Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LLT-5040 Fix nat-lab issues around dockers #467

Merged
merged 3 commits into from
Apr 5, 2024
Merged

LLT-5040 Fix nat-lab issues around dockers #467

merged 3 commits into from
Apr 5, 2024

Conversation

jjanowsk
Copy link
Collaborator

@jjanowsk jjanowsk commented Apr 5, 2024
edited

Bug no. 1: Bug in docker compose: docker/compose#11510
This bug randomly causes missing network interfaces in started containers. We just updated docker compose version to the version which is not affected.

Bug no. 2: Bug in docker daemon: moby/moby#47619
Because of this bug eth0 is not created before sysctls are being set so it is not possible to set any sysctls related to the specific interfaces.
We can create a workaround by not setting eth0. Instead we can set default so eth0 will have this value assigned later when created.

☑️ Definition of Done checklist

  • Commit history is clean (requirements)
  • README.md is updated
  • changelog.md is updated
  • Functionality is covered by unit or integration tests

@jjanowsk jjanowsk requested review from a team, Jauler, packgron and tomaszklak as code owners April 5, 2024 08:56
@jjanowsk jjanowsk changed the title Workaround for docker bug LLT-5040 Fix nat-lab issues around dockers Apr 5, 2024
arg0d
arg0d previously approved these changes Apr 5, 2024
View reviewed changes
Copy link
Collaborator

@arg0d arg0d left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

arg0d
arg0d reviewed Apr 5, 2024
View reviewed changes
Cargo.lock Outdated Show resolved Hide resolved
@jjanowsk jjanowsk force-pushed the LLT-5040-docker-compose-update branch from b552195 to ed39c2a Compare April 5, 2024 09:57
matszczygiel
matszczygiel previously approved these changes Apr 5, 2024
View reviewed changes
Copy link
Contributor

@matszczygiel matszczygiel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

tomaszklak
tomaszklak requested changes Apr 5, 2024
View reviewed changes
Copy link
Contributor

@tomaszklak tomaszklak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think security related changes should have separate PRs

Cargo.toml Outdated Show resolved Hide resolved
@jjanowsk
Workaround for docker bug
2f9e32d 
moby/moby#47619
Because of this bug eth0 is not created before sysctl are being set so
it is not possible to set any syscts related to the specific
interfaces.
We can create a workaround by not setting eth0. Instead we can set
default so eth0 will have this value assigned later when created.
@jjanowsk
Revert "Synchronize racey configure_route.sh"
ba60c0d 
This reverts commit b98310a.
The bug with missing interfaces was not related to any race condition.
It was a bug in docker compose:
docker/compose#11510
The only affected version is: 2.24.6
@jjanowsk
Update libtelio-build reference
048c05c 
v1.0.2 uses Vagrant box with updated docker compose version to get rid
of nat-lab issues with missing network interfaces
@jjanowsk jjanowsk force-pushed the LLT-5040-docker-compose-update branch from ed39c2a to 048c05c Compare April 5, 2024 11:27
packgron
packgron approved these changes Apr 5, 2024
View reviewed changes
Copy link
Collaborator

@packgron packgron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1.0

tomaszklak
tomaszklak approved these changes Apr 5, 2024
View reviewed changes
Copy link
Contributor

@tomaszklak tomaszklak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+0.5

@jjanowsk jjanowsk merged commit 9ffeea2 into main Apr 5, 2024
57 checks passed
@jjanowsk jjanowsk deleted the LLT-5040-docker-compose-update branch April 5, 2024 13:25
packgron pushed a commit that referenced this pull request Jun 4, 2024
@jjanowsk
Merge pull request #467 from NordSecurity/LLT-5040-docker-compose-update
fa0878b 
LLT-5040 Fix nat-lab issues around dockers
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arg0d arg0d arg0d left review comments

@packgron packgron packgron approved these changes

@tomaszklak tomaszklak tomaszklak approved these changes

@matszczygiel matszczygiel matszczygiel left review comments

@Jauler Jauler Awaiting requested review from Jauler Jauler is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@jjanowsk @arg0d @packgron @matszczygiel @tomaszklak