feat!: Network Management System v1#2811
Conversation
BREAKING CHANGE: The isolatedDeployment feature has been completely removed from the codebase.
|
@Elvinra Okay so I've resolved the conflicts.
I didn't quite understand when I replied the other day, but that's the expected behavior. The domain cannot be on 
You can only choose the networks (except Image updated |
|
I talked to @Siumauricio 2 days ago on discord, he has already looked at the PR but needs more time to do a full review and suggest improvements. He will try to work on it in the next few days. |
|
Great, thank you @chichi13 |
|
Unfortunately, no news for this PR... |
|
Let's go with this feature! |
|
@Siumauricio do something, delegate if you don't have time, too many PRs have been waiting for months. Wanting to control everything yourself goes against the spirit of the open source community... |
|
@Siumauricio when can we expect to have this feature merged? It is a priority for lots of people. |
|
Just faced this problem today while trying to connect PgBouncer with Postgres (from UI). This feature will be very useful as dokploy-network seems to be accessible across all projects. |
|
Can you resolve conflicts? @chichi13 |
I will check that today/tomorrow! |
chichi13
force-pushed
the
feature/network-management
branch
from
c2b9c9d to
43a63ab
Compare
|
@Siumauricio merge done I struggled a bit, but everything should be fine. However, I get errors from the "canary" branch when I go to the project list: ❌ tRPC failed on project.all: cannot pass more than 100 arguments to a function
GET /api/trpc/project.all?batch=1&input=%7B%220%22%3A%7B%22json%22%3Anull%2C%22meta%22%3A%7B%22values%22%3A%5B%22undefined%22%5D%2C%22v%22%3A1%7D%7D%7D 500 in 116ms (compile: 2ms, render: 114ms) |
|
Okay, I understand. With the new migrations since the PR opened in October, some queries return more than 100 columns. Drizzle ORM limits to 100 columns, and we were at... 101. So I fixed the problem by specifying the columns. We've gone from 101 columns returned to ~7. |
@Siumauricio I think it's time |
This comment has been minimized.
This comment has been minimized.
…ment - Deleted the SQL migration file `0145_needy_shooting_star.sql` which included the creation of the `network` table and related alterations. - Updated the journal and snapshot metadata to reflect the removal of the migration.
- Introduced a new `network` table with relevant fields and constraints. - Added `previewNetworkIds` and `customNetworkIds` columns to the `application`, `compose`, `mariadb`, `mongo`, `mysql`, `postgres`, and `redis` tables. - Established foreign key relationships for the `network` and `domain` tables to ensure data integrity.
I think we need to be more considerate of the time required for each feature. If a PR is not merged or reviewed, it is simply because it does not meet coding standards, especially for such a large feature. I am not going to merge a PR that does not meet the expectations of people who use dokploy. Unfortunately, AI moves so fast and sometimes we have too many PRs with AI. I'm not saying that's bad, it's just that the standard isn't being followed and this makes review very, very difficult. I have reviewed this PR and it definitely needs a lot of changes in terms of improving code quality (making it simpler, for example, or following the same structure that we follow throughout the project). That is why, if you see a PR that is not merged, it is simply because it does not follow our standards, and the best and easiest thing to do is to simply close the PR and create the functionality from scratch unfortunately. It saves time. |
I was expecting another separate message about the PR itself (I still spent more than 7 human days on the feature). Rereading the code, I'm not sure I understand what you mean by "needs a lot of changes in terms of improving code quality (making it simpler, for example, or following the same structure that we follow throughout the project)." Can you elaborate a little more? For me, this PR is not just a network feature, but a security flaw fix. Currently, a hacker who performs privilege escalation in a container could access all containers deployed on our dokploy, since there is no network isolation for most applications. |
|
Thanks @ishvedov It's a shame there wasn't clear communication (the only comment being to highlight a negative comment rather than my work), but if the feature is implemented as he wants, everyone will be happy. |
I think he needs more "core" collaborators for this project, its getting bigger |
13 participants
What is this PR about?
Breaking Change
This PR introduces a complete redesign of network management in Dokploy, replacing the legacy
isolatedDeploymentfeature with a flexible custom network system.Overview
This PR implements comprehensive Docker network management as a core feature of Dokploy. Users can now create, manage, and assign custom Docker networks to any resource type (applications, compose services, databases) with full control over network configuration, IPAM settings, and driver selection.
Major Changes
Network Management System
/dashboard/networkspage for organization-wide network administrationDatabase Schema
New
networkTablebridgeandoverlayResource Schema Updates
customNetworkIdsfield to all resource types:applicationcomposepostgres,mysql,mariadb,mongo,redisNetwork Features
Automatic Traefik Integration
Driver Validation
Network Synchronization (based on labels)
Migration and Backward Compatibility
Migration 0117: Add Network table and add
customNetworkIdsfieldMigration 0118: Convert isolatedDeployment to customNetworkIds
This migration automatically converts all existing compose services using
isolatedDeployment=trueto the new network system:isolatedDeployment=trueappNameas the network nameoverlayfor remote servers,bridgefor local)customNetworkIdsisolatedDeployment=falseon migrated servicesContext: Compose services with isolated deployment already have Docker networks created with
name = compose.appName. The migration imports these existing networks into the database and establishes proper tracking.Migration 0119: Remove isolatedDeployment Field
Removes the obsolete
isolatedDeploymentboolean field from the database schema after successful migration.Testing
New Test Coverage
Network Service Tests (
network-service.test.ts):Compose Network Integration (
compose-networks.test.ts):Schema Validation (
schema.test.ts):Breaking Changes
Removed:
isolatedDeploymentFieldThe
isolatedDeploymentboolean field has been removed from thecomposetable schema.Migration: All existing data is automatically migrated via migration 0118. No manual intervention required for Dokploy users.
Checklist
Before submitting this PR, please make sure that:
canarybranch.Issues related
closes #2798
closes #1495
Screenshots