Truenas Scale-Apps-vlan

[BlueScreenTT]

Hi

so i have used truenas core for some years now and had some problems but nothing i couldent get help with here.
i am happy with Core but wanted to try Scale.

My problem is to get my head arround the differences from how the jails was working to how the apps are working.

all my jails were working with different vlans and some even dedicated nics.

i can setup and get the vlans and bridges working with VM's in Scale but i can not figure out how to get the apps away from the main IP that the server have.
i dont want to run all apps on the same IP and just use different ports.
i have my firewall and network setup differently

is is possible to give the apps a vlan or a dedicated nic ?

 

[NugentS]

As far as I can tell - its not possible. I would love to be wrong

 

[morganL]

Hi

so i have used truenas core for some years now and had some problems but nothing i couldent get help with here.
i am happy with Core but wanted to try Scale.

My problem is to get my head arround the differences from how the jails was working to how the apps are working.

all my jails were working with different vlans and some even dedicated nics.

i can setup and get the vlans and bridges working with VM's in Scale but i can not figure out how to get the apps away from the main IP that the server have.
i dont want to run all apps on the same IP and just use different ports.
i have my firewall and network setup differently

is is possible to give the apps a vlan or a dedicated nic ?

It is not as well documented as it should be: https://www.truenas.com/docs/scale/scaleuireference/apps/usingapps/

"You can find additional options for configuring general network interfaces and IP addresses for application containers in Apps > Settings > Advanced Settings."

Let us know whether you find what you are looking for.

 

[BlueScreenTT]

Thank you but i cant get it to work.

switching back to Core.

 

[Kris Moore]

I'll have to check if this was just added only for Bluefin, but we do have a network interface option when you deploy the App.

 

[NugentS]

That looks +ve - I would really like to put the containers on a different interface and behind a different IP - but I can wait

 

[BlueScreenTT]

so what you are saying Kris is the this is a feature that is comming ?

 

[truecharts]

I'll have to check if this was just added only for Bluefin, but we do have a network interface option when you deploy the App.

View attachment 58372

This option existed with our Apps and Launch Docker for about a year by now.
It's not an option we would advice, but does technically work.

For our Apps we would advice another loadbalancer like MetalLB to expose ports on different IP addresses and VLANS.

 

[Kris Moore]

Confirmed its in Angelfish as well currently, you'd see it if you click Edit on an App.

 

[NugentS]

Where?

 

[Kris Moore]

On my system, after installing an app. Go to the three dot menu, and select Edit on the app. Scroll down until you see the network section, where you can click "Add" to attach external interfaces.

 

[NugentS]

Doesn't exist - this was an ix app rather than truecharts

 

[sretalla]

The advice is that it's for Launch Docker Image apps, not necessarily others.

 

[NugentS]

ahh - that would make a certain amount of sense, unfortunately

 

[truecharts]

ahh - that would make a certain amount of sense, unfortunately

Sadly enough, one of the key difference between iX-Apps and TrueCharts is the fact that we try to keep the same options available for each-and-every App.
But that takes a lot of standardisation and development time, more than iX has available at the moment it looks like.

 

[NugentS]

Its still early on in the Scale journey and I can work with what is - its not ideal, but it does mostly work without too many compromises.

I would like to see being able to use a different NIC/IP Address for different containers in time. The ability to segregate workloads in to different VLANs/NIC's/IP addresses is important in my view - but its also a nice to have.

Perhaps in the future

This option existed with our Apps and Launch Docker for about a year by now.
It's not an option we would advice, but does technically work.

For our Apps we would advice another loadbalancer like MetalLB to expose ports on different IP addresses and VLANS.

Where? Or am I being dumb (entirely possible)

 

[truecharts]

Its still early on in the Scale journey and I can work with what is - its not ideal, but it does mostly work without too many compromises.

I would like to see being able to use a different NIC/IP Address for different containers in time. The ability to segregate workloads in to different VLANs/NIC's/IP addresses is important in my view - but its also a nice to have.

Perhaps in the future

Where? Or am I being dumb (entirely possible)

For MetalLB, our adviced solution, it's in the new WIP enterprise train and is mostly finished by now. (mostly extra tests, metrics and docs needed)

The Direct External Interface attachment, is available under "Show Expert Config".
However: You're bypassing the complete kubernetes stack and it still does not guarantee that outgoing traffic is going via said adapter. So we would *highly* advice using metallb instead.

 

[NugentS]

I'll open a new thread - but I am trying to run Plex (as an example) via Launch Docker Image and I am clearly failing my container-foo

Launching a Docker Image using Launch Docker Image

I picked Plex as an example - but I am trying to Launch a Native Plex Container, not using the TrueCharts or Plex official images behind a different IP on an interface. At the moment I am getting nothing. I am not expecting access to any media at this stage - just access to the Plex Media...

www.truenas.com

 

[raidflex]

Resurrecting this thread for any updates on this situation. So if I have a single SFP+ port on my Truenas box and switch to SCALE is there a way to separate VMs and apps on separate Vlans that all transverse on the single SFP+ port?

 

[NugentS]

You would need (I think) to create a bridge but beyond that I don't know