is OMV good-enough at subnetting ?

    • OMV 4.x
    • is OMV good-enough at subnetting ?

      Hello all

      I'm looking into organising the following

      10.10.x.x.
      - OMV NAS
      - media server
      - pihole
      - backup server
      - main router + firewall (Edgerouter X)
      - etc

      10.20.x.x.
      - reverse proxy
      - openvpn server for external access

      10.30.x.x.
      - download machines behind VPN

      The purpose of separation on different subnets is of course increased security.

      My question is wether OMV can be a suitable base-platform for the above, either via docker containers, or via VMs.

      Can I have 10.20.x.x containers onto a 10.10.x.x OMV instance? How would docker "see"/manage them?
    • uga wrote:

      My question is wether OMV can be a suitable base-platform for the above, either via docker containers, or via VMs.
      Linux seems to be pretty good at it and OMV is Linux.

      uga wrote:

      Can I have 10.20.x.x containers onto a 10.10.x.x OMV instance? How would docker "see"/manage them?
      Pretty sure the container host has to be on the subnet for container to be on a different subnet.
      omv 4.1.22 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.15
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • ryecoaaron wrote:

      uga wrote:

      My question is wether OMV can be a suitable base-platform for the above, either via docker containers, or via VMs.
      Linux seems to be pretty good at it and OMV is Linux.
      Of course :)
      I actually meant something a bit more elaborate but I realize I did not convey it. Let me explain better.
      When I am in front of elaborate systems like OMV I prefer acting "from above them", instead of "from underneath".
      My fear is that fiddling with routing, networking, etc "at the debian level" ("undeneath OMV") might create problems "at the upper floor".
      Is that an ungrounded fear? I would be happy! :)



      ryecoaaron wrote:

      uga wrote:

      Can I have 10.20.x.x containers onto a 10.10.x.x OMV instance? How would docker "see"/manage them?
      Pretty sure the container host has to be on the subnet for container to be on a different subnet.

      Not sure if I understood your response.
      Are you saying that for a container to stay on 10.20.x.x, also the OMV underneath it must stay on 10.20.x.x ?
      If that is true, then Docker, or OMV's implementation thereof, is not suitable for what I want, which is having various "containers" (be them docker containers, or vms, or whatever), each on a different subnet, on just one piece of hw. (I know 100% this can be done via VMs, dunno about "VM hosted by OMV".)
    • uga wrote:

      Is that an ungrounded fear?
      OMV completely rewrites most config files. So, if you make networking changes underneath OMV and then change something in the web interface, it will overwrite your changes. Having a few subnets won't change this statement.

      uga wrote:

      Are you saying that for a container to stay on 10.20.x.x, also the OMV underneath it must stay on 10.20.x.x ?
      I *think* docker needs the host/OMV to be on 10.20.x.x if you want the container to be. That might be wrong. I have never tried it. With the default networking, the container gets its address from docker which means it won't be on 10.20.x.x technically (usually 172.x.x.x) but it will use the host's network. You could have the host on all three subnets if you really want though.

      uga wrote:

      If that is true, then Docker, or OMV's implementation thereof, is not suitable for what I want, which is having various "containers" (be them docker containers, or vms, or whatever), each on a different subnet, on just one piece of hw.
      Once again, it might be able to. I don't know since this isn't a common practice with containers. VMs are probably what you want and yes you can do this on OMV.

      uga wrote:

      (I know 100% this can be done via VMs, dunno about "VM hosted by OMV".)
      Please stop thinking OMV does something magical to Linux that makes it different. OMV and Linux don't care what the guest is doing. If OMV can't do something the you "know" linux can do, that is probably just a limitation in the plugin but it doesn't mean it can't do it.
      omv 4.1.22 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.15
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!