make docker-compose file work?

[scyto]

the build context breaks this file for those who just want to pull this yaml file and then do docker-compose up - suggesting we remove it unless there is some reason not to? the network mode of host breaks on my latest docker hosts as ports definition is incompatible with host mode (apparently) - suggest we change to bridge unless there is some reason not to?

(aka i am pretty certain buildx is using the dockerfile directly and not this docker-compose)

[scyto]

closing, going to refork everything and test

[dulitz]

Network mode host is needed in order for infinitude to open a connection to a networked RS-485 bridge, and it is needed in order to connect to external services such as Carrier's cloud service.

[scyto]

Network mode host is needed in order for infinitude to open a connection to a networked RS-485 bridge, and it is needed in order to connect to external services such as Carrier's cloud service.

no it isn't i have done both today just fine using bridge (modulo the 404 issue)

[nebulous]

Do we need to spell these out explicitly at all I wonder? The. best line of code/config is no code/config after all.

[dulitz]

Let's return to this question after scyto figures out why the container isn't working.

If you use the default bridge, it is possible to configure it to be non-isolated, and apparently scyto has done this, but it is not the default.

If you use a user-defined bridge and use the right set of options, you might be able to gain access to the outside world without the user needing to do special config outside of Docker. I don't know how, but there's probably a way.

Host mode avoids those issues -- the best config is no config -- but it's all moot since the container doesn't work. :)

[dulitz]

BTW I looked at a lot of actual docker installations (as opposed to the docker docs), and it seems that all of them behave like @scyto describes: containers have access to the external network.

[scyto]

There is a nuance in docker that most folks miss.

The default bridge and a user created bridge do not behave in the same way.

For example the default bridge can have issues with DNS across containers on the same network (cant ping other containers, makes people think DNS is borked and you see people do all sorts of recommendations about changing the config files in the container).

The correct way (because the –link option is deprecated) is to always create a custom bridge for containers to live on – then DNS works correctly both inside the custom bridge container for container to container addressing by name and also sometimes solves DNS external issues too.

Use bridge networks | Docker Documentationhttps://docs.docker.com/network/bridge/#differences-between-user-defined-bridges-and-the-default-bridge

Also both bridge types are NAT’d this means that the containers won’t see any form of broadcast traffic (e.g. mDNS from outside the container network) and if a port is not published then nothing can reach from your home network into the container by default.

Tl;dr difference in bridge functionality can make one think there is no external connectivity 😊

Took me hundreds of hours of messing about to get to the bottom of bridge vs default bridge vs host vs macvlan, they didn’t make it obvious or easy ☹

From: @.> Sent: Thursday, September 2, 2021 12:12 PM To: @.> Cc: @.>; @.> Subject: Re: [nebulous/infinitude] make docker-compose file work? (#123)

BTW I looked at a lot of actual docker installations (as opposed to the docker docs), and it seems that all of them behave like @scytohttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fscyto&data=04%7C01%7C%7C1f70fd8124c9443c516a08d96e459728%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637662067430045722%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=xyHpGrnizxnUzkxc04je6j%2Fdyia42O4H9DrOGuqFiJo%3D&reserved=0 describes: containers have access to the external network.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnebulous%2Finfinitude%2Fpull%2F123%23issuecomment-911978689&data=04%7C01%7C%7C1f70fd8124c9443c516a08d96e459728%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637662067430045722%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=woyKoE%2FdvL3W5S8opziraSgo1SOryniW89Ly8tzhAhU%3D&reserved=0, or unsubscribehttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FACWXVXDYIQFPQEFTVA7ILKTT77EBLANCNFSM5CVTZK6Q&data=04%7C01%7C%7C1f70fd8124c9443c516a08d96e459728%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637662067430055713%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=9LaTNZe9wlNtD%2BNuew42h8au1il2AJFc5zi%2BUDObcFY%3D&reserved=0.