Return to Level1Techs.com

How to have self-hosted docker-image have different external IP?

selfhost
#1

Hello!

I am trying to figure out how I can have my docker container (possibly kubernetes in near future), which I am hosting on my own home network, can seem to have a different external IP address. There are multiple instances of the same container running, some I would like to have a different external IP address. How can I achieve this?

There are a few things I found, such as a service (here in NL) which apparently sets up a GRE tunnel, which allows me to have a different external IP, but unfortunately its service is only for registered companies.

I also looked into running a VPN docker image and route traffic through there, I have a PIA subscription with 5 devices. All though this setup sounds a little… amateur? also doesnt scale very well i suppose. Feedback welcome.

Also have a google clout platform account with 300eur credit (also dont mind paying if its not too expensive). Maybe GCP has a service? im trying to understand all of the GCP products but its confusing.

TLDR; have a self-hosted docker image have a different external IP.

0 Likes

#2

If you can set the network adapter you could dedicate a NIC to it eth0 vs eth1

macvlan is an option, too

0 Likes

#3

As far as I understand it, this makes the connection to docker access the NIC directly? Wouldnt that still leave me with the same outbound IP address, which would be my own network? Only the macaddress would be different.

0 Likes

#4

Ah you are asking for WAN not LAN. Maybe a VPN VPS. Or maybe a SOCKS proxy.

Or as @Adubs said multiple IPs from your ISP

Or run the docker image in the cloud.

0 Likes

#5

do you have multiple IPs already?

0 Likes

#6

No I do not have multiple IP’s, just one. Which is the problem.

My ISP doesnt allow for multiple IP addresses, only if I take a business package which is expensive

0 Likes

#7

You could VPN that machine to a cheap VPS then.

1 Like

#8

Do you have a source or short explanation for me how that would work? What would I require to install and to configure in order for this to work?

0 Likes

#9

You would probably use openvpn to connect to a VPS

My question is, why do you need another IP? what services are you running on that server that cant be routed to another port or set up with a reverse proxy in nginx?

1 Like

#10

Thank you! will check it out shortly.

I am accessing an API with a rate limiter. I need make more requests than allowed. Asked the API owner if I could be whitelisted / excluded, his response “api limits by IP, so just access it from another network”.

0 Likes

#11

well then this really wouldnt help that much as you would still be rate limited on the other IP too.

since you have PIA, why not utilize that via some kind of script so only half the calls are sent via VPN, and the other half from your home?

0 Likes

#12

nono, i would keep some containers running on my own network, and others via a proposed alternative.

Well that was one of my ideas, have a vpn container running and have some containers run their traffic over the vpn container. But its confusing to me, cant find many sources on how to do this and im a bit of a perfectionist, had to know whether this was my best option.

0 Likes

#13

so how are the containers communicating?

probably dont need the vpn then

0 Likes

#14

Theyre communicating over NATS and data is inserted in a cluster cockroachDB.

How would I not need a vpn? im online to chat in the level1 discord if thats easier.

0 Likes

#15

I’m not familiar enough to give an answer but I figured you could just open a port internally and point the container on the VPS at your home IP.

at work now, cant talk.

0 Likes

#16

Yes that would work. Was hoping for a non-hosting option as it can be quite expensive, and networking solutions such as VPN’s arent.

Guess ill start looking at VPS prices and take another look at at docker vpn container.

0 Likes

#17

Well, like I said, you could leverage your PIA sub. They support openvpn… and theres this

https://hub.docker.com/r/dperson/openvpn-client/

Then everything should be able to stay on your local machine.

the other option being the roll your own vpn with a cheap vps

0 Likes

#18

MacVLAN is the way to do this, it’s what I use to give my LXD containers their own IPs on my LAN. You will need to setup a MacVLAN bridge as well, or you can’t ping/connect to the containers from their host and vice-versa. And it’s extra-tricky because netplan doesn’t support macvlan, so you need to use ifupdown. That was a fun learning exercise for me a couple months ago.

Actually I just checked and LXC (and now LXD) now supports ipvlan, which should allow you to DHCP an IP from your network without worrying about setting up a bridge, so that’s pretty cool. I plan to play with it tonight. Docker also uses LXC behind the scenes, sorta.

Although ipvlan devices don’t have their own MAC addresses, so maybe not. I’ll see how it looks.

0 Likes

#19

im not sure how that helps him

1 Like

#20

I believe such a setup would give me containers a different internal IP address? I need different external IP, on a WAN level

0 Likes