Docker — More Networks is More Better
If you run across the following error message and found this post while searching for a solution, don't worry—the fix is easy:
Error response from daemon: could not find an available, non-overlapping IPv4 address pool among the defaults to assign to the network
The message is pretty clear: Docker has run out of IP addresses in the pools used for bridge networks, so it can't create a new bridge network. Docker, by default, uses two pools (172.16.0.0/12, 192.168.0.0/16) which makes sense given the IETF/IANA reserved blocks of IPs for private networks.
Docker splits these two pools up into smaller subnets for bridges, as shown in the table below. I don't know who the mad lads are that decided people need networks with 65k IP addresses available, but they're obviously doing a lot cooler stuff than I am.
| Pool | Total IPs | Network Mask | Network IPs | Network Available |
|---|---|---|---|---|
| 172.16.0.0/12 | 1,048,576 | /16 | 65,536 | 16 |
| 192.168.0.0/16 | 65,536 | /20 | 4,096 | 16 |
x.x.x.x/xx you can read all about it on wikipedia. Networking is fun after all!Docker is configured to provide 32 networks, one of which is used by the default bridge network Docker creates. So really, 31 bridge networks are available: 15 with 65k IPs available and 16 with 4k available.
The Solution
Unfortunately, getting this error probably means you are running a lot of containers, so depending on the solution, it can be tedious to fix. Fortunately, the fix itself is pretty simple. What pools are used and how they're divided up can be configured in /etc/docker/daemon.json.
Solution 1: Allocation smaller ranges!
The first thing to do is to create or update /etc/docker/daemon.json to change how Docker should divide up those two pools in a way that makes more sense. The /20 Docker uses for the 192.168.0.0/16 pool is more than generous enough for me with 4k IP addresses per network. This gives me the ability to create 256 networks in just the first pool, plus the original 16 the second one provides. That should last me for a while.
{
"bip": "172.16.0.1/16",
"default-address-pools": [
{
"base":"172.17.0.0/12",
"size":20
},
{
"base":"192.168.0.0/16",
"size":20
}
]
}I left the Docker default bridge network (bip) as a /16 because…I don't know it just felt like the right thing to do.
After that, I had to make sure all the existing bridges were removed so Docker could recreate them. Once the only remaining bridge network is the default bridge restart the Docker daemon. For systemd based systems something like systemctl restart docker will do the trick. Check to make sure Docker recreated the default bridge with the right configuration using docker network inspect bridge and look at the IPAM -> Config -> Subnet settings to make sure it shows 172.16.0.0/16. Then the only task left is to recreate all the bridge networks!
Solution 2: Add another pool!
This seems like the easier solution, but I went with Solution 1 because I prefer to change as little as possible. But you'll also see suggestions online to just add another pool. This is really following the same steps from Solution 1, except all the settings are going to be what the defaults would be anyways, and just adding another pool. I'd suggest something in the 10.0.0.0/8 range since that is another reserved private network range. I'll even make the subnets /16 too so we can all be mad lads.
{
"bip": "172.16.0.1/16",
"default-address-pools": [
{
"base":"172.16.0.0/12",
"size":16
},
{
"base":"192.168.0.0/16",
"size":20
},
{
"base":"10.0.0.0/8",
"size":16
}
]
}Well, that's really it. Thanks for reading. As a reward, here is a picture of a sugar glider trying to give you a hug I found when googling for a picture of a sugar glider.
