[email protected]OP
      link
      fedilink
      English
      29 months ago

      Oh rly? Im still reading about what others said and feels like I can still continue with docker. Ive heard about kubernetes many times. Even tho some people use them on single node, isnt that made for multiple nodes setup? I have to learn more about kubernetes

  • Eager Eagle
    link
    English
    39 months ago

    then you’d limit the existing network addresses using subnets, as suggested by another answer in that question

  • originalucifer
    link
    fedilink
    19 months ago

    sounds like your issue isnt with the number of networks, but how youre addressing them. fix that.

    if youve got a container that only needs a single or a few ip’s then its defined network should reflect that.

    • @[email protected]OP
      link
      fedilink
      English
      19 months ago

      Thank you! This will be more clear after more research I hope. My understanding of docker networks is still meh…gonna change it now