-
Notifications
You must be signed in to change notification settings - Fork 80
Networking Tips
This page is dedicated to misc deployment related tips and tricks
It should be no surprise that the daemon creates its own network, and sometimes creating the network fails to be created. This is due to pterodactyl looking to assign the network a CIDR. This is bound to happen when anyone runs a deployment of this project. A quick and easy fix is to just create the pterodactyl_nw yourself and save the hassle of manually assigning a CIDR and gateway. You can create the network using docker network create.
FirewallD is the firewalling daemon for the RedHat Family of distributions. It's default profile is "public", which drops most packets when received with the exception of SSH and cockpit (if installed by default). This is intended to prevent installing/configuring services that may open ports on the system unintentionally. When it comes to containers, this profile may block container traffic from reaching opened ports, even if the outside world can see it.
One of the ways to prevent this from occurring is to either add the bridge interface or bridge ip address to another profile, such as trusted.
firewall-cmd --zone=trusted --add-source=172.17.0.0/16 # Add CIDR to trusted zone
firewall-cmd --zone=trusted --add-interface=docker0 # Add docker interface to trusted zone
firewall-cmd --runtime-to-permanent
Some of the newer versions of RedHat/CentOS/Fedora have migrated over to nftables and causes some odd issues with running a container workload under Docker. Docker still relies on iptables to handle the routing and firewall capabilities. Thankfully FirewallD supports using either nftables and iptables for the time being.
To enable iptables under firewalld, just edit /etc/firewalld/firewalld.conf and find the following line:
FirewallBackend=nftables
and change it to
FirewallBackend=iptables
Reload firewalld AND docker after changing.