Docker – How to setup IPv6 with docker-compose

dockerdocker-composeipv6

I am using Ubuntu 18.04 on DigitalOcean, with IPv6 turned on:

PUBLIC IPV6 ADDRESS:
xxxx:xxxx:2:d0::216f:3001
PUBLIC IPV6 GATEWAY:
xxxx:xxxx:2:d0::1
CONFIGURABLE ADDRESS RANGE:
xxxx:xxxx:2:d0::216f:3000 - xxxx:xxxx:2:d0::216f:300f

According to this page: https://docs.docker.com/v17.09/engine/userguide/networking/default_network/ipv6/#docker-ipv6-cluster

Is it correct to put the 16 IPv6 addresses like this?

{
  "ipv6": true,
  "fixed-cidr-v6": "xxxx:xxxx:2:d0::216f:3000/124"
}

Or, is it just fine to use these (as if something like 192.168.0.x)?

{
  "ipv6": true,
  "fixed-cidr-v6": "2001:db8::c008/125"
}

Anyway I have tried the first one.

docker run -d --name ipv6test alpine ash -c "ping6 2606:4700:4700::1111"

I "docker inspect" for the IPv6 address. I make the NDP record:

ip -6 neigh add proxy xxxx:xxxx:2:d0::216f:3004 dev eth0

In this case, the container could communicate with the outside world.

Testing finished. I want to apply IPv6 to my project. It starts with docker-compose.

According to this page: https://docs.docker.com/compose/compose-file/#ipv4_address-ipv6_address

version: "3.7"

services:
  app:
    image: nginx:alpine
    networks:
      app_net:
        ipv6_address: xxxx:xxxx:2:d0::216f:3010

networks:
  app_net:
    ipam:
      driver: default
      config:
        - subnet: "xxxx:xxxx:2:d0::216f:3000/124"

Inside the container, no connection could be made:

# ping6 2606:4700:4700::1111
PING 2606:4700:4700::1111 (2606:4700:4700::1111): 56 data bytes
ping6: sendto: Address not available

Have I missed anything?

Thanks.

Best Answer

Might be a little bit late, but this is the setup that worked for me on DigitalOcean:

Create /etc/docker/daemon.json:

{
    "ipv6": true,
    "fixed-cidr-v6": "<Your IPv6 address range start in DO console>/124"
}

sudo systemctl restart docker
Add to your docker-compose.yml:

    sysctls:
      - "net.ipv6.conf.all.disable_ipv6=0"

Basically it seems the default is to disable IPv6 and we need to enable it in sysctl.

EDIT: Actually this allows the docker container to obtain an IPv6 address and perform IPv6 name resolution, but somehow it cannot send data (Network unreachable).

Although docker containers started with docker directly, which runs on the default bridge network, is able to access external IPv6 hosts, docker containers started by docker-compose runs in its dedicated network, so maybe one will need more routing work. My use case was actually limited (socat as IPv4 to IPv6 proxy) so I simply resorted to using the host network directly, with:

    network_mode: host

Purpose of the `volumes` key

It is there to create named volumes.

If you do not use it, then you will find yourself with a bunch of hashed values for your volumes. Example:

$ docker volume ls 
DRIVER              VOLUME NAME
local               f004b95d8a3ae11e9b871074e9415e24d536742abfe86b32ffc867f7b7063e55
local               9a148e167e1c722cbdb67c8edc36f02f39caeb2d276e9316e64de36e7bc2c35d

With named volumes, you get something like the following:

$ docker volume ls
local               projectname_someconf
local               projectname_otherconf

How to create named volumes

The docker-compose.yml syntax is:

version: '2'

services:
    app:
        container_name: app
        volumes_from:
            - appconf
    appconf:
        container_name: appconf
        volumes:
            - ./Docker/AppConf:/var/www/conf

volumes:
    appconf:

networks:
    front:
        driver: bridge

This something like above shown named volumes.

How to remove volumes in bulk

When you have a bunch of hashes, it can be quite hard to clean up. Here's a one-liner:

docker volume rm $(docker volume ls |awk '{print $2}')

Edit: As @ArthurTacca pointed out in the comments, there's an easier to remember way:

docker volume rm $(docker volume ls -q)

How to get details about a named volume

Now that you do not have to look up hashes anymore, you can go on it and call them by their … name:

docker volume inspect <volume_name>

# Example:
$ docker volume inspect projectname_appconf

[
    {
        "Name": "projectname_appconf",
        "Driver": "local",
        "Mountpoint": "/mnt/sda1/var/lib/docker/volumes/projectname_appconf/_data"
    }
]

Sidenote: You might want to docker-compose down your services to get a fresh start before going to create volumes.

In case you are using Boot2Docker/ Docker Machine, you will have to docker-machine ssh and sudo -i before doing a ls -la /mnt/… of that volume – you host machine is the VM provisioned by Docker Machine.

EDIT: Another related answer about named volumes on SO.

Docker – Check is container/service running with docker-compose

docker-compose ps -q <service_name> will display the container ID no matter it's running or not, as long as it was created.
docker ps shows only those that are actually running.

Let's combine these two commands:

if [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q <service_name>)` ]; then
  echo "No, it's not running."
else
  echo "Yes, it's running."
fi

docker ps shows short version of IDs by default, so we need to specify --no-trunc flag.

UPDATE: It threw "grep usage" warning if the service was not running. Thanks to @Dzhuneyt, here's the updated answer.

if [ -z `docker-compose ps -q <service_name>` ] || [ -z `docker ps -q --no-trunc | grep $(docker-compose ps -q <service_name>)` ]; then
  echo "No, it's not running."
else
  echo "Yes, it's running."
fi

Best Answer

Related Solutions

Docker – How is Docker Compose version 2 “volumes” syntax supposed to look

Purpose of the volumes key

How to create named volumes

How to remove volumes in bulk

How to get details about a named volume

Docker – Check is container/service running with docker-compose

Related Topic

Purpose of the `volumes` key