Networking from container works perfectly, networking IN doesn't work at all

[TimVanDyke]

I have set up a docker container of Ventura on my Unraid box and have it working swimmingly (enough, honestly it runs like crap but I'm just excited it runs without bugs) EDIT 2: Works a lot better when I'm closer to the router, guess that's my main issue with performance was proximity to router

My goal is to get my phone to sync over WiFi. I'm on the same network and used NoMachine to connect it via USB the first time. I have set it up as a trusted device. However, Finder does not see the phone when on the same network.

EDIT: I currently can connect to the host computer's IP with port for VNC use from both my laptop and phone. So getting access to the host Arch machine has been smooth sailing. However, trying to get access to the actual docker I haven't had any luck with.

When using NoMachine I could only get it to work docker-osx container -> my laptop, I could not for the life of me get laptop -> docker-osx container. I suspect it's some networking thing. I also don't see it as a "connected device" on my router screen the way I see my Windows VM listed. Also (probably not important but maybe a good hint?) the IP it gets is very different from the other IP's assigned by my router. Instead of 192.X.X.X (like literally everything else I see and have been working with) it's 10.X.X.X

I ran these steps and it did not seem to fix the issue:

Any suggestions would be appreciated. I'm not a Linux noob but am a complete macOS noob AND Unraid noob and Docker noob so I know I have a lot to learn. (PS I tried to join discord and ask there and the invite link is broken)

[TimVanDyke]

UPDATE:

I think setting my network to br0 made it visible on the network. I don't know a lot but afaik that is a custom unraid bridge for that purpose.

I manually created the docker image based on the vnc ventura image via command line and am using the docker compose plugin on unraid to spin up a container using a compose file.

I loosely followed this: https://whitematter.tech/posts/run-dockerized-macos-on-unraid/ but it's somewhat out of date and his compose file is wrong. It doesn't match his screenshot. ( @RobertDWhite btw the blog post is out of date with some stuff just FYI. I was going to make an issue but am not confident what I even did to make it work. One thing I think I had to do was make my docker size on unraid large enough to accommodate the formatted partition I install to.

Here's my docker compose file if anyone wants it:

services:
    macos:
        container_name: 'MacOS'
        image: 'docker-osx-vnc:latest'
        privileged: true
        devices:
            - /dev/kvm
            - /dev/snd
            - /dev/null
        network_mode: br0 
        ports:
            - '8888:5999'
            - '50922:10022'
        environment:
            - 'USERNAME=user'
            - 'PASSWORD=pass'
            - 'DISPLAY=${DISPLAY:-:0.0}'

I will close once i see it working. Currently reinstalling the image

[TimVanDyke]

Update2:

This did not fix the issue. However, the arch image has it's own IP. The macOS image inside does not get the IP forwarded to it.

[TimVanDyke]

Update3:

This docker compose doesn't work either:

I'm still stuck on 10.0.2.15 (which I see is the same as this)

#51

But I don't understand what the important difference is.

services:
    macos:
        container_name: 'MacOS'
        image: 'docker-osx-vnc:latest'
        privileged: true
        devices:
            - /dev/kvm
            - /dev/snd
            - /dev/null
        network_mode: br0
        # mac_address: 'C3:69:7C:16:0E:89'
        environment:
            - 'USERNAME=user'
            - 'PASSWORD=pass'
            - 'DISPLAY=${DISPLAY:-:0.0}'

[TimVanDyke]

Trying this now:

services:
    macos:
        container_name: 'MacOS'
        image: 'docker-osx-vnc:latest'
        privileged: true
        devices:
            - /dev/kvm
            - /dev/snd
            - /dev/null
        network_mode: br0
        volumes:
            - '/tmp/.X11-unix:/tmp/.X11-unix'
            - '/dev:/dev'
            - '/lib/modules:/lib/modules'
            - '/var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock'
        environment:
            - 'USERNAME=user'
            - 'PASSWORD=pass'
            - 'DISPLAY=${DISPLAY:-:0.0}'

Special thanks to this website for translating for me: https://www.composerize.com/

Translated from

docker run --privileged --net host -e "DISPLAY=${DISPLAY:-:0.0}" -e RAM=6 --cap-add=ALL -v /tmp/.X11-unix:/tmp/.X11-unix -v /dev:/dev -v /lib/modules:/lib/modules  -v /var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock docker-osx:latest

[TimVanDyke]

UPDATE:

I found a breadcrumb. When using the arch terminal in the container I think I've found the issue generally. I have no clue how to fix:

sh-5.1$ systemctl
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
sh-5.1$ 

systemctl ought to be running on the arch container holding macOS right?

My PID one is consistently bash 😱

sh-5.1$ ps 1
  PID TTY      STAT   TIME COMMAND
    1 ?        Ss     0:00 /bin/bash -c ./enable-ssh.sh && envsubst < ./Launch_custom.sh | bash
sh-5.1$ 

[TimVanDyke]

UPDATE
Seems related to:

#72

[chippoman]

@TimVanDyke
Have you been able to progress your issue? I'm in the same boat with the networking issue.

I have Xcode running inside a Ventura image on unraid, but it cannot see an Apple TV 4k despite my other (physical) MBA being able to.

[ShadyHippo]

@chippoman
This is the same guy on my personal account instead of professional account, oops)
To be frank I gave up but recently came across this video and am hoping this can explain what was going on. It's been a while (clearly) but if I recall it's that I could not get an ip address for the host arch machine with I think is running the VM inside docker.

I assume this video which covers docker networking will have the answers if you want to fight some dragons yourself (If you do please post if it works. I've been starting to get an itch to try again but have too much going on to actually do so now)

Docker networking is CRAZY!! (you NEED to learn it)
https://youtu.be/bKFMS5C4CG0?si=q_JmvfIuow4xMZUf

If you need docker context first this is a great video:
you need to learn Docker RIGHT NOW!! // Docker Containers 101
https://www.youtube.com/watch?v=eGz9DS-aIeY

I think using ipvlan or macvlan may work for the use case I was trying but honestly haven't looked yet.

Hopefully this is correct and hopefully better late than never. Good luck!

[ShadyHippo]

@chippoman

Reading through and catching up myself back to where I was... I think actually the solution is somehow setting a KVM setting on the arch container housing the VM but to be honest that's as far as I understand. That's at least probably what to google to move forward

EDIT: Maybe using the br0 for the container using KVM (like I have earlier) and then on top of that editing KVM settings for virtual machine like this?
https://unix.stackexchange.com/questions/386136/how-to-set-up-bridged-network-with-virtual-machine-and-host-with-kvm-virt-manag

I bet there's a CLI command for that somewhere somehow