Docker Community Forums

Share and learn in the Docker community.

Under-documented macvlan change between 17.09 and 17.12


(ActualBen) #1

it looks like docker networking changed between 17.09 and 17.12.

There was a clause in the docs:

When using macvlan, you cannot ping or communicate with the default namespace IP address. For example, if you create a container and try to ping the Docker host’s eth0, it will not work. That traffic is explicitly filtered by the kernel modules themselves to offer additional provider isolation and security.

…this clause disappeared in the 17.12 docs. And docker networking seems to allow the host to communicate with macvlan-based containers now.

The change to the docs was part of a megacommit – github. com/docker/docker.github.io/commit/a8e84a80e1b9968b55d3487bbfef0a98bcd5c5a4 with no notes about the actual change in content of the macvlan page.

  • I couldn’t find anything in the ce release notes at docs.docker. com/release-notes/docker-ce/#17120-ce-2017-12-27
  • I couldn’t find anything in the moby release notes at github. com/moby/moby/blob/master/CHANGELOG.md

Is this new behavior documented somewhere? Can I depend on it in the future?

(I had to break some of the links here because the forum is preventing me from linking to more than 2 things in a post.)