IPV6 on docker-compose

superemman · December 1, 2023, 5:20am

Hi Community,

I am running an application check-mk raw v2.2.0p7 using docker-compose and having a problem with the IPV6 IP address… After I added my IPV6 it can only ping its IP. I also have my IPV6 configured on my host VM and it is working fine. Any ideas?

bluepuma77 · December 2, 2023, 2:25pm

How about you share docker-compose.yml?

Output of docker info might help, too.

superemman · December 4, 2023, 3:12am

Hi, I’ve tried many tests, using ipv6 config on docker-compose, using docker network create, using different driver such as host, bridge, and macvlan

here’s my docker-compose.yml file

version: "3.8"
services:
  cmk-server:
    image: checkmk/check-mk-raw:2.2.0p7
    privileged: true
    tmpfs:
     - /opt/omd/sites/cmk/tmp:uid=1000,gid=1000
    ulimits:
      nofile: 1024
    container_name: ${COMPOSE_PROJECT_NAME}_cmk-server
    volumes:
      # force local timezone
      #- "/etc/timezone:/etc/timezone:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - './data/cmk-server/omd-sites:/omd/sites'
    ports:
      - '80:5000'
      - '8000:8000'
    environment:
      - CMK_SITE_ID=default
      - CMK_PASSWORD=Password123
    networks:
      ipv4_docker:
        ipv4_address: 172.24.0.2
        #ipv6_address: 2401:da80:1000:2::2
      #ipv6_docker:
        #ipv6_address: 2401:da80:1000:2::2
  cmk-agent:
    image: eeacms/check-mk-agent
    container_name: ${COMPOSE_PROJECT_NAME}_cmk-agent
    volumes:
      # force local timezone
      - "/etc/timezone:/etc/timezone:ro"
      - "/etc/localtime:/etc/localtime:ro"
    ports:
      - '6556:6556'
    depends_on:
      - cmk-server
    networks:
      ipv4_docker:
        ipv4_address: 172.24.0.3
        #ipv6_address: 2401:da80:1000:2::3
      #ipv6_docker:
        #ipv6_address: 2401:da80:1000:2::3
networks:
  ipv4_docker:
    external: true
  #ipv6_docker:
    #external: true
    #driver: macvlan
    #driver_opts:
      #parent: ens18
    #enable_ipv6: true
    #ipam:
      #config:
        #- subnet: 172.24.0.0/16
          #gateway: 172.24.0.1
        #- subnet: 2401:da80:1000:2::/64
          #gateway: 2401:da80:1000:2::1
  #ipv6_docker:
    #driver: host
    #enable_ipv6: true
    #ipam:
      #config:
        #- subnet: 2401:da80:1000:2::/64
          #gateway: 2401:da80:1000:2::1

dont confuse on my docker compose file as I’ve tried many tests as you can see there is a comments on the file.

my docker info

[root@docker-omd docker-cmk]# docker info
Client: Docker Engine - Community
 Version:    24.0.5
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.11.2
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.20.2
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 2
  Running: 2
  Paused: 0
  Stopped: 0
 Images: 3
 Server Version: 24.0.5
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
 runc version: v1.1.8-0-g82f18fe
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
 Kernel Version: 4.18.0-477.15.1.el8_8.x86_64
 Operating System: Rocky Linux 8.8 (Green Obsidian)
 OSType: linux
 Architecture: x86_64
 CPUs: 6
 Total Memory: 7.766GiB
 Name: docker-omd
 ID: e7673a6d-04ca-4f80-a470-8dc89891ba38
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

rimelek · December 4, 2023, 6:45pm

Have you tried this documentation to enable IPv6 and add experimental parameters?

Note

When using IPv6, we recommend that you enable the experimental ip6tables parameter in the daemon configuration.

In order t make external connections work, requests must be forwarded through the host’s interface. There are ways to disable it and I never configured IPv6 for containers, but my guess is that this forwarding doesn’t happen.

superemman · December 5, 2023, 6:55am

Yes, I also tried that one.

My setup is that I am using Proxmox virtual environment (PVE) as my hypervisor and I’ve created a VM on it as host and using 2 network interfaces using VLANs, vlan666 is for inband management (IPV4 10.129.2.0/24) and v200 for IPV6. 2401:da80:1000:2::/64. On this part, there is no problem. I can reach IPs within its subnet.

I’ve created another sample docker-compose file

version: '3.9'

services:
  web:
    image: nginx:latest
    ports:
      - "80:80"
      - "443:443"
    networks:
      - ip6net
        #ipv4_address: "172.18.0.2"
        #ipv6_address: "2401:da80:1000:2::2"

networks:
   ip6net:
     enable_ipv6: true
     ipam:
       config:
         - subnet: 2401:da80:1000:2::/64

I can reach 10.129.2.0/24 IPs but not in 2401:da80:1000:2::/64

Topic		Replies	Views
[SOLUTION] Docker IPV6 and Docker compose woes Compose	6	23598	February 22, 2023
Occasional ping issues over IPv6 General docker	1	202	March 20, 2024
Docker doesn't open IPv6 ports Compose	2	5124	March 28, 2021
Help: Understanding Docker Networking, IPVlan/Macvlan and IPv6 behaviour General docker	0	1325	January 3, 2024
Mapping specific IPv6 addresses and ports in docker-compose.yml Docker Desktop linux	3	470	June 29, 2024

IPV6 on docker-compose

Related Topics