Resource icon

[HOWTO] FreeNAS 11, RancherOS (Docker), and Portainer

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
Mhhhh, not sure what to say my sabnzbd writes with 50MB/s which is the limit of what's possible with Sab. Due to limitations of python.
 

bass_rock

Dabbler
Joined
Jul 9, 2016
Messages
13
Yea I was getting close to 70Mbps now its down to 1-5Mbps and I'm pretty sure its an NFS write issue.
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
Your DD test showed capabilities to 1gbit, so I don't see why you should use that as a max.

Tbh, I am not experienced with these type of issues.
 
Last edited:
Joined
Mar 30, 2015
Messages
32
Yes this is of course possible, and sometimes needed, However, i made the mistake in the beginning as well to assign every single container its own static ip, which is not needed.

Typically, one just assigns a port to the container and than you can access the container via http://rancherosip:port, if you want to have s host-ip you'll have to start the container via --net=host and when you define the port you have to use 192.168.0.XX:1337:80 or similar. Better check the official docker wiki for more info.
is there a way to make every new container take its Ip from my dhcp server?
like change bridging and make it with eth0 maybe ?
in corral it was doing that (i'm migrating from corral btw)
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
is there a way to make every new container take its Ip from my dhcp server?
like change bridging and make it with eth0 maybe ?
in corral it was doing that (i'm migrating from corral btw)

yes that should be possible. how do you deploy your containers?
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
I was trying to use rancher GUI and pull them from https://hub.docker.com/myuser/myrepository
with network set to bridge and/or host(the same RancherOS VM), but with no success on accessing them.

I am also using Rancher and Rancher-Agent, for deploying my docker containers. Before you use the Rancher UI i'd recommend the follwing:
1. run a simple small docker container with a webui.
I tried:
docker run -d -it --label io.rancher.container.dns=true --label io.rancher.container.network=true --hostname ghost --name ghost -p 2368:2368

than you navigate to your <rancherIP>:2368 for me thats http://192.168.0.16:2368.

if that works, open your rancher GUI and check how the docker container is created.

here is a list of the dockers i am running, if you need my docker compose scripts let me know i can post them. (for easy drag and drop)
rancher.png
 
Last edited:

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
If you want to play with static ip addresses you could try the following:

# create a new bridge network with your subnet and gateway for your ip block
docker network create --subnet 203.0.113.0/24 --gateway 203.0.113.254 iptastic

# run a nginx container with a specific ip in that block
docker run --rm -it --net iptastic --ip 203.0.113.2 nginx
 

danjng

Explorer
Joined
Mar 20, 2017
Messages
51
Chiming in here because I am looking to do the same thing. I haven't been able to get a IP from my router but I'm still learning. I always get a 172.x.x.x IP when i use bridge (which I thought would reach out to he router).

I started out with RancherOS but decided to keep it simple and just put Docker on a lubuntu VM. Might be a little less secure but I don't have to worry about NFS containers and stuff like that.

I am still using Portainer for container management, though. It has its own shortcomings but gets the job done so far.

Looking forward to any future posts that might help.


Sent from my iPhone using Tapatalk
 

danjng

Explorer
Joined
Mar 20, 2017
Messages
51
If you want to play with static ip addresses you could try the following:

# create a new bridge network with your subnet and gateway for your ip block
docker network create --subnet 203.0.113.0/24 --gateway 203.0.113.254 iptastic

# run a nginx container with a specific ip in that block
docker run --rm -it --net iptastic --ip 203.0.113.2 nginx
I'll need to give this a shot next. I kind of assumed that was what the bridge network in Docker did, but apparently not. Thanks!


Sent from my iPhone using Tapatalk
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
Why do you want to assign an ip for the container? It is simply not necessary.

Containers can communicate among each other via host name+port of service as the dockerhost includes a dns.
So when your container 1 needs to communicate with container 2 just use the host name, which you can define with - - hostname=container. Try it with ping container name from a container
 

danjng

Explorer
Joined
Mar 20, 2017
Messages
51
Hmmm. So you do have a point. My issue initially was plex. It wasn't able to get out to the internet due to the IP address that was being assigned (172.x.x.x). Seems that using host network is a solution though. I mistakenly thought it would need its own IP address in order to work but apparently not. The bridge network wasn't working as I expected it to (I thought it would be like bridged networking when talking about VMs).

In any case, thanks for the help and ideas. And patience. I know how easy it would have been to just call me a stupid noob [emoji16]


Sent from my iPhone using Tapatalk
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
Hi,

There are some containers where you have to use certain things, plex for example has to have advertise-ip set as an environmental variable, and must run in host networking or so. You'll have to check in the plex container documents on hub.docker.com, or Google how it is being deployed.

But the majority of docker containers absolutely don't need it. Just check my image from earlier. I have plenty of containers deployed. Just by the port exposure.

Code:
docker create \
--name=plex \
--net=host \
-e VERSION=latest \
-e PUID=<UID> -e PGID=<GID> \
-e TZ=<timezone> \
-v </path/to/library>:/config \
-v <path/to/tvseries>:/data/tvshows \
-v </path/to/movies>:/data/movies \
-v </path for transcoding>:/transcode \
linuxserver/plex


--net=host is required
 

danjng

Explorer
Joined
Mar 20, 2017
Messages
51
Hi,

There are some containers where you have to use certain things, plex for example has to have advertise-ip set as an environmental variable, and must run in host networking or so. You'll have to check in the plex container documents on hub.docker.com, or Google how it is being deployed.

But the majority of docker containers absolutely don't need it. Just check my image from earlier. I have plenty of containers deployed. Just by the port exposure.

Code:
docker create \
--name=plex \
--net=host \
-e VERSION=latest \
-e PUID=<UID> -e PGID=<GID> \
-e TZ=<timezone> \
-v </path/to/library>:/config \
-v <path/to/tvseries>:/data/tvshows \
-v </path/to/movies>:/data/movies \
-v </path for transcoding>:/transcode \
linuxserver/plex


--net=host is required
100% on the money about that.

My setup is up and running now with all my containers just how it used to run on Corral. Thank you, kind sir (or madam; you never can be truly sure on the internet), for all you've provided in helping me on my journey. I think I've got the hang of things now. I just wish Portainer would allow for editing containers instead of me having to recreate them from scratch each time I make a mistake. I understand that's in the works though.

Thanks again!


Sent from my iPhone using Tapatalk
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
100% on the money about that.

My setup is up and running now with all my containers just how it used to run on Corral. Thank you, kind sir (or madam; you never can be truly sure on the internet), for all you've provided in helping me on my journey. I think I've got the hang of things now. I just wish Portainer would allow for editing containers instead of me having to recreate them from scratch each time I make a mistake. I understand that's in the works though.

Thanks again!


Sent from my iPhone using Tapatalk

Hey, no problem !

I tried, shipyard, portrainer, and rancher (RancherOS' GUI) and i stuck with rancher, mainly due to the ability to import and export docker-compose.yml files, that you can edit in an editor. Here is an example for my Webserver Stack (compilation of containers)

my general mounting structure:
Code:
host shares:	------   iohyve:RancherOS  ----- inside the container 
@192.168.0.2			 @192.168.0.16		   

/mnt/zpool/docker	   /mnt/docker			 :volumes in docker-compose.yml
/mnt/zpool/dbs		  /mnt/dbs
/mnt/zpool/data		 /mnt/data


Docker-compose.yml
Code:
version: '2' 
services: 
  mariadb:
	image: linuxserver/mariadb
	hostname: mariadb
	environment:
	  PGID: '1000'
	  PUID: '1000'
	  MYSQL_ROOT_PASSWORD: 'passwordofyourchoice'
	  TZ: 'Europe/Berlin'
	stdin_open: true
	tty: true
	ports:
	- 3306:3306/tcp
	labels:
	  io.rancher.container.pull_image: always
  nextcloud:
	image: linuxserver/nextcloud
	hostname: nextcloud
	environment:
	  PGID: '1000'
	  PUID: '1000'
	volumes:
	- /mnt/docker/rancher/nextcloud:/config
	- /mnt/data/sorted-data/scientific-data:/scientific-data
	stdin_open: true
	tty: true
	ports:
	- 2480:80/tcp
	- 2443:443/tcp
	labels:
	  io.rancher.container.pull_image: always
  freshrss:
	image: linuxserver/freshrss
	hostname: freshrss
	environment:
	  PGID: '1000'
	  PUID: '1000'
	  TZ: 'Europe/Berlin'
	volumes:
	- /mnt/docker/rancher/freshrss:/config
	stdin_open: true
	tty: true
	ports:
	- 2280:80/tcp
	labels:
	  io.rancher.container.pull_image: always
  ghost:
	image: ghost
	hostname: ghost
	volumes:
	- /mnt/docker/rancher/ghost:/var/lib/ghost
	stdin_open: true
	tty: true
	ports:
	- 2368:2368/tcp
	labels:
	  io.rancher.container.pull_image: always


and rancher-compose.yml

Code:
version: '2' 
services: 
  mariadb:
	scale: 1
	start_on_create: true
  nextcloud:
	scale: 1
	start_on_create: true
  freshrss:
	scale: 1
	start_on_create: true
  ghost:
	scale: 1
	start_on_create: true


you basically import both files with the gui here:
Capture.PNG


and within 2 minutes you have
a mysqldb up nextcloud 12 an rss reader and a ghost blog. And if you want to change something for a container you can do this on the fly via the webinterface as well, pseudo realtime editing.

EZPZ
 

Muddro

Explorer
Joined
Oct 6, 2014
Messages
59
I have been playing with the nfs-client docker and it never worked for me with multiple nfs-whatever.yml for me only the last nfs file was loaded every time. So in order to mount multiple volumes from NFS shares you'll have to write one nfs.yml which should contain the following

Code:
#/var/lib/rancher/conf/cloud-config.d/nfs.yml
write_files:
  - path: /etc/rc.local
	permissions: "0755"
	content: |
	  #!/bin/bash
	  [ ! -e /usr/bin/docker ] && ln -s /usr/bin/docker.dist /usr/bin/docker

rancher:
  services:
	nfs:
	  image: d3fk/nfs-client
	  labels:
		io.rancher.os.after: console, preload-user-images
		io.rancher.os.scope: system
	  net: host
	  privileged: true
	  restart: always
	  volumes:
		- /usr/bin/iptables:/sbin/iptables:ro
		- /mnt/mm:/mnt/mm:shared
		- /mnt/docker:/mnt/docker:shared
		- /mnt/dbs:/mnt/dbs:shared
	  environment:
		SERVER: 192.168.0.2
		SHARE: /mnt/volume01/multimedia
		MOUNTPOINT: /mnt/mm

#cloud-config
mounts:
  - ["192.168.0.2:/mnt/volume01/docker", "/mnt/docker", "nfs", ""]
  - ["192.168.0.2:/mnt/volume01/db", "/mnt/dbs", "nfs", ""]



The first part create 3 volumes to mount into namely /mnt/mm, /mnt/dbs, and /mnt/docker and mounts 192.168.0.2:/mnt/volume01/multimedia to /mnt/mm. After this is done and only after this docker is loaded sudo mount -t nfs 123.123.123.123:/wtf /mnt/wtf will work on RancherOS, then it is possible to add the mounts into the cloud config. This can all be done in the nfs.yml file.

After creating the yml file always check at least the formating using sudo ros config validate -i wtf.yml if there is a formating error you will receive a message. e.g.
> FATA[0000] yaml: [while parsing a block collection] did not find expected '-' indicator at line 6, column 3

Ugh. Need help. First time using docker and had success in getting it installed. Only need it for 1 purpose: filebot. However, I cannot get access to any of my shares for the life of me. Or at least I am unable to access it from rancher. Following these instructions i created:

Code:
#/var/lib/rancher/conf/cloud-config.d/nfs.yml
write_files:
  - path: /etc/rc.local
	permissions: "0755"
	content: |
	  #!/bin/bash
	  [ ! -e /usr/bin/docker ] && ln -s /usr/bin/docker.dist /usr/bin/docker

rancher:
  services:
	nfs:
	  image: d3fk/nfs-client
	  labels:
		io.rancher.os.after: console, preload-user-images
		io.rancher.os.scope: system
	  net: host
	  privileged: true
	  restart: always
	  volumes:
		- /usr/bin/iptables:/sbin/iptables:ro
		- /mnt/config:/mnt/config:shared
		- /mnt/media:/mnt/media:shared
	  environment:
		SERVER: 192.168.1.21
		SHARE: /mnt/MyVolume/docker
		MOUNTPOINT: /mnt/config

#cloud-config
mounts:
  - ["192.168.1.21:/mnt/MyVolume/Media", "/mnt/media", "nfs", ""]


Did I do it wrong? media shows up but there is nothing in its contents. I am lost as to get this to work. this is like my last step. Please help.
 

danjng

Explorer
Joined
Mar 20, 2017
Messages
51
File looks OK at first glance. Does it validate correctly with 'sudo ros config validate -i wtf.yml'?

Also, I'm assuming you have your case sensitivity down with respect to your paths?

Hard to tell. Anything coming up in the logs?
 

Muddro

Explorer
Joined
Oct 6, 2014
Messages
59
File looks OK at first glance. Does it validate correctly with 'sudo ros config validate -i wtf.yml'?

Also, I'm assuming you have your case sensitivity down with respect to your paths?

Hard to tell. Anything coming up in the logs?
as far as the yaml syntax goes its correct, and sudo ros config validate -i nfs.yml was fine.

I dont knwo if maybe by freenas NFS shares are messed up? I have never really used NFS shares so maybe thats the problem. Also, when I am in Filebot-Node, it doesn't even access /mnt/.
Finally, in /mnt/ there is the media and config folder so its created the mount points, just nothing in there.
 

danjng

Explorer
Joined
Mar 20, 2017
Messages
51
Having those folders in your /mnt directory on the host is normal because of your yaml. It's not picking up the NFS mount to populate that.

Pop in on your FreeNAS logs and see if anything comes up.

Initially, I was having issues with my NFS mounts as well and I was seeing permission errors. If you have set up any restrictions on your NFS mounts (e.g. restricting them to a network or IP list), make sure your container host is compliant. Also, if you are trying to map a subdir like /mnt/MyVolume/Media and you've shared /mnt/MyVolume, but did not check 'all directories', then you might see an error - in other words, make sure that your NFS mounts are also configured the way they need to be.

Hope that helps
 

Zwck

Patron
Joined
Oct 27, 2016
Messages
371
can you share a picture of your shares and share settings for the two shares you are trying to mount

Capture.PNG
 
Top