ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0022071ClearOSapp-docker - Dockerpublic2018-10-30 18:422019-08-19 11:50
Reporteruser2 
Assigned ToNickH 
PrioritynormalSeveritytweakReproducibilityN/A
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version7.5.0 
Target Version7.5.0 UpdatesFixed in Version7.5.0 Updates 
Summary0022071: Always create docker0
DescriptionTo help with the firewall integration, create the docker0 interface even if Docker is not running.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0008521)
user2
2018-11-06 09:44

The docker interface might not have an IP address, so we can't recreate all the Docker firewall rules. Notably, this line fails:

        $IPTABLES -t nat -A POSTROUTING -s $IFACE_NETWORK ! -o $IFACE -j MASQUERADE

Where "$IFACE_NETWORK" is the inet address from "ip addr show docker0".
(0008651)
NickH (developer)
2018-11-14 03:17

Updated with commits:
https://gitlab.com/clearos/clearfoundation/app-docker/commit/63577f4711904fab16e91ac62c22ec15f0fe15a0 [^]
https://gitlab.com/clearos/clearfoundation/app-docker/commit/6c15c0af9aea5663f2635fa7e256fa0573a99e17 [^]

We now need to find a hook to additionally fire the 10-docker firewall rules after docker starts. If you fire it only after the first start of docker, then you cover most cases. The edge case not covered is if you do a network change which uses docker's current subnet you will get an IP clash. If you then restart docker, it **should** change its subnet. This would need 10-docker to be run again or a full firewall restart to pick up the new docker0 subnet.
(0008801)
NickH (developer)
2019-02-01 12:41

Fixed with:
https://gitlab.com/clearos/clearfoundation/app-docker/commit/63577f4711904fab16e91ac62c22ec15f0fe15a0 [^]
https://gitlab.com/clearos/clearfoundation/app-docker/commit/6c15c0af9aea5663f2635fa7e256fa0573a99e17 [^]

- Issue History
Date Modified Username Field Change
2018-10-30 18:42 user2 New Issue
2018-10-30 18:43 user2 Assigned To => NickH
2018-10-30 18:43 user2 Status new => assigned
2018-10-30 18:43 user2 Status assigned => resolved
2018-10-30 18:43 user2 Fixed in Version => 7.5.0 Updates
2018-10-30 18:43 user2 Resolution open => fixed
2018-11-06 09:44 user2 Note Added: 0008521
2018-11-06 09:44 user2 Status resolved => feedback
2018-11-06 09:44 user2 Fixed in Version 7.5.0 Updates =>
2018-11-06 09:44 user2 Target Version 7.5.0 Updates => 7.6.0
2018-11-14 03:17 NickH Note Added: 0008651
2018-12-14 11:48 dloper Assigned To NickH => dloper
2018-12-14 11:48 dloper Status feedback => assigned
2018-12-14 11:49 dloper Target Version 7.6.0 => 7.5.0 Updates
2019-02-01 12:41 NickH Note Added: 0008801
2019-02-01 12:41 NickH Status assigned => resolved
2019-02-01 12:41 NickH Fixed in Version => 7.5.0 Updates
2019-02-01 12:41 NickH Assigned To dloper => NickH
2019-08-19 11:50 dloper Status resolved => closed