Documentation improvement: Are the container stateful or stateles?

RouterOS Virtualization
1

I have currently dozen of containers running on RB5009. Documentation seems to be missing some maintenance information such as:

  1. Is the container stateless or stateful? upon restarting the container, its configurations and packages seem to persist. This does not look very much as docker, it works more like LXC. This is not clear from the documentation.
  2. what is the purpose of container reset function? is is not documented / not working:
    [admin@RB5009] > container/reset numbers=0
    failure: Can’t change root directory.
  3. Registry: on 7.12.1 seem to not work at all, no matter what, there is no real explanation what should be imported: a docker container or a root filesystem?

[admin@RB5009] > container/config/export
[…]
/container config
set registry-url=https://registry.hub.docker.com/_/ tmpdir=/usb1/temporary/


[admin@RB5009] > container/add interface=veth1 root-dir=usb1/containers/test2 hostname=test2 remote-image=pihole/pihole:latest
22:25:07 container,info,debug importing remote image: pihole/pihole, tag: latest
22:25:07 system,info item added by ssh:admin@192.168.1.26 (*1A = /container add hostname=test2 interface=veth1 remote-image=pihole/pihole:latest root-dir=usb1/containers/test2)
22:25:07 container,info,debug error parsing manifests
22:25:07 container,info,debug was unable to import, container 8b16b557-bacb-4c1e-9b45-94abb13e7689

  1. Is there any way to reach the container storage? the mounts? seems not, as its marked as container storage and while I can copy via ssh, I seem not to have access from mikrotik host. Is it by design? why it is not mentioned?

[admin@RB5009] > file/print
Columns: NAME, TYPE, SIZE, CREATION-TIME

NAME TYPE SIZE CREATION-TIME

0 usb1 disk 2023-11-29 22:25:07
1 usb1/lost+found directory 2023-11-17 22:28:09

7 usb1/containers/test container store 2023-11-29 22:23:28
8 usb1/containers/test2 container store 2023-11-29 22:25:07
9 usb1/temporary directory 2023-11-29 22:25:07
10 usb1/etc directory 2023-11-28 00:41:17
11 usb1/etc/dns container store 2023-11-28 01:18:11
12 um5files/PRIVATE directory 1970-01-02 04:59:02

  1. Are the mounts shared? I can I make them immutable from the POV of the container? can i use same content for my application and only replace the application code (container application)?

This and probably more questions I’d love to have answered! here and ideally in the official Confluence container documentation!
Thanks and have a good day!

2
  1. Topic is in wrong forum section, should be here
  2. As you figured by yourself - stateful. Why do you think that ROS uses Docker internally?
  3. Not sure what this command does, never need to use it. There is also layer-dir property in config with unknown purpose.
  4. Don’t have such issue on same ROS version, set registry-url to https://registry-1.docker.io and try again, your url is not valid.
    4.,5. You can get r/w mounted directory from ROS by removing .type file in mounted directory or by mounting existing directory on FS which doesn’t contain that file. In this case these directories will be read-only in container and possible can be mounted on other containers (did not try it). You cannot achieve r/w mounted directory on both systems, eather by container (directory that contains .type file with content container) or by ROS (without .type file), it’s by design.
3

RouterOS does not use any Docker code anywhere. It is not Docker.

4

@normis–> suggest video how to use vlans with capsman… Basically the presenter should take this article http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1
and ‘bend it’ as required for capsman.

5

Thank you @optio, @normis!

  1. Well, since docker hub was used. My point is, I shall not assume anything and simply read the manual. Current Confluence is not covering this, while I believe it should.
  2. Fair enough, not relevant, I thought its reseting the storage to initial layer (docker or volume lvm snapshot). What would be a good idea too.
  3. Nah, none of these urls work for me and since technical intricates are hidden, can’t really do much here. But again, workaround works.

02:05:12 system,info container changed by ssh:admin@192.168.1.26 (/container config set registry-url=https://registry-1.docker.io tmpdir=/usb1/temporary)
02:07:16 container,info,debug importing remote image: pihole/pihole, tag: latest
02:07:16 system,info item added by ssh:admin@192.168.1.26 (*1B = /container add hostname=test2 interface=veth1 remote-image=pihole/pihole:latest root-dir=usb1/containers/test2)
02:07:26 container,info,debug unexpected response from container registry: resolving error
02:07:26 container,info,debug was unable to import, container 4b2d0606-25d5-41d9-a445-6f0f83298851

4,5. Thanks. Removing .type was what helps.

6

Regarding resolving error, you can check if registry-1.docker.io is resolving correctly on ROS:

> :put [:resolve registry-1.docker.io]
54.227.20.253

If is resolved, maybe reboot helps after changing registry URL (if you did not already tried) and double check if some special character is not pasted with URL (if is that even possible).
I have same ROS version, same registry URL and Pi-hole container installed from that registry, no problems, don’t have clue what else may be wrong if all above is checked unless issue is caused by other component in network. You can see how to investigate requests to Docker registry here.

7

Thanks, you were correct. I use own DNS server and entered DNS view for the routers with static entries months ago. Happens.