-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LinkLocalIPs not honored (with docker-compose) #24931
Comments
We do not support setting static link local addresses at all. So this isn't really an API problem as netavark would first need to support that. What is the use case for static link local addresses? |
My use case does not require specifically link-local addresses. I'm writing tests for an Internet Relay Chat (IRC) server that (in some cases) need many clients to connect and interact in a coordinated way, and IRC servers normally limit how many clients can connect from a single IP address. I could instantiate a lot of proxies on separate containers, but that is extra work and overhead compared to running them from a single container. At least for rootless mode, "root" in a container cannot use The handling in containers_create.go just adds the static addresses to netOpts.StaticIPs -- there is nothing about them being link-local or not. Conversely, the Compose spec only has link_local_ips as an analogous feature; there is no explicit way to specify more than one static non-link-local IP per container. |
you need to add CAP_NET_ADMIN then you can do that
Then it still will not do what you want, one ip per network subnet is pretty much enforced everywhere. If you want more ips specify more subnets when you create the network.
The fact that link local is not link-local makes zero sense to me. Using that like this seems like a bug and not a feature. |
Thanks, adding CAP_NET_ADMIN allowed me to do what I wanted to do. I looked before filing this report, but I was unable to find any documentation (or even forum posts on places like Stack Exchange) about the intended application or function of |
I close this then |
Issue Description
When running
docker-compose up
with acompose.yaml
that contains alink_local_ips
directive for one of the services, the additional IP(s) are not assigned to that service's container.This seems to be because
pkg/api/handlers/compat/containers_create.go
translates theIPv4Address
andIPv6Address
fromendpoint.IPAMConfig
but notLinkLocalIPs
.Steps to reproduce the issue
Steps to reproduce the issue
podman exec -it simple-boss-1 /bin/sh
and within thatip addr
.This is a reduced test case; the fuller original repository is at https://github.com/entrope/testnet.git .
Describe the results you received
Describe the results you expected
I expected a line for 10.11.12.5 similar to the line for 10.11.12.2.
podman info output
Podman in a container
No
Privileged Or Rootless
Rootless
Upstream Latest Release
Yes
Additional environment details
The above
podman info
is from an installation of Podman Desktop v1.15.0 on macOS Sequoia 15.2 with docker-compose v2.32.1. I would expect similar results on a native Podman install, although my x86-64 Linux system (running Debian testing) fails when runningpodman compose up
:Additional information
Additional information like issue happens only occasionally or issue happens with a particular architecture or on a particular setting
The text was updated successfully, but these errors were encountered: