Docker / k8s network configuration

docker-compose.yml

@@ -17,8 +17,9 @@ services:
       - ./certs:/certs:ro
       - traefik_data:/data
     networks:
-      - frontend
-      - backend
+      frontend:
+        ipv4_address: 10.96.1.50
+      backend:
     healthcheck:
       test: ["CMD", "traefik", "healthcheck"]
       interval: 30s
@@ -180,11 +181,14 @@ services:
       timeout: 5s
       retries: 5
 
-# Network Definition - Simplified
+# Network Definition
 networks:
   frontend:
     driver: bridge
     internal: false  # Only for Traefik public access
+    ipam:
+      config:
+        - subnet: 10.96.1.0/24
     labels:
       - "com.motovaultpro.network=frontend"
       - "com.motovaultpro.purpose=public-traffic-only"
@@ -192,6 +196,9 @@ networks:
   backend:
     driver: bridge
     internal: false   # Needs external access for Auth0 JWT validation
+    ipam:
+      config:
+        - subnet: 10.96.20.0/24
     labels:
       - "com.motovaultpro.network=backend"
       - "com.motovaultpro.purpose=api-services"
@@ -199,6 +206,9 @@ networks:
   database:
     driver: bridge
     internal: true   # Data isolation
+    ipam:
+      config:
+        - subnet: 10.96.64.0/24
     labels:
       - "com.motovaultpro.network=database"
       - "com.motovaultpro.purpose=data-layer"