Search code examples
dockerdocker-composedocker-network

Docker Compose - Changing the network mode to "host" results in error: Error response from daemon: failed to add interface veth701c890 to sandbox

Following this question, I edited my gateway container to use the host network mode:

services:
  gateway:
  ...
  network_mode: "host"

and then the docker compose up -d gives me this:

Error response from daemon: failed to add interface veth701c890 to sandbox: error setting interface "veth701c890" IP to 172.26.0.11/16: cannot program address 172.26.0.11/16 in sandbox interface because it conflicts with existing route {Ifindex: 4 Dst: 172.26.0.0/16 Src: 172.26.0.1 Gw: Flags: [] Table: 254

I restarted the docker and even the server. No luck.

The docker-compose.yml looks like this (only the gateway container has published ports):

version: '3.4'

services:
  gateway:
    image: <ms-yarp>
    environment:
      - ASPNETCORE_URLS=https://+:443;http://+:80
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./tls/:/tls/
    networks:
      - mynet
    restart: on-failure

  orders:
    image: <registry>/orders
    environment:
      - ASPNETCORE_URLS=http://+:80
    networks:
      - mynet
    restart: on-failure

  users:
    image: <registry>/users
    environment:
      - ASPNETCORE_URLS=http://+:80
    networks:
      - mynet
    restart: on-failure

  smssender:
    image: <registry>/smssender
    environment:
      - ASPNETCORE_URLS=http://+:80
    networks:
      - mynet
    restart: on-failure

  logger:
    image: <registry>/logger
    environment:
      - ASPNETCORE_URLS=http://+:80
    networks:
      - mynet
    restart: on-failure

  notifications:
    image: <registry>/notifications
    environment:
      - ASPNETCORE_URLS=http://+:80
    networks:
      - mynet
    restart: on-failure

  cacheserver:
    image: <registry>/redis
    networks:
      - mynet
    restart: on-failure

  ...

networks:
  mynet:
Solution

  • You can't combine host networking with any other Docker networking option. At least some versions of Compose have given warnings if you combine network_mode: host with other networks: or ports: options.

    The other thing host networking means in this particular setup is that the one container that's using it is "outside Docker" for purposes of connecting to other containers. It works exactly the same way a non-container process would. That means the other containers need to publish ports: to be reachable from the gateway, and in turn the gateway configuration needs to use localhost and the published port numbers to reach the other containers.

    version: '3.8'
services:
  gateway:
    image: <ms-yarp>
    network_mode: host
  orders:
    image: <registry>/orders
    ports:
      - '8001:80'
    networks:
      - mynet

    {
  "ReverseProxy": {
    "Clusters": {
      "cluster": {
        "Destinations": {
          "orders": {
            "Address": "http://localhost:8001"
          }
        }
      }
    }
  }
}