Problems using "network" section in docker-compose.yml

ajlennon · July 25, 2023, 11:43am

Hi all,

I’ve posted here that we’re working on OpenThread Border Router support. As a part of that we need to support IPv6/IPv4 routing.

@see: Containerising OpenThread Border Router (OTBR) for OpenThread [WIP] - #3 by ajlennon

From reading around this seems to involve adding a network section to the docker-compose.yml file. However when I add this in “strange things happen” with the network continually being added and removed / service restarting.

To try to get to the bottom of this I created a very simple hello-world app that just runs a script that sleeps.

This is the docker-compose.yml file

version: '2'

services:
   hello-world:
     build: ./hello-world

     network_mode: host
     networks:
       ipv6net:
          ipv6_address: 2001:3984:3989::20

networks:
   ipv6net:
     driver: bridge
     enable_ipv6: true
     ipam:
       driver: default
       config:
       - subnet: 2001:3984:3989::/64
         gateway: 2001:3984:3989::1

When I balena push hello-world to my fleet I get the constant cycling behaviour

EDIT

I’ve just spotted the above has network: host. When I remove this I get a similar kind of error

version: '2'

services:
   hello-world:
     build: ./hello-world

#     network_mode: host
     networks:
       ipv6net:
          ipv6_address: 2001:3984:3989::20

networks:
   ipv6net:
     driver: bridge
     enable_ipv6: true
     ipam:
       driver: default
       config:
       - subnet: 2001:3984:3989::/64
         gateway: 2001:3984:3989::1

Can anybody advise?

Thanks, Alex

ajlennon · July 25, 2023, 11:43am

@mpous did a simple test case. Happy to share this to support if anybody fancies a look?

ajlennon · July 25, 2023, 11:59am

And this is what journalctl is looping doing

majorz · July 25, 2023, 12:19pm

Searching for the particular error I found this: docker throws error when adding IPv6 route · Issue #2432 · moby/libnetwork · GitHub. However I am not certain that is what is really causing the restart itself. Checking further.

ajlennon · July 25, 2023, 12:22pm

I’m not sure what to look for in the underlying host (if anything). You’re more than welcome to get into the board I have running this test here if that’s of any use @majorz

majorz · July 25, 2023, 1:47pm

I did more digging and from what I see I assume ipv6 is simply not enabled in balenaEngine for containers. Thanks for offering access to the board - for now I believe this should be easily reproducible on our side. I will spawn a VM now with balenaOS and see whether that will be the case. I will let you know what I find.

ajlennon · July 25, 2023, 1:55pm

Very interesting - thanks for looking at this @majorz. Yes please do as we’re super keen here to get on with containerising OTBR

majorz · July 26, 2023, 3:52pm

Sorry for not getting back to you earlier, but we have identified the problem on our side. It is just that balenaEngine/Docker needs extra configuration for this - Enable IPv6 support | Docker Documentation. Next step for us is to make this manually work on a live device. Afterwards we will discuss internally how this could be possibly enabled more specifically.

ajlennon · July 26, 2023, 4:08pm

Brilliant! Anything I can do at this end to enable it in the meantime?

majorz · July 28, 2023, 2:12pm

From my debugging I saw that supervisor needs also an ipv4 address to be specified. Next to the ipv6 address can you please add an ipv4 address as well and let me know whether this time it works for you?

version: '2.4'

services:
  hello-world:
    build: ./hello-world

    networks:
      customnet:
        ipv4_address: 172.28.0.2
        ipv6_address: 2001:3984:3989::20

networks:
  customnet:
    enable_ipv6: true
    ipam:
      driver: default
      config:
      - subnet: 172.28.0.0/14
        gateway: 172.28.0.1
      - subnet: 2001:3984:3989::/64
        gateway: 2001:3984:3989::1

ajlennon · July 28, 2023, 9:43pm

Awesome ! That fixes it thanks! I will go back to try this with the OTBR service!

majorz · July 28, 2023, 9:46pm

Thanks, please try it with the service as I am not completely sure routing will properly work although the addresses are available now inside the container.

ajlennon · July 28, 2023, 10:08pm

The OTBR service runs up. It’s not quite working right but I’ll take a look at what’s going on tomorrow. It certainly isn’t restarting all the time like it was. Thanks again !!!

ajlennon · July 29, 2023, 12:51pm

I am pretty sure that is all looking really good now thanks @majorz. I still have one problem which is to do with inter-container network setup but I will move that chat back over to the OTBR issue