Docker with ipv6 on Digital Ocean
This is a proof of concept for a Docker compose setup together with ipv6 on Digital Ocean
Interface Config
Localhost
The following lists the setup of a typical network configuration, we focus the v6 configuration:
# ifconfig eth0 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 159.65.xxx.yyy netmask 255.255.248.0 broadcast 159.65.xxx.255 inet6 2604:a880:400:d0::xxxx:yyy1 prefixlen 64 scopeid 0x0<global> inet6 fe80::5ce1:17ff:feab:f3d9 prefixlen 64 scopeid 0x20<link> ether 5e:e1:17:ab:f3:d9 txqueuelen 1000 (Ethernet) RX packets 2697112 bytes 965626743 (920.8 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1827600 bytes 8041106277 (7.4 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Digital Ocean
Digital Ocean, Droplet information about the ipv6 configuration:
Public IPv6 Address 2604:a880:400:d0::xxxx:yyy1 Copy Public IPv6 Gateway 2604:a880:400:d0::1 Configurable Address Range 2604:a880:400:d0::xxxx:yyy0 - 2604:a880:400:d0::xxxx:yyyf
System Information
# lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 12 (bookworm) Release: 12 Codename: bookworm
System Settings
- On the Drople itself - Enable v6
- net.ipv6.conf.default.disable_ipv6 = 0
- net.ipv6.conf.all.disable_ipv6 = 0
- On the Drople itself - Enable Forwarding
- net.ipv6.conf.default.forwarding=1
- net.ipv6.conf.all.forwarding=1
View/Print
sysctl -n net.ipv6.conf.default.disable_ipv6 sysctl -n net.ipv6.conf.all.disable_ipv6 sysctl -n net.ipv6.conf.default.forwarding sysctl -n net.ipv6.conf.all.forwarding
SET
sysctl net.ipv6.conf.default.disable_ipv6=0 sysctl net.ipv6.conf.all.disable_ipv6=0 sysctl net.ipv6.conf.default.forwarding=1 sysctl net.ipv6.conf.all.forwarding=1
Docker compose
- docker-compose.yaml
- This sample does NOT require any settings in /etc/docker/dameon.json
- Add the docker compose network, we will use the droplet as default gateway:
version: "3.9" networks: app_net: enable_ipv6: true driver: bridge driver_opts: com.docker.network.enable_ipv6: "true" ipam: driver: default config: - subnet: 172.16.238.0/24 gateway: 172.16.238.1 - subnet: 2604:a880:400:d0::xxx:yyyy/124 gateway: 2604:a880:400:d0::xxxx:yyy1
- Add to each container the new network property, start with 2 then up to max 16
networks: app_net: ipv4_address: 172.16.238.2 ipv6_address: 2604:a880:400:d0::xxx:yyy2
- Full sample
version: "3.9" services: nginx: image: "some-nginx-image" ports: - "443:443" - "80:80" restart: unless-stopped container_name: nginx hostname: nginx user: www-data networks: app_net: ipv4_address: 172.16.238.2 ipv6_address: 2604:a880:400:d0::xxxx:yyy2 app: image: "some-app" restart: unless-stopped container_name: someapp hostname: someapp user: www-data networks: app_net: ipv4_address: 172.16.238.3 ipv6_address: 2604:a880:400:d0::xxxx:yyy3 networks: app_net: enable_ipv6: true driver: bridge driver_opts: com.docker.network.enable_ipv6: "true" ipam: driver: default config: - subnet: 172.16.238.0/24 gateway: 172.16.238.1 - subnet: 2604:a880:400:d0::xxxx:yyy0/124 gateway: 2604:a880:400:d0::xxxx:yyy1