#0 /usr/bin/nsenter -net=/var/run/docker/netns/2ce0c6d8de7f ip link set veth0pg25966 name eth0 #0 /sbin/ip link set veth0pl25966 master dummy-bridge #0 /sbin/ip link add name veth0pl259 type veth peer name veth0pg259 #network docker run -detach -name= -label=ntainer#network -net=none -tty -cgroup-parent /opensvc.slice/demomac.slice/container.slice/ markeijsermans/debug momac /bin/echo 0 >/sys/fs/cgroup/cpuset/opensvc.slice/demomac.slice/ms momac /bin/echo 0-7 >/sys/fs/cgroup/cpuset/opensvc.slice/demomac.slice/cpuset.cpus A virtual nic is added into the docker container network namespace using the parameters declared into the ip#0 section. It looks like drone.io might, because it uses a superset of docker-compose, but I haven't tried it yet.Ī further restriction is that this has to play nice on an existing Docker host with running containers, and only manage specific containers/networks.Īssuming there are tools that will do it, we also have to integrate them with our pipelines, ideally Codefresh, or Jenkins :)Ĭreate a simple opensvc service om demomac createīelow is an example config using a bridge named "dummy-bridge".
So the question is, are there any lightweight orchestration tools we can use to deploy and upgrade containers which can set a MAC address? Kubernetes doesn't support it, and looking around, it's hard to get a straight answer on what does. Using docker-compose in production isn't advisable either. This was fine with a handful of applications, occasionally adding a new one, but we're trying to scale up and deploy more rapidly, in line with our k8s pipelines, so the hand-rolled deployments aren't working out, we want more automation and configuration as code. Otherwise, where we're not limited by archaic licence models, we use Kubernetes. So far, we've been able to use this well enough with docker-compose configurations matching that MAC address, across multiple containers/apps each with their own docker network, and this apparently doesn't violate the licence terms.
I work for a company that uses some software with a licence tied to the MAC address of the host's network interface (I assume eth0), so it's only limited to the host.