we’re building our own SDN system and run networking software (like frr, keepalived, etc.) in docker containers.
The default docker networks (bridge, host, macvlan) don’t meet our requirements (use multiple veth with routing not bridging, different vrfs, etc.).
For testing purposes, I start the containers without networking (—network=none), then get the pid of the container (via docker inspect), set up a name for the container’s netns and set up the networking using the ‘ip netns’ command.
This causes problems because the network interfaces appear in the container after startup and some software has be manually restarted to work.
I like to set up networking right before the container starts. Does docker have the capability to exec hook scripts on certain events (container start / stop)?
I don’t now the answer to your original question, so forgive me that I try to suggest an other way instead of trying hooks myself
I haven’t used hooks (except “docker events” command) even though watched and even participated meetups where it was one of the topics. My guess is that if you can subscribe to the “start” event, that start means, your process inside that container has already been started or is starting. A container exists when there is a process inside that. ONe way I would try to solve your problem is creating an entrypoint in the container which runs a check in a loop waiting for a proper networking.
while true; do
# checking in a loop then break out
done
exec "actual command"
This way the container could wait for the network before the process depending on that network starts. Of course you would need tools in the container capable of checking the network. If it is for testing, I think it’s okay to do that. In production, I wouldn’t be a problem, would it?
