Best practices deploying Docker containers on LXC with multiple network devices?

[mhayhurst]

I deployed an Ubuntu 24.04 LXC with multiple network devices (eth0, eth15, eth20, eth25...eth60) each on it's own vlan. In the LXC I created Docker macvlan networks and attached each to it's corresponding network device so I can setup various containers on different vlans. However, each network device was set as the default route which created problems.

So I added this to the end of: /etc/systemd/network/eth0.network (which I want as my default route):

[DHCPv4]
RouteMetric=100

and added this to the end of each: /etc/systemd/network/eth{15,20,25...60}.network

[DHCPv4]
UseRoutes=false

I also created /etc/systemd/network/.pve-ignore.eth{0,15,20,25...60}.network files so my changes would persist through reboots.

Everything seems to work so far but is this best practice or is there a better way to accomplish this?

 

[Johannes S]

Best practice is to use am vm for docker containers, from the docs:

If you want to run application containers, for example, Docker images, it is recommended that you run them inside a Proxmox QEMU VM. This will give you all the advantages of application containerization, while also providing the benefits that VMs offer, such as strong isolation from the host and the ability to live-migrate, which otherwise isn’t possible with containers. https://pve.proxmox.com/wiki/Linux_Container