Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setup ipv6 hostip #127

Closed
wants to merge 1 commit into from
Closed

Setup ipv6 hostip #127

wants to merge 1 commit into from

Conversation

fahedouch
Copy link
Member

fixing bug #78 (comment)

@fahedouch fahedouch force-pushed the setup-ipv6-hostip branch 3 times, most recently from d80f5b4 to d28d4bf Compare March 21, 2021 01:41
@AkihiroSuda
Copy link
Member

fixing bug #78 (comment)

Doesn't seem related to #78, but I agree we should have this.
Can we have unit tests and integration tests?

@fahedouch fahedouch force-pushed the setup-ipv6-hostip branch 7 times, most recently from 436fce9 to 25fc4ca Compare March 30, 2021 16:35
@fahedouch
Copy link
Member Author

fahedouch commented Mar 30, 2021
edited
Loading

@AkihiroSuda as we discussed on slack the test-docker-compatibility should fail anyway because docker in GHA doesn’t support IPv6 routing. can you check the PR plz!

AkihiroSuda
AkihiroSuda requested changes Mar 30, 2021
View reviewed changes
run.go
@@ -328,7 +328,7 @@ func runAction(clicontext *cli.Context) error {
portSlice := strutil.DedupeStrSlice(clicontext.StringSlice("p"))
netSlice := strutil.DedupeStrSlice(clicontext.StringSlice("net"))

ports := make([]gocni.PortMapping, len(portSlice))
ports := make([]gocni.PortMapping, 0)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unneeded change

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the length of ports slice should be 0 to avoid zero value (nil), nil value in this slice lead nil pointer execption.

AkihiroSuda
AkihiroSuda requested changes Mar 30, 2021
View reviewed changes
run_test.go Outdated
@@ -137,3 +137,20 @@ func TestRunExitCode(t *testing.T) {
assert.Equal(base.T, "exited", inspect123.State.Status)
assert.Equal(base.T, 123, inspect123.State.ExitCode)
}

func TestRunPortMappingWithEmptyIP(t *testing.T) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these tests can be just UT, but if you prefer to have them as integration tests, these should be in port_test.go

Copy link
Member Author

@fahedouch fahedouch Mar 30, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you mean moving these tests into a port_test.go file will make them integration tests :o ?

Copy link
Member Author

@fahedouch fahedouch Apr 1, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@AkihiroSuda can you check plz ?

@AkihiroSuda
Copy link
Member

Setting up port forwarding for IPv6 does not require IPv6 routing

AkihiroSuda
AkihiroSuda reviewed Apr 1, 2021
View reviewed changes
.github/workflows/test.yml Outdated
sudo cp /etc/docker/daemon.json /tmp/daemon.json.tmp
sudo truncate -s 0 /etc/docker/daemon.json
jq '. |= . + { "ipv6": true, "fixed-cidr-v6": "fd00::/64" }' /tmp/daemon.json.tmp | sudo tee -a /etc/docker/daemon.json
sudo rm /tmp/daemon.json.tmp
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest using sponge

https://stackoverflow.com/questions/36565295/jq-to-replace-text-directly-on-file-like-sed-i

@fahedouch fahedouch force-pushed the setup-ipv6-hostip branch 3 times, most recently from ecce5c6 to 5c772cd Compare April 1, 2021 16:08
@fahedouch
setup ipv6 for nerdctl
99d3447 
Signed-off-by: fahed dorgaa <[email protected]>
@AkihiroSuda
Copy link
Member 

$ sudo nerdctl run -d --name nginx -p [::1]:80:80 nginx:alpine
585c292270edc4b81150df5f0bc02ca5fde1048c9610ca18823b474c9a1123ff
$ curl http://[::1]
curl: (7) Failed to connect to ::1 port 80: Connection refused

Doesn't work

@fahedouch
Copy link
Member Author

hi @AkihiroSuda

You should configure your cni to attribue an ipv6 to the container.

cat >/etc/cni/net.d/10-mynet.conf
{
        "cniVersion": "0.2.0",
        "name": "mynet",
        "type": "bridge",
        "bridge": "cni0", 
        "ipam": {
                "type": "host-local",
                "subnet": "2001:db8::/96",
                "routes": [
                        { "dst": "::/0" },
                        { "dst": "2001:db8::/96" }
                ]
        }
}

then I create a container with mynet network:

./nerdctl --snapshotter native run --network mynet  -d -p 80:80  alpine  sleep 300

./nerdctl ps
CONTAINER ID    IMAGE                              COMMAND        CREATED               STATUS    PORTS                                NAMES
7e31884d8ba0    docker.io/library/alpine:latest    "sleep 300"    About a minute ago    Up        0.0.0.0:80->80/tcp, :::80->80/tcp

Check the container ipv6

./nerdctl inspect 7e31884d8ba0
[
    {
        "Id": "7e31884d8ba01e9e3276c2b3cefda6a43f7ab1d097d45b7322ff3c401c923355",
        "Created": "2021-04-03T11:58:32.3609427Z",
        "Path": "sleep",
        "Args": [
            "300"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Pid": 20730,
            "ExitCode": 0,
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "docker.io/library/alpine:latest",
        "ResolvConfPath": "/var/lib/nerdctl/1935db59/containers/default/7e31884d8ba01e9e3276c2b3cefda6a43f7ab1d097d45b7322ff3c401c923355/resolv.conf",
        "LogPath": "/var/lib/nerdctl/1935db59/containers/default/7e31884d8ba01e9e3276c2b3cefda6a43f7ab1d097d45b7322ff3c401c923355/7e31884d8ba01e9e3276c2b3cefda6a43f7ab1d097d45b7322ff3c401c923355-json.log",
        "Name": "",
        "Driver": "native",
        "Platform": "linux",
        "AppArmorProfile": "",
        "NetworkSettings": {
            "GlobalIPv6Address": "2001:db8::28",
            "GlobalIPv6PrefixLen": 96,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "MacAddress": "0e:2f:cd:91:11:41",
            "Networks": {
                "unknown-eth0": {
                    "IPAddress": "",
                    "IPPrefixLen": 0,
                    "GlobalIPv6Address": "2001:db8::28",
                    "GlobalIPv6PrefixLen": 96,
                    "MacAddress": "0e:2f:cd:91:11:41"
                }
            }
        }
    }
]

And then I exec into the container to listen on 80

./nerdctl exec -ti 7e31884d8ba0  sh
/ # while true; do nc -l -p 80; done

then try to curl this container on its ipv6 2001:db8::28 :

./nerdctl --snapshotter native run --network mynet  --rm byrnedo/alpine-curl http://[2001:db8::28]
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:46 --:--:--     0

the curl is ok :

GET / HTTP/1.1
Host: [2001:db8::2a]
User-Agent: curl/7.66.0
Accept: */*

@AkihiroSuda
Copy link
Member

Doesn't seem related to port forwarding

@AkihiroSuda AkihiroSuda marked this pull request as draft April 5, 2021 05:12
@fahedouch fahedouch mentioned this pull request Apr 22, 2021
Closed
@AkihiroSuda
Copy link
Member

Merged another PR:

@finch71 finch71 mentioned this pull request Nov 2, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AkihiroSuda AkihiroSuda AkihiroSuda requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fahedouch @AkihiroSuda