Changing the network range of the appliance

In some infrastructures, there can be a collision of IP ranges of the appliance internal network with already existing IP ranges in the surrounding infrastructure. As a result, packet routing may not work correctly. The solution is to regenerate the appliance network interface using a different, non-conflicting network IP range.

At first, we need to find non-conflicting network range of addresses of size /24 which we will use for the new appliance network. Once you have it determined, follow this tutorial.

Turn off all the running containers.

systemctl stop iam-cas iam-czechidm iam-web-proxy iam-directory-server iam-czechidm-db

Using the command docker ps check that no container is running (the list will be empty).
Delete the internal network using the command.
```
docker network rm appliance
```
Using docker network ls, list all Docker networks and check that the network appliance does not exist.
Create a new network with non-conflicting range, ADDRESS is the newly selected non-conflicting range in CIDR format (address/mask).
```
docker network create --subnet ADDRESS --opt "com.docker.network.bridge.name=appliance" appliance`
```
Using docker network ls check the newly created network.
Delete all original Docker containers because they maintain a link to the original network. Using docker ps -a, list all containers. Then, with the command docker rm CONTAINER_NAME, remove them.
After that, you can gradually start the services. You should check up on their start in the log files.
1. First, start the CzechIdM database systemctl start iam-czechidm-db.
2. Then, start the directory server systemctl start iam-directory-server.
3. Start the web proxy and the CAS access manager systemctl start iam-web-proxy iam-cas.
4. Start CzechIdM systemctl start iam-czechidm. Because the container will be newly created, the application will be relinked and the start can take more than 10 minutes.
5. Using docker ps, check running containers.