Repost from here
To be fair setting up macvlan gets complicated for those using Portainer. I honestly hadn’t realized this until I started rereading the docs posted above.
If using command line you can simply follow docker docs.
If using portainer there are actually 2 steps.
Step 1. Setup the network configuration to use the ethernet interface
step 2. create the network to use macvlan config setup in step1
STEP1
The portainer setup is pretty straigtforward and same settings of command line.
for me I have server network that uses IP range 192.168.10.1 - 224 and I want HA in this IP range so I setup docker macvlan config in portainer to use this
NAME: MacVlan_Config
DRIVER: Macvlan
Macvlan Configuration: configuration
PARENT NETWORK CARD: eth0
SUBNET: 192.168.10.0/24
IP RANGE: 192.168.10.20 -192.168.10.30
GATEWAY: 192.168.10.1
My DHCP does not assign within the IP RANGE I used. Docker will automatically assign the IP but when I create container I manually assign the IP. In either case I want to make sure docker and my router arent assigning same IPs so be to prevent this.
It is also possible to use IPV6 range
STEP2
You need to actually create the docker network that the containers will attach to and use.
NAME: MacVlan_Network
DRIVER: Macvlan
Configuration: MacVlan_Config
after this the network is ready for use like below
I define the mac address and IP for the container so it shows in my router properly and IP is static.
services:
##########################################
# HOMEASSISTANT #
##########################################
hass:
container_name: homeassistant
hostname: homeassistant
user: 1002:1002 # user:group must exist on host with desired permissions
mac_address: "02:42:0a:3c:1b:f1"
privileged: false
restart: unless-stopped
stop_grace_period: 10s
depends_on:
- mariadb
image: ghcr.io/ghcr.io/home-assistant/home-assistant:2023.12.1
volumes:
- "/srv/cam/docker/frigate/application/media_frigate:/media/frigate:ro"
- "/srv/main/docker/homeassistant/application/config:/config"
- "/etc/localtime:/etc/localtime:ro"
ports:
- "8123:8123/tcp" # HA UI
- "20165:21065/tcp" #
- "5353:5353/udp" # mDNS
- "51837:51827/udp" # homekit
networks:
dockerlocal:
homeassistant:
MacVlan_Net:
ipv4_address: "192.168.10.15"
reverseproxy:
deploy:
resources:
limits:
cpus: '2'
memory: 4096M
reservations:
cpus: '1'
memory: 1500M
##########################################
# HASS_DB #
##########################################
mariadb:
image: mariadb:latest
container_name: hass_db
hostname: hass_db
user: 1002:1002
restart: "unless-stopped"
stop_grace_period: 5s
security_opt: # see https://github.com/MariaDB/mariadb-docker/issues/434#issuecomment-1136151239
- seccomp:unconfined
- apparmor:unconfined
command: mariadbd --innodb-buffer-pool-size=512M --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120
## Never store database files on an unreliable device such as a USB flash drive, an SD card, or a shared network folder:
volumes:
- "/srv/main/docker/homeassistant/application/var_lib_mysql:/var/lib/mysql" # DO NOT REMOVE
environment:
MARIADB_AUTO_UPGRADE: "1"
MARIADB_INITDB_SKIP_TZINFO: "1"
MARIADB_DATABASE: "homeassistant"
MARIADB_USER: "homeassistant"
MARIADB_PASSWORD: "homeassistant"
MARIADB_ROOT_PASSWORD: "mariadb"
PGID: 1002
PUID: 1002
networks:
homeassistant:
deploy:
resources:
limits:
cpus: '2'
memory: 2000M
reservations:
cpus: '1'
memory: 512M
##########################################
# NETWORKS #
##########################################
networks:
dockerlocal:
external: true
homeassistant:
driver: bridge
MacVlan_Network:
external: true
reverseproxy:
external: true
ADDED DETAIL
First time I run compose I do not set MAC and let docker create one. It’s not required I just honestly do know what to use so it’s easier for me to allow docker to create it. I add the created Mac to the compose file laterd
I use a static IP on my network. After the MAC is defined a reserve the static address on my router
With this the container looks like a server on my network