Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use ports instead of host network mode #43

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mihaigalos
Copy link

@mihaigalos mihaigalos commented Dec 4, 2022

This PR restricts the docker-compose.yml to only use Samba ports 139 and 445 instead of the full host network.

@mihaigalos mihaigalos requested a review from crazy-max as a code owner December 4, 2022 20:25
@rursache
Copy link

Disabling full host network will break avahi discovery, wsdd2 and time machine discovery on macOS.

@mihaigalos
Copy link
Author

All of which have ports which can be exposed.

@fetwar
Copy link

fetwar commented Dec 15, 2023

From my brief research:
Docker bridge and overlay networks don't forward broadcast or multicast traffic.

Not having the broadcast and multicast traffic specifically would break the discovery features (even if the ports were exposed), which is probably why the networking mode is set to host.

The only solution I could think of is to set the docker networking to macvlan, which allows broadcast / multicast, although @crazy-max will know more about that potential solution.


Overall, I'd love to find a way to remove the host networking requirement, but I don't know if it can reasonably be done

@fetwar
Copy link

fetwar commented Dec 15, 2023

The list of pre-requisites for macvlan networking is pretty rough. It would break support for... a lot of things like older and non-linux platforms, portability etc.

From Docker docs - Networking using a macvlan network:

  • Most cloud providers block macvlan networking. You may need physical access to your networking equipment.
  • The macvlan networking driver only works on Linux hosts, and is not supported on Docker Desktop for Mac, Docker Desktop for Windows, or Docker EE for Windows Server.
  • You need at least version 3.9 of the Linux kernel, and version 4.0 or higher is recommended.
  • The examples assume your ethernet interface is eth0. If your device has a different name, use that instead.
  • The macvlan driver is not supported in rootless mode.

@mihaigalos
Copy link
Author

Not having the broadcast and multicast traffic specifically would break the discovery features (even if the ports were exposed), which is probably why the networking mode is set to host.

I'm not sure I follow. I'm using the docker-compose.yaml in this PR which allows me to discover the samba host (the hostname is that of the host onto which the container is running).

@fetwar
Copy link

fetwar commented Apr 15, 2024

Have you tested for Avahi, wsdd2 and time machine discovery?

I can't speak for CrazyMax, but I assume all of this functionality must remain for him to accept the PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants