IT

One of my latest projects was a fully dockerized name server infrastructure based on PowerDNS: one master and two slaves — one in the same subnet and the second running in a cloud on a basic virtual machine. Why PowerDNS? Because I needed an API, a proper admin-friendly web interface, user management, and LDAP integration. PowerDNS fully matched my requirements. Why Docker? Because I wanted some level of automation and IaC — Docker fits nicely in the middle, where you have several configs and docker-compose files fully describing the container configuration.

When starting 150+ Docker containers with docker-compose, I encountered a strange problem: "Could not generate persistent MAC address".

How to protect iptables when using docker-compose . By default, Docker dynamically modifies iptables rules, which prevents normal firewall management. Many guides suggest saving Docker rules and restoring them later — I don't think this is a good approach. If Docker cannot handle firewall tasks properly, let's free it from this responsibility. See also docker-compose demonization with systemd .

Easy way to (auto)start your infrastructure with docker-compose . Very useful for development, review servers, pre-prod, or test environments. Also includes tips on protecting iptables when using docker-compose .