Docker Swarm Deployment Guide (IPvlan)
This guide describes how to deploy NetAlertX in a Docker Swarm environment using an ipvlan network. This enables the container to receive a LAN IP address directly, which is ideal for network monitoring.
โ๏ธ Step 1: Create an IPvlan Config-Only Network on All Nodes
Run this command on each node in the Swarm.
docker network create -d ipvlan \
--subnet=192.168.1.0/24 \ # ๐ง Replace with your LAN subnet
--gateway=192.168.1.1 \ # ๐ง Replace with your LAN gateway
-o ipvlan_mode=l2 \
-o parent=eno1 \ # ๐ง Replace with your network interface (e.g., eth0, eno1)
--config-only \
ipvlan-swarm-config
๐ฅ๏ธ Step 2: Create the Swarm-Scoped IPvlan Network (One-Time Setup)
Run this on one Swarm manager node only.
docker network create -d ipvlan \
--scope swarm \
--config-from ipvlan-swarm-config \
swarm-ipvlan
๐งพ Step 3: Deploy NetAlertX with Docker Compose
Use the following Compose snippet to deploy NetAlertX with a static LAN IP assigned via the swarm-ipvlan network.
services:
netalertx:
image: ghcr.io/jokob-sk/netalertx:latest
ports:
- 20211:20211
volumes:
- /mnt/YOUR_SERVER/netalertx/config:/app/config:rw
- /mnt/YOUR_SERVER/netalertx/db:/netalertx/app/db:rw
- /mnt/YOUR_SERVER/netalertx/logs:/netalertx/app/log:rw
environment:
- TZ=Europe/London
- PORT=20211
networks:
swarm-ipvlan:
ipv4_address: 192.168.1.240 # โ ๏ธ Choose a free IP from your LAN
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
placement:
constraints:
- node.role == manager # ๐ Or use: node.labels.netalertx == true
networks:
swarm-ipvlan:
external: true
โ Notes
- The
ipvlansetup allows NetAlertX to have a direct IP on your LAN. - Replace
eno1with your interface, IP addresses, and volume paths to match your environment. - Make sure the assigned IP (
192.168.1.240above) is not in use or managed by DHCP. - You may also use a node label constraint instead of
node.role == managerfor more control.