Community discussions

MikroTik App
 
elbob2002
Member Candidate
Member Candidate
Posts: 153
Joined: Tue May 15, 2018 8:15 pm
Location: Ireland

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Jun 17, 2022 9:15 pm

reload last vm backup you made before do that test
Yep. Had a snapshot so reverted back. Any idea what command I should actually use not to brick the vm again?
RB5009, RB3011UiAS, RB750GR3, CRS328-24P-4S+, CRS125-24G-1S, CRS125-24G-1S-2HnD, 8 x CHR, Chateau LTE12
 
tangent
Long time Member
Long time Member
Posts: 540
Joined: Thu Jul 01, 2021 3:15 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Jun 17, 2022 10:20 pm

Any idea what command I should actually use not to brick the vm again?

The one given in the docs: “/system/device-mode/update container=yes”.

Home mode is very wrong for this.
 
elbob2002
Member Candidate
Member Candidate
Posts: 153
Joined: Tue May 15, 2018 8:15 pm
Location: Ireland

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 18, 2022 11:24 am

Any idea what command I should actually use not to brick the vm again?

The one given in the docs: “/system/device-mode/update container=yes”.

Home mode is very wrong for this.
Thank you! I don't know how I missed that in the docs!
RB5009, RB3011UiAS, RB750GR3, CRS328-24P-4S+, CRS125-24G-1S, CRS125-24G-1S-2HnD, 8 x CHR, Chateau LTE12
 
bma
just joined
Posts: 14
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 18, 2022 1:09 pm

I did the following and no longer see the "no space to extract layer" error when adding a container:
1) disabled SMB
2) deleted the SMB share referencing /disk1
3) reformatted the drive as ext4 without partition table. changed name to disk1
4) re-added the container

Maybe there is a conflict with SMB and containers both accessing the file system?

I'm still see the "sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?" error when modifying the configuration (which doesn't update) on the pihole website. As noted in the previous posts this is a known issue. I can ftp in, modify the container config files, and restart the container to update the configuration.
 
mistercovert
just joined
Posts: 1
Joined: Wed Nov 03, 2021 6:42 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 19, 2022 6:37 pm

I am successfully running Pihole in a container of my 5009 on 7.4RC using a Sandisk USB stick set to to disk2, I can pass traffic through the Pihole and DNS is pointing at the PiHole. When I log into the PiHole GUI, I cannot import additional adlists or add blacklist entries, when I run the Gravity update nothing is updated. Is anyone else having these problems?
 
User avatar
KexyBiscuit
just joined
Posts: 2
Joined: Mon Jul 13, 2020 10:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 19, 2022 9:34 pm

Is it possible to allow access to /dev/qce in the container, for faster crypto operations on Qualcomm platform routers?
 
User avatar
pi0
just joined
Posts: 10
Joined: Sat Nov 27, 2021 12:56 pm
Location: The Netherlands
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 19, 2022 11:07 pm

Congratulations to the Mikrotik team! Super excited containers are back again!

I have made a tutorial and image to run generic Debian/Alpine SSH server using containers: viewtopic.php?p=940768

Please let me know what you think and I hope this helps to try container features and possibilities and find new ideas.
 
DeviceLocksmith
just joined
Posts: 21
Joined: Sat Jan 15, 2022 8:21 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 21, 2022 8:09 pm

Great work MikroTik! Now if we could specify the working directory for container pull operation, that would be great!

Now I am running Ubiquiti Unifi controller on MikroTik router! :mrgreen:
 
antonsb
MikroTik Support
MikroTik Support
Posts: 259
Joined: Sun Jul 24, 2016 3:12 pm
Location: Riga, Latvia

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 21, 2022 9:13 pm

Great work MikroTik! Now if we could specify the working directory for container pull operation, that would be great!

Now I am running Ubiquiti Unifi controller on MikroTik router! :mrgreen:
specifying directory will be possible in next release
 
User avatar
ghostinthenet
just joined
Posts: 5
Joined: Sun Apr 04, 2021 1:36 pm
Location: Niagara-on-the-Lake, Canada
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 21, 2022 9:23 pm

Now that we're running containers under RouterOS' Linux kernel, it would be good to know what features are compiled in. Does MikroTik publish (or plan to publish) the kernel config file for each RouterOS release? If we're planning to run containers that need kernel features that aren't present, I'd like to know before I do the work to create the container.
Jody Lemoine, Network Architect
CCIE EI 41436, MTCNA, MTCRE
tishco networks, Virtually Everywhere
 
chrisfr
just joined
Posts: 5
Joined: Thu Sep 02, 2021 3:35 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 22, 2022 10:48 am

Is there some plan for device without usb and with a small flash storage (16MB) ? Maybe you could implement ramdisk ? or NFS client ?

Is there a way to use this kind of container ( https://hub.docker.com/r/d3fk/nfs-client/ ) to have space for other container ?

thanks
 
pe1chl
Forum Guru
Forum Guru
Posts: 8576
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 22, 2022 11:17 am

Is there some plan for device without usb and with a small flash storage (16MB) ? Maybe you could implement ramdisk ?
Devices with small flash storage already have a ramdisk. What we need is a ramdisk option on ALL devices (e.g. /ramdisk directory in the file space).
 
bma
just joined
Posts: 14
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 22, 2022 9:52 pm

If at reboot I start the container directly from the scheduler at Start Time 'startup' with On-Event '/container/start 0' it silently fails. A fixed :delay is one workaround, but I prefer to block on some state so I wrote the following script. It waits on the dhcp client to be in a bound state. I'm not a programmer and am new to MT so I'm sure it can be improved. Perhaps it's useful to others who have a similar problem.
# container name comparison string.  ".*" to run all containers
:local containerName ".*";
#:local containerName "0110745e-6724-4c41-ab87-e21c054ebf3d|1306f802-a3d8-4436-ae41-4d991709cef0";

# timeout in seconds for up state
:local timeout 60;

# $up return - nonzero when containers can execute
:local up do={ :return [/ip/dhcp-client/print count-only where status=bound]; }

# wait for $up to be nonzero or timeout to expire
:local count 0;
:while (($count < $timeout) and ([$up] = 0)) do={
  :delay 1s
  :set count ($count+1);
}

if ([$up] = 0) do={
  :log warning "container $containerName timeout after $count seconds";
} else={
  :local min 0;
  :local max ([/container/print count-only]-1);

  :log info "container $containerName ready to start after $count seconds";
  :local startCount 0;
  for i from=$min to=$max do={
    if (([/container/print as-value]->$i->"name") ~ $containerName) do={
      :local name ([/container/print as-value]->$i->"name");
      :local tag ([/container/print as-value]->$i->"tag");

      if (([/container/print as-value]->$i->"status") = "stopped") do={
        :log info "container [$i] name=$name tag=$tag starting";
        /container/start $i;
        :set startCount ($startCount+1);
      } else={
        :log info "container [$i] name=$name tag=$tag not in stopped state";
      }
    }
  }
  :log info "container $startCount containers started";
}
 
User avatar
FisHlaBsoMAN
just joined
Posts: 1
Joined: Thu Jun 23, 2022 1:18 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 23, 2022 1:26 am

Hi! Could it be possible to use tun/tap interfaces? it is very necessary for tinc mesh network. Now tun module is loaded after using Zerotier interface, but no rights to create /dev/no/tun device. However, the bridge interface can be created, which is already very pleasing.
I have now created a container for myself with alpine, set up openssh and am very happy with the opportunity to deploy though custom dns and http services. If the possibility of tinc and generally access to tun/tap services appears, then it will be super cool!
I love my mikrotik hap ac² 256M
 
haedertowfeq
just joined
Posts: 10
Joined: Thu Nov 19, 2020 5:58 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 23, 2022 8:55 am

Hi
Anyone run adguard/adgurdhome with container
I get : can't graet /opt/adgurdhome/work/ada, permission denied
 
fragtion
Member Candidate
Member Candidate
Posts: 187
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 23, 2022 1:48 pm

Hi! Could it be possible to use tun/tap interfaces? it is very necessary for tinc mesh network. Now tun module is loaded after using Zerotier interface, but no rights to create /dev/no/tun device. However, the bridge interface can be created, which is already very pleasing.
I have now created a container for myself with alpine, set up openssh and am very happy with the opportunity to deploy though custom dns and http services. If the possibility of tinc and generally access to tun/tap services appears, then it will be super cool!
+1
 
pe1chl
Forum Guru
Forum Guru
Posts: 8576
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 23, 2022 2:03 pm

That kind of features would always be difficult. How do you want the traffic to be routed? For the static veth interfaces you define that at the RouterOS side during setup of your container, but when the container would be allowed to setup dynamic interfaces (like tunnels), what would they be connected to?
 
johnsonX
just joined
Posts: 2
Joined: Tue Apr 19, 2022 11:58 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Jun 24, 2022 6:00 pm

CCR2004-16G using 7.4 Beta4 docker find the bug, add the new contanier has a chance to cover other contanier‘s config,if reboot the device,the root-dir file and config will null!
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Jun 24, 2022 10:22 pm

If at reboot I start the container directly from the scheduler at Start Time 'startup' with On-Event '/container/start 0' it silently fails.
This is a scripting thing, "0" only means something only after a print was issued, otherwise it doesn't point to anything, that's why it fails, it's mentioned somewhere in the docs and/or in the forums for sure.
I've mentioned a simple way to deal with it, here: viewtopic.php?p=941801#p941801
MTKEK Certified, IP Sparky
Check yer peers!
 
ayufan
Member
Member
Posts: 333
Joined: Sun Jun 03, 2007 9:35 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 25, 2022 1:17 pm

That kind of features would always be difficult. How do you want the traffic to be routed? For the static veth interfaces you define that at the RouterOS side during setup of your container, but when the container would be allowed to setup dynamic interfaces (like tunnels), what would they be connected to?
It is not. Containers (docker/lxc) do usually have its own namespace for PID, network, etc. It does mean that you fully control network interfaces, ip routes, iptables, and this is separate from the host. It means that you can configure VPN that will only be available in a container, and the host (mikrotik) controls how the traffic from veth should be handled.

The Mikrotik's container support (as usual for MikroTik) is somehow limited as it only allows a single `veth` as this moment, and it also appears that this `veth` cannot be bridged with local network.

And it does not allow `docker exec` into a running container, something that is very handy for debugging.
hAP AC, TP-Link Archer C7 v2, RB951G, RB450G, RPI2, RPI zero
 
pe1chl
Forum Guru
Forum Guru
Posts: 8576
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 25, 2022 1:31 pm

Yes I understand that, but I expected that people wanted their container to be a node in some VPN and that they want to make connections both to other nodes and to local networks connected to the router.
I do not see how that could be dynamically set up from inside the container. Maybe in the limited case of allowing a single local network and a single connection to the outside world you could get it working via some static configuration.
 
ayufan
Member
Member
Posts: 333
Joined: Sun Jun 03, 2007 9:35 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 25, 2022 1:37 pm

There's a problem with filesystems mounted with `nosuid` preventing usage of `sudo` (and possibly PTY access). This is also present on all mounted disk.
# RouterOS
/interface veth
add address=172.17.0.3/16 gateway=172.17.0.1 name=ssh-veth
/container config
set registry-url=https://registry-1.docker.io
/container envs
add list=ssh name=SUDO_ACCESS value=true
add list=ssh name=PASSWORD_ACCESS value=true
add list=ssh name=USER_NAME value=user
add list=ssh name=USER_PASSWORD value=password
add list=ssh name=TZ value=Europe/Warsaw
/container
add envlist=ssh interface=ssh-veth logging=yes remote-image=linuxserver/openssh-server:latest

# Terminal
$ ssh -p 2222 user@172.17.0.3
PTY allocation request failed
$ ssh -p 2222 user@172.17.0.3 mount
/dev/sda2 on / type ext3 (rw,nosuid,nodev,noatime)
tmpfs on /dev type tmpfs (rw,nosuid,relatime,size=65536k,mode=755,uid=32768,gid=32768)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
hAP AC, TP-Link Archer C7 v2, RB951G, RB450G, RPI2, RPI zero
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 25, 2022 9:23 pm

I had the same problem, install starwarsfan/alpine-sshd:latest and got good result, use the following environment variables:
ROOT_LOGIN_UNLOCKED="true"
ROOT_PASSWORD="123456"

Tuve el mismo problema, instale starwarsfan/alpine-sshd:latest y tuve buen resultado, use las siguientes variables de entorno:
ROOT_LOGIN_UNLOCKED="true"
ROOT_PASSWORD="123456"
There's a problem with filesystems mounted with `nosuid` preventing usage of `sudo` (and possibly PTY access). This is also present on all mounted disk.
# RouterOS
/interface veth
add address=172.17.0.3/16 gateway=172.17.0.1 name=ssh-veth
/container config
set registry-url=https://registry-1.docker.io
/container envs
add list=ssh name=SUDO_ACCESS value=true
add list=ssh name=PASSWORD_ACCESS value=true
add list=ssh name=USER_NAME value=user
add list=ssh name=USER_PASSWORD value=password
add list=ssh name=TZ value=Europe/Warsaw
/container
add envlist=ssh interface=ssh-veth logging=yes remote-image=linuxserver/openssh-server:latest

# Terminal
$ ssh -p 2222 user@172.17.0.3
PTY allocation request failed
$ ssh -p 2222 user@172.17.0.3 mount
/dev/sda2 on / type ext3 (rw,nosuid,nodev,noatime)
tmpfs on /dev type tmpfs (rw,nosuid,relatime,size=65536k,mode=755,uid=32768,gid=32768)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Jun 25, 2022 11:26 pm

Here is a list of containers that I have successfully tested.
container01.jpg
grafana.jpg
You do not have the required permissions to view the files attached to this post.
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
User avatar
Rhoos
just joined
Posts: 20
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 26, 2022 7:32 pm

Hello people, I downloaded and installed the latest firmware "7.4beta4 Testing" in order to activate the containers, however when activating the container mode,

"/system/device-mode/update container=yes"

and then rebooting my router several times, including turning off the router completely and turning it on a few seconds later and the container mode is not activated,

([admin@RB3011RRML] > system/device-mode/print
mode: enterprise

My hardware is RB3011UiAS(arm) and I'm using an external memory stick.

What am I doing wrong?
Thanks.
RB3011 UiAS (arm)
Best regards
Ricardo
 
User avatar
Larsa
Long time Member
Long time Member
Posts: 514
Joined: Sat Aug 29, 2015 7:40 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 26, 2022 8:52 pm

Just power off/on or use the reset button (ie no soft reboot). Don't forget to install the Container package.
 
User avatar
luma
just joined
Posts: 5
Joined: Sun Jul 07, 2019 4:00 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 26, 2022 9:07 pm

Does anyone have this working with PiHole and with the ability to make changes? The PiHole container will run for me, but any attempt to make changes through the UI and save fails, so I cannot actually configure the thing. System is configured per the docs with an external SSD mounted as `disk1`.
[admin@router01] > /disk print
Flags: M, r - RAID-MEMBER; p - PARTITION
Columns: SLOT, MODEL, SERIAL, INTERFACE, NAME, FS, LABEL, FREE, SIZE
#    SLOT        MODEL                    SERIAL        INTERFACE         NAME   FS    LABEL         FREE      SIZE    
0    usb1        Samsung Portable SSD T3  0123456789AB	USB 2.10 480Mbps                                       232.9GiB
1 Mp usb1-part1                                                           disk1  ext4  router01-usb  230.7GiB  232.9GiB
[admin@router01] > /container export
# jun/26/2022 14:04:10 by RouterOS 7.4beta4
# software id = SX2N-XPCP
#
# model = RB5009UG+S+
# serial number = 0123456789AB
/container mounts
add dst=/etc/pihole name=etc_pihole src=/disk1/etc
add dst=/etc/dnsmasq.d name=dnsmasq_pihole src=/disk1/etc-dnsmasq.d
/container
add envlist=pihole_envs interface=veth1 mounts=dnsmasq_pihole,etc_pihole root-dir=disk1/pihole
/container config
set registry-url=https://registry-1.docker.io
/container envs
add list=pihole_envs name=TZ value=America/Detroit
add list=pihole_envs name=WEBPASSWORD value=<password>
add list=pihole_envs name=DNSMASQ_USER value=root
 
User avatar
Rhoos
just joined
Posts: 20
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jun 26, 2022 11:57 pm

Just power off/on or use the reset button (ie no soft reboot). Don't forget to install the Container package.
Thanks a lot!! I tried with the physical reset button and this time it worked!

[admin@RB3011RRML] > system/device-mode/print
mode: enterprise
container: yes

:D
RB3011 UiAS (arm)
Best regards
Ricardo
 
kilodelta
just joined
Posts: 1
Joined: Wed Aug 25, 2021 7:13 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 3:07 am

Does anyone have this working with PiHole and with the ability to make changes? The PiHole container will run for me, but any attempt to make changes through the UI and save fails, so I cannot actually configure the thing. System is configured per the docs with an external SSD mounted as `disk1`.
I had the same issue. In my case, I found it was best to do configuration by setting environment variables to change all the settings I wanted as defined in the PiHole Docker documentation.

An example from my router:
[admin@KDTA-1806Grace] /container/config> /container/envs/print
 0 list="pihole" name="TZ" value="UTC" 

 1 list="pihole" name="WEBPASSWORD" value="transrightsarehumanrights" 

 2 list="pihole" name="DNSMASQ_USER" value="root" 

 3 list="pihole" name="FTLCONF_REPLY_ADDR4" value="172.17.0.2" 

 4 list="pihole" name="ADMIN_EMAIL" value="nope@youwish.example" 

 5 list="pihole" name="PIHOLE_DOMAIN" value="lan" 

 6 list="pihole" name="TEMPERATUREUNIT" value="f" 

 7 list="pihole" name="DNSMASQ_LISTENING" value="all" 

 8 list="pihole" name="REV_SERVER" value="true" 

 9 list="pihole" name="REV_SERVER_DOMAIN" value="lan" 

10 list="pihole" name="REV_SERVER_TARGET" value="192.168.0.1" 

11 list="pihole" name="REV_SERVER_CIDR" value="192.168.0.0/24" 

12 list="pihole" name="PIHOLE_DNS_" value="1.1.1.2;1.0.0.2" 
 
DaSnipe
just joined
Posts: 7
Joined: Mon Jan 17, 2022 5:00 am
Location: Montreal, QC, Canada
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 3:44 am

Don't want to be another +1 but Pihole won't save any data, would be nice to resolve my local domains and CNAME them.

Also curious to see if something big like Portainer would run, that would be something
 
tpedko
just joined
Posts: 18
Joined: Wed May 22, 2019 9:58 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 9:31 am

Does anyone have this working with PiHole and with the ability to make changes? The PiHole container will run for me, but any attempt to make changes through the UI and save fails, so I cannot actually configure the thing. System is configured per the docs with an external SSD mounted as `disk1`.
This is a bug, waiting for a fix.
post support viewtopic.php?t=178342#p940376
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:06 pm

After upgrading from 7.4beta4 -> 7.4beta5, my configuration under /container/mounts, /container/envs on a hAP ac3 disappeared.
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:35 pm

Yup, it's broken viewtopic.php?t=186583#p942105
Short version: stay away from 7.4beta5.
Last edited by Znevna on Mon Jun 27, 2022 5:45 pm, edited 1 time in total.
MTKEK Certified, IP Sparky
Check yer peers!
 
haedertowfeq
just joined
Posts: 10
Joined: Thu Nov 19, 2020 5:58 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:35 pm

adguardhome don't run
log:
[fatal] Cannot create DNS data dir at /opt/adguardhome/work/data: mkdir /opt/adguardhome/work/data: permission denied
 
tpedko
just joined
Posts: 18
Joined: Wed May 22, 2019 9:58 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:47 pm

correct envs
/container envs
add key=TZ name=pihole_envs value=Europe/Moscow
add key=ServerIP name=pihole_envs value=172.17.0.2
add key=WEBPASSWORD name=pihole_envs value=password
add key=DNSMASQ_USER name=pihole_envs value=root
/container
add envlist=pihole_envs hostname=pihole interface=veth1 logging=yes mounts=etc_pihole,dnsmasq_pihole
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:51 pm

Yes, "list" was replaced with "key" but it doesn't work.
MTKEK Certified, IP Sparky
Check yer peers!
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:54 pm

"list" replaced with "name", "name" replaced with "key"
Yes, "list" was replaced with "key" but it doesn't work.
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 5:58 pm

That I didn't try. And it works?
MTKEK Certified, IP Sparky
Check yer peers!
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 6:00 pm

I had to remove the containers and start over. and it worked for me.
That I didn't try. And it works?
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 6:30 pm

Nice, is the sudo bug fixed? viewtopic.php?t=178342#p940376
MTKEK Certified, IP Sparky
Check yer peers!
 
User avatar
Rhoos
just joined
Posts: 20
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 6:54 pm

I had to remove the containers and start over. and it worked for me.
That I didn't try. And it works?
Would you be so kind as to explain to me how you remove the container, I am an apprentice in the matter?
Thanks.
RB3011 UiAS (arm)
Best regards
Ricardo
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 8:28 pm

It will remove containers, environments and mount points.
/container/remove [find];
/container/envs/remove [find];
/container/mounts/remove [find];
I had to remove the containers and start over. and it worked for me.
Would you be so kind as to explain to me how you remove the container, I am an apprentice in the matter?
Thanks.
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
tpedko
just joined
Posts: 18
Joined: Wed May 22, 2019 9:58 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 11:17 pm

Nice, is the sudo bug fixed? viewtopic.php?t=178342#p940376
fixed!
 
User avatar
Rhoos
just joined
Posts: 20
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jun 27, 2022 11:59 pm

Muchas gracias!
It will remove containers, environments and mount points.
/container/remove [find];
/container/envs/remove [find];
/container/mounts/remove [find];


Would you be so kind as to explain to me how you remove the container, I am an apprentice in the matter?
Thanks.
RB3011 UiAS (arm)
Best regards
Ricardo
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 28, 2022 12:02 am

Nice, is the sudo bug fixed? viewtopic.php?t=178342#p940376
fixed!
Nice! I've done a quick test with pihole and it doesn't seem to throw that error anymore, indeed.
I'll test other stuff tomorrow.
Cheers!
MTKEK Certified, IP Sparky
Check yer peers!
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 28, 2022 8:57 am

After upgrading to version 7.4beta5 on my hAP ac3, my setup no longer worked, so I removed the containers, environments and mounts and started over.
/container/remove [find];
/container/envs/remove [find];
/container/mounts/remove [find];
Mount the syslog-ng, mariadb, grafana containers; those containers had previously left the data on the mount points on my storage drive; When mounting pihole, it had no data saved, I installed it and it worked perfectly, however, notice that it does not create the folders for the mount points on the storage unit.
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
gsmphoenix
just joined
Posts: 5
Joined: Wed Apr 15, 2020 12:32 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 28, 2022 2:18 pm

Hi
I am currently running the pihole on my RB3011 and its working the only problem i have is when we power outages and I am formed to do manually startup on the container.
is the a way to do a script that can automatically start the container after every reboot even intentional reboot.
Hi,

if someone is interested, I built containers for OLSRd V1 and OLSRd V2.
I posted it on the FunkFeuer forum (german).
All containers as also experienced information about it with used commands and scripts to properly start the containers after reboot is also mentioned.

Thanks for this awesome feature in RouterOS!
 
infabo
Member Candidate
Member Candidate
Posts: 297
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jun 28, 2022 2:25 pm

scheduler system startup script
 
semaja2
just joined
Posts: 9
Joined: Wed Sep 08, 2021 3:50 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 29, 2022 3:38 am

Can we get an option to just print the log from a container, and run commands or open a cli whilst its running
 
tpedko
just joined
Posts: 18
Joined: Wed May 22, 2019 9:58 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 29, 2022 10:17 am

someone was able to run adguardhome?
share your settings
 
joedoelv
just joined
Posts: 2
Joined: Mon Apr 06, 2020 2:03 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 29, 2022 1:54 pm

In 7.4beta5 I have an issue with packets forwarding between container and host when destination is internal.

My scenario:
I'm running pihole in container but using conditional forwarding to resolve local domain hostnames/IPs by DNS server on router itself.
According to pihole logs all queries towards router were N/A.
I've tried to forward queries to bridge "dockers" IP, router LAN interface IP even to loopback bridge IP but without success.

P.S. Workaround was to have another DNS server on LAN segment to bounce queries back to router.
 
bma
just joined
Posts: 14
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Jun 29, 2022 9:26 pm

Anyone else seeing increasing memory usage over time with running containers even when they are idle?

I noticed unexpectedly high (700MB+) memory usage in winbox on a RB5009 7.4beta5. Seems like memory usage grows over time when a container is running independent of type. It's hard to see because of the scale in the picture, but usage is growing even for the last reboot after the first container is started. The only time it doesn't increase over time is when all containers are stopped. I was expecting overall higher memory usage when running containers, but not the constant, perhaps unbounded, increase.

I can wait until it gets to 700+ again and check what each container thinks its using. Pretty sure that plus the ~230MB base will be around 500MB.

Logging is set to "no" for both containers.
rb5009_containers_memory_usage.png
You do not have the required permissions to view the files attached to this post.
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 12:12 am

someone was able to run adguardhome?
share your settings
Yeah, I'm no expert here but it seems the mounts don't get created for some reason and something else restricts mkdir from functioning properly.
I only managed to get it working by using as mounts some directories from inside the container >.> not ideal.
/container mounts
add dst=/opt/adguardhome/work name=agh_workdir src=/zdisk/containers/adguardhome/tmp
add dst=/opt/adguardhome/conf name=agh_conf src=/zdisk/containers/adguardhome/home

/container
add remote-image=adguard/adguardhome:latest interface=veth2 logging=yes mounts=agh_workdir,agh_conf root-dir=zdisk/containers/adguardhome
MTKEK Certified, IP Sparky
Check yer peers!
 
User avatar
Rhoos
just joined
Posts: 20
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 2:45 am

someone was able to run adguardhome?
share your settings
I am a user of AdGuard Home and PiHole, the former I use in the primary DNS and the latter in the secondary, and I am very interested in putting them to work as a container inside my RB3011, but I have not been successful in configuring AdGuard Home as a container well .
RB3011 UiAS (arm)
Best regards
Ricardo
 
User avatar
Rhoos
just joined
Posts: 20
Joined: Sun Dec 20, 2015 3:48 pm
Location: Costa Rica
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 2:50 am

someone was able to run adguardhome?
share your settings
Yeah, I'm no expert here but it seems the mounts don't get created for some reason and something else restricts mkdir from functioning properly.
I only managed to get it working by using as mounts some directories from inside the container >.> not ideal.
/container mounts
add dst=/opt/adguardhome/work name=agh_workdir src=/zdisk/containers/adguardhome/tmp
add dst=/opt/adguardhome/conf name=agh_conf src=/zdisk/containers/adguardhome/home


Znevna, you use AdGuard Home image for "arm" if it is correct please where did you get it?
Thanks.



/container
add remote-image=adguard/adguardhome:latest interface=veth2 logging=yes mounts=agh_workdir,agh_conf root-dir=zdisk/containers/adguardhome
RB3011 UiAS (arm)
Best regards
Ricardo
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 6:36 am

It happened to me too, I had to create the mount folders by hand.

viewtopic.php?p=942234#p942234
someone was able to run adguardhome?
share your settings
Yeah, I'm no expert here but it seems the mounts don't get created for some reason and something else restricts mkdir from functioning properly.
I only managed to get it working by using as mounts some directories from inside the container >.> not ideal.
/container mounts
add dst=/opt/adguardhome/work name=agh_workdir src=/zdisk/containers/adguardhome/tmp
add dst=/opt/adguardhome/conf name=agh_conf src=/zdisk/containers/adguardhome/home

/container
add remote-image=adguard/adguardhome:latest interface=veth2 logging=yes mounts=agh_workdir,agh_conf root-dir=zdisk/containers/adguardhome
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 8:46 am

I've tried creating them manually but it can't write in them.
MTKEK Certified, IP Sparky
Check yer peers!
 
daaf
just joined
Posts: 9
Joined: Sun Jan 12, 2020 4:39 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 9:06 am

I installed the "starwarsfan/alpine-sshd" container, put a mount drive pointing to my usb drive (disk3), shut down the other containers, started the "starwarsfan/alpine-sshd" container, connected via SSH and from there create the directories to mount with "mkdir".
I've tried creating them manually but it can't write in them.
MTCNA - MTCRE - MTCTCE.
IT administrator, software developer
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 9:11 am

I thought that doing something similar might help, but it was late last night, thank you!
MTKEK Certified, IP Sparky
Check yer peers!
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 11:25 am

Anyone else seeing increasing memory usage over time with running containers even when they are idle?
I have two containers currently added, you can see in the first part of the graph AdGuardHome running over night with no clients, just some lists loaded.
In the 2nd part of the graph (much shorter since it ran only for 2 hours) you can see Pi-hole sitting doing nothing (AdGuardHome was stopped before starting Pi-hole), but memory increase is visible over time.
memusage adguardhome vs pihole.PNG
Since Pi-hole is made up of a lot of stuff underneath you can't know what part of it is leaking memory, or even if it's something that got broken in the recent releases.
Meh, something to consider if someone wants to run Pi-hole :)
You do not have the required permissions to view the files attached to this post.
MTKEK Certified, IP Sparky
Check yer peers!
 
holvoetn
Forum Guru
Forum Guru
Posts: 1167
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 11:30 am

I doubt it is pihole on itself leaking memory.
I run it on a ... Pi ( duh !) but have never experienced reboots or crashes. It already runs some months ( which reminds me I need to check the updates on that little bugger).
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 11:32 am

I have it running on a Raspberry too, but it didn't see any updates in the last year :) probably that's why it didn't crash yet, lol (if it's not broken I'm not fixing it).
Like I've said, Pi-hole is made up of a modified dnsmasq, lighthttpd and other stuff, any of them could've caught a memory leak in recent versions.
AdGuardHome is just one binary.
MTKEK Certified, IP Sparky
Check yer peers!
 
bma
just joined
Posts: 14
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 1:14 pm

Ubuntu with just sshd running is also seeing increasing usage so it's not just pi-hole. Also, if I stop both containers after 500MB is used then I only free up ~80MB for a total of 420MB used. If the containers are never started after a reboot it's only at 230MB.

I'm hoping someone from MT could make sure there isn't some (debug?) data structure in the containers implementation growing without cleanup or leaking.
Last edited by bma on Thu Jun 30, 2022 1:16 pm, edited 1 time in total.
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 1:16 pm

Then my AdGuardHome would've seen increased memory usage, yet it didn't increase.
And you can always set how much memory a container can use :)
MTKEK Certified, IP Sparky
Check yer peers!
 
bma
just joined
Posts: 14
Joined: Sat Feb 19, 2022 11:40 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 1:18 pm

Not necessarily. It could be tied to something the container is doing in the background. Adguard maybe completely idle vs ubuntu/sshd and pi-hole still do that thing that triggers In any case, I welcome a response from MT directly.
 
User avatar
Znevna
Forum Veteran
Forum Veteran
Posts: 764
Joined: Mon Sep 23, 2019 1:04 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Jun 30, 2022 1:38 pm

I wouldn't point fingers without more data.
You say you have the same problem with debian, pi-hole is also debian based, adguardhome is alpine based.
I don't have time today for tests, we'll see.
MTKEK Certified, IP Sparky
Check yer peers!
 
johnsonX
just joined
Posts: 2
Joined: Tue Apr 19, 2022 11:58 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Jul 01, 2022 4:17 am

Is it possible to support the function of upgrading docker images?
 
fragtion
Member Candidate
Member Candidate
Posts: 187
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Jul 01, 2022 4:34 pm

Doesn't look like it's possible to do a "forced restart" (or poweroff) with some popular cloud providers, like amazon AWS... making it tricky to enable container device-mode on CHR/X86 in those cases. What's the recommended approach for such scenarios?
 
User avatar
devinganger
just joined
Posts: 10
Joined: Wed Jun 10, 2020 10:10 pm
Location: Monroe, WA, USA
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Jul 03, 2022 12:17 am

Doesn't look like it's possible to do a "forced restart" (or poweroff) with some popular cloud providers, like amazon AWS... making it tricky to enable container device-mode on CHR/X86 in those cases. What's the recommended approach for such scenarios?

Use the cloud provider's native Docker solution, perhaps?
--
Devin Ganger
 
User avatar
devinganger
just joined
Posts: 10
Joined: Wed Jun 10, 2020 10:10 pm
Location: Monroe, WA, USA
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Jul 04, 2022 6:58 am

Is it fair to assume that the MT containers do not support the equivalent of Docker bridge mode networking?

And if that is correct, is future support for bridged mode on the roadmap?
--
Devin Ganger
 
fragtion
Member Candidate
Member Candidate
Posts: 187
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jul 05, 2022 2:45 am

documentation says about mounts:
src= points to RouterOS location (could also be src=disk1/etc_pihole if, for example, You decide to put configuration files on external USB media), dst= points to defined location (consult containers manual/wiki/github for information on where to point). If src directory does not exist on first time use then it will be populated with whatever container have in dst location.
However, after adding a mount point to a container and starting it up, the "src" directory (valid path) was not created automatically. Anyone else had this problem with mounts?

I could create the folder manually with SMB which then seems to mount successfully, but is then read-only to the container when it starts up

Also, even if I don't use mounts, it seems any changes made in the root dir from within the container, are persistent anyway. Is this by design?

Edit: I see I'm not the only one having problems with mounts, hopefully this gets fixed in next version
 
lorenzo95
just joined
Posts: 3
Joined: Fri May 29, 2015 8:02 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Jul 05, 2022 8:39 pm

Figured I give container support a try since I didn't the last time it was released.
Turns out you can run tailscale as a userspace container on it without a lot of issues. This is using wireguard-go under the hood I believe.
I am now accessing winbox via tailscale. Not a bad deal.
They already provide a container that is meant for kubernetes but it just needs a startup script to run on mikrotik and voila.

It's a quick and dirty test but maybe someone else wants to play with it.

All I did was make a dockerfile:
FROM ghcr.io/tailscale/tailscale:unstable
COPY run.sh /run.sh
CMD "/run.sh"
and the run.sh looks like this to get it working:
rm -rf /tmp/tailscaled.sock
tailscaled --tun=userspace-networking --socket=/tmp/tailscaled.sock &> /dev/null &
PID= $!
#wait a while for the sock file to exist.
sleep 15 
tailscale --socket=/tmp/tailscaled.sock up --accept-dns=false --accept-routes=false --advertise-exit-node --advertise-routes="172.17.0.0/16" --authkey=tskey-...
wait $PID

Obviously this can be done with env variables and loops to be more reliable and functional. I just wanted to see if it would work at all and it does.

Cheers

Who is online

Users browsing this forum: Bing [Bot], Parsanejad, winap and 4 guests