feat: enable docker IPv6 support on executors #1095
Conversation
|
@william00179 Please cross-check |
|
Hey @kayman-mk! 👋 Thank you for your contribution to the project. Please refer to the contribution rules for a quick overview of the process. Make sure that this PR clearly explains:
With submitting this PR you confirm that you hold the rights of the code added and agree that it will published under this LICENSE. The following ChatOps commands are supported:
Simply add a comment with the command in the first line. If you need to pass more information, separate it with a blank line from the command. This message was generated automatically. You are welcome to improve it. |
🦙 MegaLinter status:
|
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ COPYPASTE | jscpd | yes | no | 1.53s | |
| markdownlint | 1 | 1 | 6 | 0.7s | |
| ✅ MARKDOWN | markdown-link-check | 1 | 0 | 2.7s | |
| ✅ REPOSITORY | checkov | yes | no | 14.74s | |
| ✅ REPOSITORY | dustilock | yes | no | 0.19s | |
| ✅ REPOSITORY | gitleaks | yes | no | 1.47s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.01s | |
| ✅ REPOSITORY | grype | yes | no | 10.07s | |
| ✅ REPOSITORY | secretlint | yes | no | 1.09s | |
| ✅ REPOSITORY | syft | yes | no | 0.33s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | 1.54s | |
| ✅ REPOSITORY | trufflehog | yes | no | 9.24s | |
| ✅ SPELL | cspell | 3 | 0 | 2.61s | |
| ✅ TERRAFORM | terraform-fmt | 1 | 0 | 0 | 0.1s |
See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff
MegaLinter is graciously provided by
|
Does this alone enable v6? Reading the docs suggests we also need to configure the docker daemon as well. I have been using this as a way to enable v6 in the engine: Looking at the Gitlab runner source seems to suggest this only takes affect if the |
|
Yeah, true. We should have something like |
|
Hi @kayman-mk, Thanks for jumping onto this so quickly. I have been trying to get this working and for my case which is the docker runner, not the docker+machine executor. I have tried to enable IPv6 in docker but the various configuration methods are all leading to errors when the job tries to run. I have asked for some additional information on the required configuration to work with the gitlab runner. For this to work, the feature flag needs to be set in the runners config.toml, see https://docs.gitlab.com/runner/executors/docker.html#create-a-network-for-each-job There are some additional considerations to be made here also. Do we use a ULA subnet which would keep the IPv4 style of the containers not becoming globally routable for those who don't know better, or do we allow GUA which will then require some changes to the ENI to allocate an IPv6 prefix which can then be used. I can't think of a use-case for when a user would want the job to be globally routable, but perhaps it exists. When I can get a working IPv6 configuration I will let you know the required configuration for the module. |
|
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 15 days. |
Description
Adds a configuration flag
runner_worker_docker_options.enable_ipv6for the GitLab Runner to enable IPv6 support on the executors which is needed to run in IPv6 networks only. The configuration is set inconfig.tomlsection[runners.docker].This setting is still undocumented. See GitLab issue.
Closes #1094
Verification
enable_ipv6option in the config, if the value is not setenable_ipv6is set in the config, if a value is given