Force dedicated IP on apps

[Janus0006]

Hi,

I'm an "intermediate" with docker and using docker-compose to run my docker on a single machine. Normally, I like to assigne direct IP to my docker, to separate my services and to be sure to not overlap ports between my differents applications.

I'm looking to do the same thing on TrueNAS Scale, Running my NAS on a specific IP and the apps on differents ones. But I don't know how to do it on the config of the apps... I know TN is using k3s and it's different.

Can you help me and indicate on how I can do this ?

Using NodePort ? Cluster IP? LoadBalancer ? (even if i'm not in cluster)

Many Thanks,

 

[murzik]

As of now. you can assign dedicated IP to a docker container , there is a setting for that in docker configuration.

However the problem is that at this moment you can't assign default route to a container. So assigning dedicated IP address as kind of useless. You will be able to reach that IP from devices on the same subnet, but your container will be communicate through the cluster IP anyway, which will be going to the internet though your host IP.
There is a ticket for that issue.

https://jira.ixsystems.com/browse/NAS-112334

 

[Janus0006]

But how can I do the same thing with existing Truechart apps ? example Plex ?

 

[truecharts]

If you need assistence with our Apps, it's best to ask directly on our support discord.
In this case we've decided not to support this feature, as it's kinda hacky and will cause a lot of (future) complications.

 

[murzik]

But how can I do the same thing with existing Truechart apps ? example Plex ?

I do not use any of TrueChart app, Configuration options are a bit limited and complicated for me. I do not believe that it is possible to assign static IP to Truechart app, but I have not looked into options for some time And why bother if I can just run any docker from docker hub?

 

[truecharts]

I do not use any of TrueChart app, Configuration options are a bit limited and complicated for me. I do not believe that it is possible to assign static IP to Truechart app, but I have not looked into options for some time And why bother if I can just run any docker from docker hub?

Besides the lack of directly assigning external IP addresses directly to our Apps, we support A LOT of features (way more than the official Apps do), so where do you feel our Apps are limited?

 

[murzik]

I feel that apps are not very easy to configure, specially for a person unfamiliar with kubernetes. Inability to assign dedicated static IP is also huge minus for me. For example for p2p client ( transmission, etc) I want to use separate IP ( or network card) that will be routed through dedicated gateway to VPN...
Don't get me wrong. I am not saying in any way that Chart ( including official) apps are no good, or anything like that. Actually I am very impressed with amount of app already available. But for me personally, Launch docker container option was just much easier to use...

 

[truecharts]

I feel that apps are not very easy to configure, specially for a person unfamiliar with kubernetes. Inability to assign dedicated static IP is also huge minus for me. For example for p2p client ( transmission, etc) I want to use separate IP ( or network card) that will be routed through dedicated gateway to VPN...
Don't get me wrong. I am not saying in any way that Chart ( including official) apps are no good, or anything like that. Actually I am very impressed with amount of app already available. But for me personally, Launch docker container option was just much easier to use...

Our Apps have what we call "sane working defaults". Which means that for each App only one or two settings (including the name) are requested for the App to be usable.

We also provide step-by-step guides for setting up Apps and some introduction to more complicated kubernetes configuration options. For a basic " Launch Docker"-button, setup you would be fine just entering the name and clicking "Next"+"Submit" for most of our Apps

When it comes to using seperate IP addresses: Technically we (as TrueCharts) do support this using the LoadBalancer service type, but iX Systems (for the first release of SCALE) does not yet support that themselves. When it is supported, we will (of course) create quick-start and setup guides accordingly, just like any other feature we offer. :)

 

[murzik]

Maybe when I tried, not all guides were available yet. But I recall trying transmission and then having hard time locating download folder, not even saying about using path of my choice for the download and configuration folders. Nodered on other hand was not the issue, because, all I cared about was the web interface
Keep in mind, not many as smart as you
And again when I was saying TrueCharts I meant the whole application system (kubernetes), not TRUECHART in particular .

 

[truecharts]

We are the only one with such complex/featurefull Apps, for example: The "Launch Docker" button itself is also "just" an App :)

 

[oblivioncth]

The aforementioned ticket is marked as "Done", and it's now been nearly a year with Bluefin having just been released.

Can anyone confirm whether or not you can assign static IPs to apps/containers this easily that are actually used for routing as described above now? For native apps and TrueCharts?

 

[murzik]

I can confirm that statip IP with default route to 0.0.0.0 is not working, and as I understand will never work.
Use docker by Truechart as workaround.

 

[Daisuke]

I'm looking to do the same thing on TrueNAS Scale, Running my NAS on a specific IP and the apps on differents ones.

Just curious why you want to have a different IP for each app, when ports do the difference? You can use Pi-Hole and Nginx/Traefik to assign a appname.lan local domain to each app, if you really want a clean solution. Ports never change, IP addresses do.

 

[Vertigo 7]

I would think the answer is because not every network is a single subnet. If there's any subnetting/vlan segmentation in use, which most large networks do use, then it would stand to reason you would want to continue managing ACLs through existing infrastructure instead of adding additional complexity behind a single server. TrueNAS Core works very well in this regard as you can very easily trunk multiple VLANs to the server(s) and easily host jails or VMs on any of the available VLANs without having to create complex firewall and routing rules.