I have a server with several virtual machines running. I am starting a container with Jira installation and i need the container to be assigned with different address from the DHCP and not use the host IP address. I am a noobie so please explain

The technique suggested in ad22's answer requires a custom build of the Docker engine that uses a fork of libnetwork. Now, more than four years after that hack was developed, the DHCP feature has still not been merged into the standard Docker engine, and the fork has fallen far behind the mainline code.

Since late 2019, it has been possible to assign IP addresses to Docker containers with DHCP using devplayer0's docker-net-dhcp plugin, which works with the standard Docker engine. When you create a new container, this plugin starts a Busybox udhcpc client to obtain a DHCP lease, then runs udhcpc (in a process outside the container's PID namespace) to renew the lease as needed.

As found in the other answer, using the macvlan will not enable the container to obtain addresses from DHCP. The functionality to obtain addresses from DHCP is experimental (this was created by someone associated with the docker libnetwork project)

https://gist.github.com/nerdalert/3d2b891d41e0fa8d688c

It suggests compiling the changes into the docker binary and then running

docker network create -d macvlan \
  --ipam-driver=dhcp \
  -o parent=eth0 \
  --ipam-opt dhcp_interface=eth0 mcv0

Since this requires re-compiling the binary, an alternate solution could be to assign static IP addresses to all your containers using the "--ip" option to docker run/compose, and get a DNS entry for your hostname assigned to this IP, and also ensure that the IP can never be assigned through DHCP.

FWIW, I made this work using podman.

Podman 4.3.1 (in Ubuntu 23.04 Lunar) does not support dhcp for macvtap

$ sudo podman network create --driver macvlan --opt parent=ens3
Error: macvlan driver needs at least one subnet specified, DHCP is not yet supported with netavark

If using newer podman, such as 4.5.1 in Fedora 38, the same command succeeds.

When trying this on Fedora 38, I then got

Error: netavark: unable to obtain lease: socket "/run/podman/nv-proxy.sock": No such file or directory (os error 2), is the netavark-dhcp-proxy.socket unit enabled?

So the procedure to get all this working in rootful podman on Linux seems to be

sudo podman network create mymacvlan --driver macvlan --opt parent=wlp0s20f3
sudo systemctl enable --now netavark-dhcp-proxy.socket
sudo podman run --net=mymacvlan --rm -it docker.io/library/alpine

For that effort, I got another error

Error: netavark: unable to obtain lease: dhcp proxy error: status: Aborted, message: "Could not find a lease within the timeout limit", details: [], metadata: MetadataMap { headers: {"content-type": "application/grpc", "date": "Sat, 08 Jul 2023 10:30:01 GMT", "content-length": "0"} }

Reading about MAC spoofing at https://github.com/containers/netavark/issues/690, I realized that using a wireless parent interface when configuring the podman network was a mistake.

This seems to be because wireless interfaces (and especially the Intel driver) usually disable MAC spoofing, which is necessary for macvlan to function (it sends DHCP requests from the container's MAC though the host interface). Therefore, what should work is to switch to using a wired interface.

sudo podman network create mywiredmacvlan --driver macvlan --opt parent=enp44s0u2
sudo podman run --net=mywiredmacvlan --rm -it docker.io/library/alpine

This works for me now. Beware that macvtap has the limitation that a host machine is unable to ping the macvtap containers running on it. Pinging the other way (from container to machine) does not work either. Other IPs on the network can be pinged, as well as sibling containers.

See also docs at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/building_running_and_managing_containers/assembly_setting-container-network-modes_building-running-and-managing-containers#con_the-macvlan-plugin_assembly_setting-container-network-modes

There also seems to be an option to use CNI plugins to provide podman networking (for older podman, before it switched to aardvark/netnetavark), which I did not investigate https://www.redhat.com/sysadmin/leasing-ips-podman

It should be possible to make the host reachable by following https://blog.oddbit.com/post/2018-03-12-using-docker-macvlan-networks/#host-access

You can achieve this using the docker network macvlan driver. According to the docs:

...you can use the macvlan network driver to assign a MAC address to each container’s virtual network interface, making it appear to be a physical network interface directly connected to the physical network.

So essentially, the virtual network interface will use the physical network interface exposed on the host to advertise its own virtual MAC address. This will then be broadcast to the LAN on which the DHCP server is operating, and the virtual interface will be assigned an IP.

The steps to get it going are:

1. Create a docker network which uses the macvlan driver:

   docker network create \
     --driver macvlan \
     --subnet=172.16.86.0/24 \
     --gateway=172.16.86.1  \
     --opt parent=eth0 lan_net
   

   The subnet and gateway would be those of your LAN network (on which the DHCP resides). The parent option specifies the physical interface on the host through which you would like your virtual interface to be exposed to the LAN network.

2. Run your container using the newly created network:

   docker run -it --rm --net=lan_net alpine