Macvlan container "internal" IP

skerrats · March 27, 2024, 6:29am

Hi - I’ve been beating my head against this for 2 days, and it’s hurting, I’m sure I’m missing something fundamental, and simple, but I can’t see it.

I need a containerise an existing service. The service needs to be able to send and receive unicast and broadcast UDP messages to/from network devices (the devices are black boxes to me, I can’t change how they operate). The devices send broadcast messages to 255.255.255.255 when they start up, and when certain trigger actions occur - they send unicast messages to any client that requests data.

So, my custom service sends “poll” messages to 10.255.255.255 periodically, requesting a response from any devices that are listening. My service listens to 0.0.0.0, so receives the broadcast and unicast messages, it works fine when running outside a container

From my digging around, I need a “macvlan” network, the container will pretend it’s a standalone network device and everything will be peaches. Except that it doesn’t - the container seems to only

Here’s my docker_compose:

version: '3.2'
services:
  device-info-service:
    image: device-info-service
    container_name: device-info-service
    restart: always
    stdin_open: true
    ports:
      - 7001:7001/udp
    volumes:
      - ./data:/var/local/data
    networks:
      local_lan:
        ipv4_address: "10.10.1.17"
    mac_address: "02:00:00:00:00:01"
        
networks:
  local_lan:
    driver: macvlan
    driver_opts: 
      parent: wlp0s20f3
    ipam:
      config:
        - subnet: "10.0.0.0/8"
          gateway: "10.0.0.1"
          aux_addresses:
            host1: "10.10.1.13"

here’s what “docker inspect device-info-service_local_lan” tells me:

[
    {
        "Name": "device-info-service_local_lan",
        "Id": "415c438dbcf9eced334c56aa6c767fab0bded7d4bc2ceb4109eeaf59f7bdb0eb",
        "Created": "2024-03-27T17:25:57.459002205+11:00",
        "Scope": "local",
        "Driver": "macvlan",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "10.0.0.0/8",
                    "Gateway": "10.0.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "ae277d4f217f441a61bfc750af0bce422fd4480052b8a4a124d972e39fa39fde": {
                "Name": "device-info-service",
                "EndpointID": "63888116a98fb777e9268aba52ff77d63e729b52c6cb1a1ad4847c83c4a74ef7",
                "MacAddress": "02:00:00:00:00:01",
                "IPv4Address": "10.10.1.17/8",
                "IPv6Address": ""
            }
        },
        "Options": {
            "parent": "wlp0s20f3"
        },
        "Labels": {
            "com.docker.compose.network": "local_lan",
            "com.docker.compose.project": "device-info-service",
            "com.docker.compose.version": "2.17.3"
        }
    }
]

looks good?

but inside the container, it still has an IP from the bridge network, and any UDP messages, either broadcast or unicast only go over the docker0 network interface.

getting into the container shell with “docker run -it --entrypoint /bin/bash device-info-service” gives me:

root@2c97a4aedce0:/usr/share/event-manager# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.3  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:ac:11:00:03  txqueuelen 0  (Ethernet)
        RX packets 10  bytes 1132 (1.1 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

root@2c97a4aedce0:/usr/share/event-manager#

any help?

meyay · March 27, 2024, 8:53am

Please remove the published port on the docker-info-service, it is only used with bridge or overlay networks, but not with host, macvlan or ipvlan networks.

After modifying the compose file and re-deploying the compose project, please share the output of docker container inspect device-info-service

meyay · March 27, 2024, 9:05am

On more thing:

usually people declare an iprange for the macvlan network:

...

networks:
  local_lan:
    driver: macvlan
    driver_opts: 
      parent: wlp0s20f3
    ipam:
      config:
        - subnet: "10.0.0.0/8"
          gateway: "10.0.0.1"
          ip_range: "10.10.1.0/24"
          aux_addresses:
            host1: "10.10.1.13"

Make sure the ip-range is not in any dhcp-range.

If you modify the network declaration in your compose file , make sure to delete it from the cli, as network (and volume) declarations are immutable.

skerrats · March 27, 2024, 9:37pm

Hi, thanks for getting back to me

I’ve made those couple of changes - no difference, here’s the output from docker inspect

[
    {
        "Id": "a0fa9cea838c55122f60722a1059ab2321fe4a1a8080823809bd52dfde2520f0",
        "Created": "2024-03-27T21:24:47.538122362Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 31566,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2024-03-27T21:24:47.837235783Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:55a9c2591fc707e19da775efbc184d8f0f0053ab7978fe9f7e92e25ccab98e7c",
        "ResolvConfPath": "/var/lib/docker/containers/a0fa9cea838c55122f60722a1059ab2321fe4a1a8080823809bd52dfde2520f0/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/a0fa9cea838c55122f60722a1059ab2321fe4a1a8080823809bd52dfde2520f0/hostname",
        "HostsPath": "/var/lib/docker/containers/a0fa9cea838c55122f60722a1059ab2321fe4a1a8080823809bd52dfde2520f0/hosts",
        "LogPath": "/var/lib/docker/containers/a0fa9cea838c55122f60722a1059ab2321fe4a1a8080823809bd52dfde2520f0/a0fa9cea838c55122f60722a1059ab2321fe4a1a8080823809bd52dfde2520f0-json.log",
        "Name": "/device-info-service",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "docker-default",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "/home/skerrats/device-info-service/data:/var/local/data:rw"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "device-info-service_local_lan",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "always",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "ConsoleSize": [
                0,
                0
            ],
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "host",
            "Dns": null,
            "DnsOptions": null,
            "DnsSearch": null,
            "ExtraHosts": [],
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": null,
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/d30e2cb72ae8782adfadae0086a68ef5c46faf2ad12c3daf61c0b7629e4d5350-init/diff:/var/lib/docker/overlay2/kt325n7jwnd1n8oc5ox3lvqyv/diff:/var/lib/docker/overlay2/ryhlue021733n9nfp6d2okqlj/diff:/var/lib/docker/overlay2/wf2pvci2lydfxdtygzfgqqh6i/diff:/var/lib/docker/overlay2/zu59qbtwusofm9g7c4f5jbg9v/diff:/var/lib/docker/overlay2/jqqs2k1isvzmqt37qitm30bvs/diff:/var/lib/docker/overlay2/o92yc3hrsgoytzy65d6s8f5s4/diff:/var/lib/docker/overlay2/kurxh5i2ad0ntvdkuhpsnpa1q/diff:/var/lib/docker/overlay2/cbyb2w276je8dfwshfp5rkx9s/diff:/var/lib/docker/overlay2/zkjfv53qty0tw0z5jwh0a4t5d/diff:/var/lib/docker/overlay2/nah8sga806zj9ejqet3lbc0ze/diff:/var/lib/docker/overlay2/so47e3g5oosq82k2ca470kkry/diff:/var/lib/docker/overlay2/y0c2wt1zg78e21oya0ppo5juc/diff:/var/lib/docker/overlay2/a9rp72wjyveba3hxzcl4ldr3n/diff:/var/lib/docker/overlay2/ie2cwesvsrxwzzrfre9e4u1kj/diff:/var/lib/docker/overlay2/vjeo7lpv3unll4ioynkzfz9ow/diff:/var/lib/docker/overlay2/s2jifd78zvjyquo0xr8axb5gg/diff:/var/lib/docker/overlay2/trrogvuxhs6jg54cvd7ytlr5d/diff:/var/lib/docker/overlay2/o1wnehimqo3k6954t1hwa8e7m/diff:/var/lib/docker/overlay2/wi2t41ukljhv27b52tkb019gw/diff:/var/lib/docker/overlay2/zjhr50qblvyn1fxuo5c7mjhpy/diff:/var/lib/docker/overlay2/2cy8dz63qta7uhg57pb73ttoz/diff:/var/lib/docker/overlay2/w7yde0p3jbokjvrcgsoqx733d/diff:/var/lib/docker/overlay2/r08i4opxqf7ssuzxi929b2sr3/diff:/var/lib/docker/overlay2/x9qyrsn3bd375ol3pk331bybe/diff:/var/lib/docker/overlay2/2xctbcr1pikw3bcdivq5b65j1/diff:/var/lib/docker/overlay2/r8ewlwt7hd3intp7zsw8zw8bq/diff:/var/lib/docker/overlay2/y9f8sfved690diy1iwl2ld0b9/diff:/var/lib/docker/overlay2/kvpovfeyytqexcmnl0rh261l6/diff:/var/lib/docker/overlay2/ohvtnybmudfkq8v5uq8qy2svo/diff:/var/lib/docker/overlay2/fb9dce45d703547e97163707f1eb601dafc0c7a40f4c42bc69581e7927dc12eb/diff",
                "MergedDir": "/var/lib/docker/overlay2/d30e2cb72ae8782adfadae0086a68ef5c46faf2ad12c3daf61c0b7629e4d5350/merged",
                "UpperDir": "/var/lib/docker/overlay2/d30e2cb72ae8782adfadae0086a68ef5c46faf2ad12c3daf61c0b7629e4d5350/diff",
                "WorkDir": "/var/lib/docker/overlay2/d30e2cb72ae8782adfadae0086a68ef5c46faf2ad12c3daf61c0b7629e4d5350/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/home/skerrats/device-info-service/data",
                "Destination": "/var/local/data",
                "Mode": "rw",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "a0fa9cea838c",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": true,
            "AttachStderr": true,
            "Tty": false,
            "OpenStdin": true,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": null,
            "Image": "device-info-service",
            "Volumes": null,
            "WorkingDir": "/usr/share/device-info-service",
            "Entrypoint": [
                "/bin/bash"
            ],
            "MacAddress": "02:00:00:00:00:01",
            "OnBuild": null,
            "Labels": {
                "com.docker.compose.config-hash": "35e33ec978763e831c73a2b597b0c353c3ab5449eae95f7e36d7f961141342e8",
                "com.docker.compose.container-number": "1",
                "com.docker.compose.depends_on": "",
                "com.docker.compose.image": "sha256:55a9c2591fc707e19da775efbc184d8f0f0053ab7978fe9f7e92e25ccab98e7c",
                "com.docker.compose.oneoff": "False",
                "com.docker.compose.project": "device-info-service",
                "com.docker.compose.project.config_files": "/home/skerrats/device-info-service/docker-compose.yml",
                "com.docker.compose.project.working_dir": "/home/skerrats/device-info-service",
                "com.docker.compose.service": "device-info-service",
                "com.docker.compose.version": "2.17.3",
                "org.opencontainers.image.ref.name": "ubuntu",
                "org.opencontainers.image.version": "20.04"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "d33515437f6e6cb76a76710d4a6fb3057c369c5983ecde8ff10fa2834c1da6f8",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/d33515437f6e",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "device-info-service_local_lan": {
                    "IPAMConfig": {
                        "IPv4Address": "10.10.1.17"
                    },
                    "Links": null,
                    "Aliases": [
                        "device-info-service",
                        "device-info-service",
                        "a0fa9cea838c"
                    ],
                    "NetworkID": "1b2e9534256befe68cfbca29d6e3f5458672ae314e55e3974bbf23fea0b7f91d",
                    "EndpointID": "ed3ffc663467f50fb078f30d92b774d7824d275275263cd1829bb8373b6d5995",
                    "Gateway": "10.0.0.1",
                    "IPAddress": "10.10.1.17",
                    "IPPrefixLen": 8,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:00:00:00:00:01",
                    "DriverOpts": null
                }
            }
        }
    }
]```