Community discussions

MikroTik App
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 25042
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 2:29 pm

Discussion topic about release from here:
viewtopic.php?f=1&t=178341

Manual (being updated): https://help.mikrotik.com/docs/x/KYAPBQ

1. you need a container tar archive
2. relevant menus:
 
  interface/veth
  container
3. super basic example:
1. Get Docker image as tar archive and copy to router (currently there is no 'pull' command in RouterOS, so containers should be exported from a working Docker environment). Also note that container's architecture should match with the router's.
-----------------------------------------------------

  $ docker pull docker/example-container
  $ docker save docker/example-container > my-container.tar

2. Add veth interface for the container
---------------------------------------

  [admin@MikroTik] > /interface/veth/add name=veth1 address=172.17.0.2/16 gateway=172.17.0.1


3. Create bridge for containers and add veth to it
--------------------------------------------------

  [admin@MikroTik] > /interface/bridge/add name=docker
  [admin@MikroTik] > /ip/address/add address=172.17.0.1/16 interface=docker
  [admin@MikroTik] > /interface/bridge/port add bridge=docker interface=veth1


4. Setup NAT for outgoing traffic
---------------------------------

  [admin@MikroTik] > /ip/firewall/nat/add chain=srcnat action=masquerade src-address=172.17.0.0/16


5. Create environment variables for container if needed
-------------------------------------------------------

  [admin@MikroTik] > /container/envs/add list=foo name=SECRET value=12345678
  [admin@MikroTik] > /container/envs/add list=foo name=FOO value=bar


6. Define mounts if needed
--------------------------

  [admin@MikroTik] > /container/mounts/add name=etc src=disk1/etc dst=/etc
  [admin@MikroTik] > /container/mounts/add name=opt src=disk1/opt dst=/opt

If ``src`` directory does not exist on first time use then it will be populated
with whatever container have in ``dst`` location.


7. Create container from image tar
----------------------------------

  [admin@MikroTik] > /container/add file=my-container.tar interface=veth1 envlist=foo root-dir=disk1/foo mounts=etc,opt

Use ``logging=yes`` to see container output in log with tags
``container,debug,info``.


8. Make sure container has been added and status is stopped
-----------------------------------------------------------

  [admin@MikroTik] > container/print

9. Redirect port 8080 traffic to container
------------------------------------------

  [admin@MikroTik] > /ip/firewall/nat/add chain=dstnat action=dst-nat to-addresses=172.17.0.2 to-ports=80 protocol=tcp dst-port=8080


10. Start container
-------------------

  [admin@MikroTik] > /container/start 0
No answer to your question? How to write posts
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 2:36 pm

Answering to @anav (question posted in generic v7.1rc3 thread) ...

rextended you seem excited about docker. ;-)
Can you please elaborate if this is a feature I can use at home or is this something for those running ISPs??

Docker is one of many implementations for running containers. More about containerization.

In short: this is advanced stuff that will replace metarouter, but is much more flexible. If one doesn't know what to do with metarouter, then likely he won't know what to do with docker.
Last edited by mkx on Wed Sep 08, 2021 2:37 pm, edited 1 time in total.
BR,
Metod
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 2:37 pm

In future versions there is support for making a total backup of routerboard than contain docker, or like user-manager separate .tar file?

and export the single Docker on .tar for put it on another RouterBOARD?
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 2:42 pm

Wow! They did it!
That should put an end to the many +1 +1 +1 topics once and for all.
Now most requested features can simply be added by users, instead of always having to go to MikroTik with requests for niche stuff.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 2:48 pm

niche stuff.
Exactly (really not all, but the majority are useless for 99,9% of users...)
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 2:55 pm

At this point I must change my signature...
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:01 pm

An example of how to use container package to run PiHole in RouterOS can be found here
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:03 pm

niche stuff.
Exactly (really not all, but the majority are useless for 99,9% of users...)

Actually we can start a few +1 threads about removing some useless functionality from system package ... One prime example would be support for SMB (file services). Or (borken) DNS service. Or (your suggestion here).
BR,
Metod
 
aliclubb
just joined
Posts: 17
Joined: Tue Mar 07, 2017 12:29 pm
Location: Cambridge, UK

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:10 pm

Hmmm. Container menu is missing for me on my RB4011 and CHR. I upgraded via the built-in upgrade facility. User error or MikroTik build error? ;)
[ali@chr01] > /container
bad command name container (line 1 column 2)
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:11 pm

Hmmm. Container menu is missing for me on my RB4011 and CHR. I upgraded via the built-in upgrade facility. User error or MikroTik build error? ;)
[ali@chr01] > /container
bad command name container (line 1 column 2)
Have You installed the container.npk package (as with ZeroTier - container is a seperate package)
 
aliclubb
just joined
Posts: 17
Joined: Tue Mar 07, 2017 12:29 pm
Location: Cambridge, UK

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:13 pm

Hmmm. Container menu is missing for me on my RB4011 and CHR. I upgraded via the built-in upgrade facility. User error or MikroTik build error? ;)
[ali@chr01] > /container
bad command name container (line 1 column 2)
Have You installed the container.npk package (as with ZeroTier - container is a seperate package)
Thanks for that! Where was that info? Didn't see that when scrolling through the release notes, the forum posts or the wiki docs. Am I being blind?
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:16 pm

*) added Zerotier (TM) support for ARM and ARM64;
= download separate package zerotier because now this RouterOS support this

*) added support for running Docker (TM) containers;
= download separate package container because now this RouterOS support this
Last edited by rextended on Wed Sep 08, 2021 3:19 pm, edited 1 time in total.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:19 pm

Have You installed the container.npk package (as with ZeroTier - container is a seperate package)
It would be nice when available packages could be listed and installed from the packages menu!
Either on a separate window or by just listing all packages and have some status like not installed, disabled, installed.
(so you can install a package just as easily as you can uninstall, disable or upgrade it)
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:20 pm

NO, PLEASE NO!

dumb user still exist...
Device "bricked" because the space is depleted (hAP ac)...
Image
viewtopic.php?f=2&t=178319
Last edited by rextended on Wed Sep 08, 2021 3:24 pm, edited 1 time in total.
 
User avatar
xvo
Forum Guru
Forum Guru
Posts: 1244
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:24 pm

That is simply awesome!
 
r00t
Member
Member
Posts: 478
Joined: Tue Nov 28, 2017 2:14 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:40 pm

100% nice addition to ROS!
Kudos to bringing this feature to 7.1, it opens great possibilities of finally running your own code on ROS.
 
mafiosa
Member Candidate
Member Candidate
Posts: 189
Joined: Fri Dec 09, 2016 8:10 pm
Location: Kolkata, India
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:46 pm

An example of how to use container package to run PiHole in RouterOS can be found here
Please add an example to run mDNS using container.
Running Bugtik v7.1 RC4 on RB3011-UiAS-RM HAP AC^2, VyOS 1.3 RC6 on Proxmox VE.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:51 pm

Write yourself the Docker
 
semaja2
just joined
Posts: 3
Joined: Wed Sep 08, 2021 3:50 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:53 pm

How do we get any logging output, or attach to a container console?

I have attempted to import the Alpine Armv6/v7 container to a RB4011 and neither will start and there is no log output

This is a great feature as it will enable things like running a small Zabbix proxy on a CHR or onsite router
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:56 pm

Just searched on Google mDNS proxy Docker
https://hub.docker.com/r/hausgold/mdns-proxy/
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 3:58 pm

How do we get any logging output, or attach to a container console?

I have attempted to import the Alpine Armv6/v7 container to a RB4011 and neither will start and there is no log output

This is a great feature as it will enable things like running a small Zabbix proxy on a CHR or onsite router
When adding container did You also specified "logging=yes"?
 
User avatar
Nevexo
just joined
Posts: 3
Joined: Fri Jun 14, 2019 8:59 pm
Location: United Kingdom
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:08 pm

Just searched on Google mDNS proxy Docker
https://hub.docker.com/r/hausgold/mdns-proxy/
There's also https://hub.docker.com/r/flungo/avahi - which is the Avahi daemon directly.
 
User avatar
IGHOR
just joined
Posts: 7
Joined: Tue Oct 21, 2014 12:36 am
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:09 pm

Looks like it supports only one container at time?
Please add an example how to start multiple containers.
 
brimfulnick
just joined
Posts: 4
Joined: Fri Sep 06, 2019 3:42 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:10 pm

This could be quite useful for the likes of ARM or amd64, however tile and *mips are going to be out of luck without the ability to build out a container for them.
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:11 pm

Looks like it supports only one container at time?
Please add an example how to start multiple containers.
There are no software limitations (except hardware capabilities).
Repeat steps to create a second veth interface, add it to the already-created docker bridge and create a second container with specified second veth interface
 
xh116
just joined
Posts: 15
Joined: Wed Oct 17, 2018 3:44 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:16 pm

Very nice feature to make a closed-source project flexible.
But a little suspect about the performance since the Routerboards' cpu are not that powerful..
 
loloski
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:28 pm

wow! ^_^ but the question is where is the link for container.npk? hehhehe care to share
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 5896
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:32 pm

on the same place: the download section on mikrotik website.
Last edited by rextended on Wed Sep 08, 2021 4:33 pm, edited 1 time in total.
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:33 pm

wow! ^_^ but the question is where is the link for container.npk? hehhehe care to share
It's under "Extra packages", available here (just choose the right architecture for Your device)
 
semaja2
just joined
Posts: 3
Joined: Wed Sep 08, 2021 3:50 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:39 pm

When adding container did You also specified "logging=yes"?
Yes as well as enable "container" logging under "logging"

Is it possible to attach to the container?
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:43 pm


Yes as well as enable "container" logging under "logging"

Is it possible to attach to the container?
Currently there is no option for interactive console for containers.
Please generate and send us a supout.rif file to support@mikrotik.com (referencing this forum discussion) so we can look into Your issue.
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1470
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 4:56 pm

This is fantastic work and it's going to open up so many possibilities. Thanks for the effort from the MikroTik team. 8)
Global - MikroTik Support & Consulting - English | Español | Serbian | Danish +1 855-645-7684
https://iparchitechs.com/ecosystem/mikr ... consulting mikrotiksupport@iparchitechs.com
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:00 pm

The pihole example is 384MB in size. Both CCR2004 have only 128MB of storage.
CCR1s are Tile based.

Will there be any use of the Docker feature on the Cloud Core Router devices?
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
User avatar
jvanhambelgium
Long time Member
Long time Member
Posts: 587
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:01 pm

We have similar features on eg. Cisco Catalyst 9300 models and up (in SDx fabric) where you can deploy various "apps" on the switches aka "app hosting"
There are some strict guidelines to follow and off course resource management is important (eg. apps cannot take more then 25% CPU etc)

But I like the concept and who knows when/if I migrate to RouterOS 7.x.....
 
Cablenut9
Long time Member
Long time Member
Posts: 543
Joined: Fri Jan 08, 2021 5:30 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:02 pm

Currently there is no option for interactive console for containers.
This is a deal-breaker for things like PiHole, as many management functions are handled only through the console.
Serial question asker
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:07 pm

The pihole example is 384MB in size. Both CCR2004 have only 128MB of storage.
CCR1s are Tile based.

Will there be any use of the Docker feature on the Cloud Core Router devices?
As noted here You can use external storage (via USB ports) to keep .tar files (which can be deleted after container has been created) and container data itself (by using "root-dir=" when creating a container)
 
User avatar
anthonws
Frequent Visitor
Frequent Visitor
Posts: 53
Joined: Sat Jan 09, 2016 6:46 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:08 pm

An example of how to use container package to run PiHole in RouterOS can be found here
Wow! Very interesting! One less device eating power and occupying rack space (RPi4).

Any thoughts about adding info on preferred HW for a given container? What kind of guardrails exist to ensure RouterOS works as expected?

For the ones that already tried PiHole (as an example), how is it performing (HW info also please)?

I must say I am amazed with the exhibited flexibility/extensibility from Mikrotik over the last couple of 7.1 RC releases.

Kudos to the whole team!
 
loloski
Frequent Visitor
Frequent Visitor
Posts: 96
Joined: Mon Mar 15, 2021 9:10 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:10 pm

wow! ^_^ but the question is where is the link for container.npk? hehhehe care to share
It's under "Extra packages", available here (just choose the right architecture for Your device)
Thanks a ton, this is my excuse to buy RB5009 to my wife :) and put haproxy in the container endless possibilities!!! MT you rock thanks guys!
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:13 pm

The pihole example is 384MB in size. Both CCR2004 have only 128MB of storage.
CCR1s are Tile based.

Will there be any use of the Docker feature on the Cloud Core Router devices?
Unfortunately the CCR2004 has no USB or SD card interfaces so you cannot expand the storage.
It would be possible to use ramdisk for storage when it would be made available by MikroTik (request to make ramdisk available on all models is long outstanding), but of course you would need to load it on powerup from some external source and you would lose it on power fail.
Older CCR models have USB and SD card interfaces so they can be used to expand disk storage for this purpose.
 
User avatar
Paternot
Forum Veteran
Forum Veteran
Posts: 914
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:25 pm

This is great news! And, suddenly, the RB1100AHx4 Dude Edition gets quite interesting, with its dual SATA/M2 ports! Too bad one can't upgrade RAM...
https://mikrotik.com/product/RB1100Dx4
 
felixka
just joined
Posts: 18
Joined: Mon Oct 19, 2020 4:12 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:42 pm

Unfortunately the CCR2004 has no USB or SD card interfaces so you cannot expand the storage.
Not entirely true. The CCR2004-16G-2S+ does indeed have a USB 3.0 Type A port. The CCR2004-1G-12S+2XS does not.
 
reddin
just joined
Posts: 13
Joined: Mon May 04, 2020 11:46 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 5:52 pm

Anyone managed to make dns in container work?
I added dns="1.1.1.1" to container and still no luck. This is what I get from container
ResolveHostName failed error: -3 (Try again) 22
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:00 pm

As noted here You can use external storage (via USB ports) to keep .tar files (which can be deleted after container has been created) and container data itself (by using "root-dir=" when creating a container)
So a CCR2004-16G-2S+ would be able to execute a 400MB docker image from an attached USB stick?
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
usern
just joined
Posts: 5
Joined: Sat May 30, 2020 2:37 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:01 pm

MT keeps on delivering, thanks!
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:05 pm

Currently there is no option for interactive console for containers.
This is a deal-breaker for things like PiHole, as many management functions are handled only through the console.
Create container which (with other things) includes ssh service, make container start sshd (in parallel to whatever service container is supposed to deliver, e.g. PiHole), configure DST-NAT to forward a random port to port 22 in container ... and ssh into it. It's not exactly a console, but it's command line session into container.
BR,
Metod
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:13 pm

Anyone managed to make dns in container work?
I added dns="1.1.1.1" to container and still no luck.
Of course you need to configure working routing for this kind of thing to work. Including NAT, usually. See the documentation page.
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:14 pm

So a CCR2004-16G-2S+ would be able to execute a 400MB docker image from an attached USB stick?
It will indeed be able to add a container from a image, that's on a USB drive. You can also put the whole container on a USB stick, so no container files exist on devices internal storage.
 
reddin
just joined
Posts: 13
Joined: Mon May 04, 2020 11:46 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:23 pm

Anyone managed to make dns in container work?
I added dns="1.1.1.1" to container and still no luck.
Of course you need to configure working routing for this kind of thing to work. Including NAT, usually. See the documentation page.
You were correct. Totally forgot about nat because in linux systems docker does it for you :) Thanks!
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 8827
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:27 pm

So will TILE get docker?? If so it looks like I'm docker ready
Front:
USB - can be used for storage?
Smart Card - can be used for storage?
Back:
Micro SD - can be used for storage?

Got me wondering what everybody uses these three slots for ???

docker.jpg
You do not have the required permissions to view the files attached to this post.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:30 pm

So will TILE get docker?? If so it looks like I'm docker ready
Front:
USB - can be used for storage?
Smart Card - can be used for storage?
Back:
Micro SD - can be used for storage?

Got me wondering what everybody uses these three slots for ???
Container package is available under "Extra packages". Currently the limiting factor is finding or creating a container file for said architecture.
 
r00t
Member
Member
Posts: 478
Joined: Tue Nov 28, 2017 2:14 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 6:51 pm

Currently the limiting factor is finding or creating a container file for said architecture.
Yeah, already trying to make container with basic busybox and it's not easy.
@krisjanisj:
It would be great to share basic busybox containers with SSH server for different architectures if you have them. That would make testing it on different architectures much easier.
Or at least list of architectures you have to use to make containers for different ROS devices... or some tips.
For ARM, I can probably just do it on rPI, but for others, using QEMU is an option (running MIPS and PPC versions of OpenWRT with build environment should be enough).
No idea for TILE, that's just too exotic...
 
reddin
just joined
Posts: 13
Joined: Mon May 04, 2020 11:46 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 7:24 pm

Currently the limiting factor is finding or creating a container file for said architecture.
Yeah, already trying to make container with basic busybox and it's not easy.
@krisjanisj:
It would be great to share basic busybox containers with SSH server for different architectures if you have them. That would make testing it on different architectures much easier.
Or at least list of architectures you have to use to make containers for different ROS devices... or some tips.
For ARM, I can probably just do it on rPI, but for others, using QEMU is an option (running MIPS and PPC versions of OpenWRT with build environment should be enough).
No idea for TILE, that's just too exotic...
SSH in containers isn't working right now. Just tried it.
PTY allocation request failed on channel 0 
 
infabo
Member Candidate
Member Candidate
Posts: 189
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 8:39 pm

Nice. Finally a real use-case for the USB port.
 
i15e
just joined
Posts: 2
Joined: Wed Sep 08, 2021 9:20 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 9:35 pm

This is very cool and something I've been wishing for for a long time!
1. you need a container tar archive
Are there any hard requirements on Docker-isms for the archives? Or will any generic OCI image work?
 
i15e
just joined
Posts: 2
Joined: Wed Sep 08, 2021 9:20 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 9:40 pm

SSH in containers isn't working right now. Just tried it.
PTY allocation request failed on channel 0 
Does the container have a devpts filesystem mounted? Try running:
mount | grep ^devpts
If nothing is returned then try mounting it (probably won't work given the container environment, but it's worth a shot):
mount -t devpts devpts /dev/pts
Edit: after trying things out myself tonight I was able to build a container based on the vanilla
debian
image complete with
openssh-server
and it appears to be working ok - I can SSH into it without issue.
Last edited by i15e on Thu Sep 09, 2021 8:01 am, edited 2 times in total.
 
SSadistic
just joined
Posts: 17
Joined: Mon Jun 17, 2019 1:28 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 9:45 pm

Quick question.. Can I use minidlna from docker? Can save me a lot of trouble
 
User avatar
Hominidae
Member Candidate
Member Candidate
Posts: 143
Joined: Thu Oct 19, 2017 12:50 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 08, 2021 11:21 pm

An example of how to use container package to run PiHole in RouterOS can be found here
....really great stuff coming along....but my first choice of a docker to import would have been portainer, would it not (sorry don*t have a RB to spare and try atm)?
 
User avatar
inwlan
just joined
Posts: 2
Joined: Thu Sep 09, 2021 6:32 am
Location: China BeiJing

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 6:38 am

Have successfully run independent DNS service in RouterOS
WechatIMG847.png
Docker image:https://hub.docker.com/r/nodecloud/dns
You do not have the required permissions to view the files attached to this post.
Last edited by inwlan on Thu Sep 09, 2021 6:49 am, edited 1 time in total.
keyboard
 
User avatar
inwlan
just joined
Posts: 2
Joined: Thu Sep 09, 2021 6:32 am
Location: China BeiJing

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 6:59 am

An example of how to use container package to run PiHole in RouterOS can be found here
....really great stuff coming along....but my first choice of a docker to import would have been portainer, would it not (sorry don*t have a RB to spare and try atm)?
portainer Should be unavailable ,He needs to read the docker interface
keyboard
 
reddin
just joined
Posts: 13
Joined: Mon May 04, 2020 11:46 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 8:24 am

SSH in containers isn't working right now. Just tried it.
PTY allocation request failed on channel 0 
Does the container have a devpts filesystem mounted? Try running:
mount | grep ^devpts
If nothing is returned then try mounting it (probably won't work given the container environment, but it's worth a shot):
mount -t devpts devpts /dev/pts
Edit: after trying things out myself tonight I was able to build a container based on the vanilla
debian
image complete with
openssh-server
and it appears to be working ok - I can SSH into it without issue.
Can you share it? Or at least configs :)
Cause I tried to build openssh container on debian with s6-init and had no luck.

edit: made my own image on latest debian and connected just fine. SSH is working boys!
Last edited by reddin on Thu Sep 09, 2021 9:27 am, edited 1 time in total.
 
joegoldman
Long time Member
Long time Member
Posts: 672
Joined: Mon May 27, 2013 2:05 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 9:23 am

HAHA omg the first docker im going to use is likely to be....

....unifi controller!

This is actually super handy.

Clients can have unifi controller in the router - maybe small pbx if required
Bottom of tower can have local nagios,cacti or other monitoring tools
Self hosted dynamic hotspot login webserver

I'm very curious about ALL these possibilities xD
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 10:31 am

I'm very curious about ALL these possibilities xD

I guess everybody wanting to run several apps in docker (either one super-container or several separate containers, the later will be easier to get running but consuming more resources) will soon run into RAM shortage. So containers are probably not feasible on devices with less than 256MB RAM (or even more if one wants to run wave2 wireless driver at the same time.
BR,
Metod
 
Quasar
newbie
Posts: 28
Joined: Sun Oct 05, 2014 1:11 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 10:50 am

Is Alpine working for anyone?

I saved current Alpine for armv7, which runs just fine on my aarch64 machine:
# podman pull --arch=arm --variant=v7 alpine:3.13
Resolved "alpine" as an alias (/var/cache/containers/short-name-aliases.conf)
Trying to pull docker.io/library/alpine:3.13...
Getting image source signatures
Copying blob 48fad15491f9 [--------------------------------------] 0.0b / 0.0b
Copying config 057ad4ee62 done
Writing manifest to image destination
Storing signatures
057ad4ee621986edcaa3c070eb2c7671504d67b29e8b55a077a457a5d60de603

# podman run --rm -it 057ad4ee621986edcaa3c070eb2c7671504d67b29e8b55a077a457a5d60de603 /usr/bin/id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)

# podman save 057ad4ee621986edcaa3c070eb2c7671504d67b29e8b55a077a457a5d60de603 > mikrotik_v2.tar
Copying blob dad0c8287181 done
Copying config 057ad4ee62 done
Writing manifest to image destination
Storing signatures
I then configured logging (or at least tried to) and a container:
/system/logging/export
# sep/09/2021 09:38:56 by RouterOS 7.1rc3
#
# model = RBD52G-5HacD2HnD
/system logging
add topics=container
add topics=container,debug
add topics=container,debug,info

[admin@MikroTik] /container> /container/start 0

[admin@MikroTik] /container> /container/print
 0 file=disk1/mikrotik_v2.tar name="0247c45d-bb43-4eef-bab6-37ac050b6840" tag="" os="linux" arch="arm" interface=docker-veth cmd="/usr/bin/id" mounts="" dns="" hostname="alpine" logging=yes status=stopped
The container stopped, but that is to be expected I guess - however I see *zero* messages in the logs from container (nothing related to loading, no output of /usr/bin/id)?

I was actually trying to run dropbear, but as that didn't work I figured at least /usr/bin/id should be able to output to the logs?
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 846
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 11:50 am

It works if you set the entrypoint to /usr/bin/id in the image.

Dockerfile:

FROM alpine:3.13@sha256:7bf024556a224584c0fff680d650b4be2ad560b17f6f627b11e0e2d5beb4b597

ENTRYPOINT /usr/bin/id

Build on host:

~/alpid$ docker build -t alpid .
~/alpid$ docker save alpid > alpid.tar

Transfer tar to device, then:

[admin@MikroTik] > /interface/veth/add name=veth1 address=172.17.0.2/16 gateway=172.17.0.1
[admin@MikroTik] > /interface/bridge/add name=docker
[admin@MikroTik] > /ip/address/add address=172.17.0.1/16 interface=docker
[admin@MikroTik] > /interface/bridge/port add bridge=docker interface=veth1
[admin@MikroTik] > /container
[admin@MikroTik] /container> add file=alpid.tar interface=veth1
[admin@MikroTik] /container> print
 0 file=alpid.tar name="71211403-2816-4401-bfc2-d7956679e20f" tag="alpid:latest" os="linux" arch="arm" interface=veth1 mounts="" dns="" status=stopped 
[admin@MikroTik] /container> set 0 logging=yes
[admin@MikroTik] /container> start 0
[admin@MikroTik] /container> /system logging add topics=container
[admin@MikroTik] /container> /log/print
 10:44:44 container,info,debug uid=0(root) gid=0(root)

Edit

Turns out this is not necessary, you can set the entrypoint/cmd in the container config:
On Linux:

~$ docker save alpine:3.13@sha256:7bf024556a224584c0fff680d650b4be2ad560b17f6f627b11e0e2d5beb4b597 > alpine.tar
~$ scp alpine.tar admin@MikroTik:/

On MikroTik:

/container
add cmd=/usr/bin/id file=alpine.tar interface=veth1 logging=yes
print
start 0
/log print
 08:12:03 container,info,debug uid=0(root) gid=0(root)
Last edited by nescafe2002 on Fri Sep 10, 2021 9:14 am, edited 1 time in total.
 
EduardNOV
just joined
Posts: 6
Joined: Wed Sep 01, 2021 1:57 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 1:05 pm

Hello,

How can I start autmatically container after router reboot?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6349
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 1:19 pm

system scheduler
 
wintech2003
just joined
Posts: 6
Joined: Fri Jun 09, 2006 6:56 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 1:26 pm

Great stuff, a nice use case would be running routinator (https://github.com/NLnetLabs/routinator) for RPKI https://help.mikrotik.com/docs/pages/vi ... d=59277471
 
User avatar
genesispro
Member Candidate
Member Candidate
Posts: 230
Joined: Fri Mar 14, 2014 12:33 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 2:31 pm

You gave me a reason to start using dockers !!!
Mikrotik Rulez
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 4:17 pm

Can it be that envs variables are not updated internally, when their value changes?
E.g. I have changed the variable "ServerIP" and it now looks like:
[admin@router] /container/envs> print
 0 list="pihole" name="TZ" value="Europe/Berlin" 

 1 list="pihole" name="WEBPASSWORD" value="password1" 

 2 list="pihole" name="ServerIP" value="1.2.3.4" 
 
But when I startup the container I see in the log:
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"ServerIP" => "1.2.3.4",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"ServerIP" => "1.2.3.4",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"VIRTUAL_HOST" => "1.2.3.4",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"VIRTUAL_HOST" => "1.2.3.4",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"ServerIP" => "0.0.0.0",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"ServerIP" => "0.0.0.0",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"VIRTUAL_HOST" => "0.0.0.0",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"VIRTUAL_HOST" => "0.0.0.0",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"ServerIP" => "10.0.0.212",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"ServerIP" => "10.0.0.212",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"VIRTUAL_HOST" => "10.0.0.212",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"VIRTUAL_HOST" => "10.0.0.212",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"ServerIP" => "172.17.0.2",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"ServerIP" => "172.17.0.2",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"CORS_HOSTS" => "",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"CORS_HOSTS" => "",
Sep  9 15:13:09 router container,info,debug INFO: #011#011#011"VIRTUAL_HOST" => "172.17.0.2",
Sep  9 15:13:09 router container,info,debug DEBUG: #011#011#011"VIRTUAL_HOST" => "172.17.0.2",
Which are actually all the values that I have set it to once before. Also removing the variable does not change their value.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
Babujnik
just joined
Posts: 11
Joined: Fri May 05, 2017 2:15 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 4:22 pm

from what I've seen - anytime you change variable, you need to remove and create new container.
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 4:46 pm

from what I've seen - anytime you change variable, you need to remove and create new container.
Right, that helped. Thank you!
But it's still strange. I have the tar on a USB stick and create a container using:
add envlist=pihole file=disk1/docker/pihole.tar hostname=PiHole interface=veth1 logging=yes mounts=pihole,dnsmasq.d
After removing the container twice, the internal disk filled up. It's a RB5009 with 1GB of storage and now it's full without any existing container.
You do not have the required permissions to view the files attached to this post.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 5:10 pm

After removing the container twice, the internal disk filled up.

That's a well known "feature" of docker: it doesn't automatically remove container images ... sometimes they can be re-used so I guess savings in "compile time" are the idea behind this decission. I don't know how docker images are named in ROS ... in linux they have undecryptable long names and it takes quite some effort to relate container to image. I suspect that will be impossible to do in ROS (unless MT provides a really good UI to containers), so while experimenting the best way is to clean up containers occasionally: remove containers and remove also container images (directly in /file).
BR,
Metod
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 5:27 pm

... the best way is to clean up containers occasionally: remove containers and remove also container images (directly in /file).
No chance: /file is empty. Usage says 941.9 of 1025 used.

Any no containers installed:
[admin@router] /container> export
# sep/09/2021 16:27:45 by RouterOS 7.1rc3
# software id = Y8sdfsdfS1-H5dsfdfQM
#
# model = RB5009UG+S+
# serial number = EC1dfdsfCF52
[admin@router] /container> 

You do not have the required permissions to view the files attached to this post.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 5:58 pm

I did reset the configuration and the router was empty but the space still allocated.
Then I netinstalled the device and now the space is back again.

Looks like container and variables are only added but never purged if you chance or remove them.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
hecatae
just joined
Posts: 18
Joined: Thu May 21, 2020 2:34 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 5:59 pm

Anyone tried running adguard?
https://hub.docker.com/r/adguard/adguardhome
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 6:02 pm

@dksoft
Please send us a supout.rif file to support@mikrotik.com (referencing this forum discussion) so we can have look into this, as on "/container/remove" container data should have been cleared.
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 6:37 pm

@dksoft
Please send us a supout.rif file to support@mikrotik.com (referencing this forum discussion) so we can have look into this, as on "/container/remove" container data should have been cleared.
Thanks for taking care of this. Please see SUP-59989.
But the device is already netinstalled. So I am not sure if this is of any help.
Meanwhile you could have a look at SUP-59296 :-)
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 6:54 pm

There is another problem: If you install a container to USB like root-dir=disk1/containers/pihole, a whole bunch of files are extracted.

Now if you want to add another container you get as far as "/container/add file=" then the shell hangs.
I guess this is because the command line completion scans the whole disk and directories.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
reddin
just joined
Posts: 13
Joined: Mon May 04, 2020 11:46 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 7:27 pm

Anyone tried running adguard?
https://hub.docker.com/r/adguard/adguardhome
Working just fune


Image
 
Quasar
newbie
Posts: 28
Joined: Sun Oct 05, 2014 1:11 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 9:55 pm

It works if you set the entrypoint to /usr/bin/id in the image.
Thanks a lot for the transcript. Unfortunately, it still doesn't work - I copied your commands and docker steps verbatim (also switched to docker instead of podman).

Can you upload the container tar somewhere so I can rule that out?
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 846
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 10:02 pm

Can you upload the container tar somewhere so I can rule that out?

Just uploaded here: http://www.filedropper.com/alpid
 
Quasar
newbie
Posts: 28
Joined: Sun Oct 05, 2014 1:11 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 10:11 pm

Thanks. Still doesn't work. I guess I'll contact support.
 
User avatar
Hominidae
Member Candidate
Member Candidate
Posts: 143
Joined: Thu Oct 19, 2017 12:50 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 09, 2021 10:41 pm

portainer Should be unavailable ,He needs to read the docker interface
Yes, well...if there's a docker daemon runi`nng, there needs to be a local control interface, that can be used.
Should be true for ROS "linux" as well, shouldn't it?
 
kenyloveg
Frequent Visitor
Frequent Visitor
Posts: 83
Joined: Tue Jul 14, 2009 3:25 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 6:06 am

For me, if Mikrotik implemented competitve DNS module to pihole/adguardhome/or any dns forwarders with DOH/DOT... support, I would not lay my hands on docker.
It may not be the right direction, just my 2 cents.
 
User avatar
jvanhambelgium
Long time Member
Long time Member
Posts: 587
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 8:44 am

For me, if Mikrotik implemented competitve DNS module to pihole/adguardhome/or any dns forwarders with DOH/DOT... support, I would not lay my hands on docker.
It may not be the right direction, just my 2 cents.
Mostly agree. This docker-toy may look fun, but this should be tightly controlled too. Yet another attack-vector if people start loading images coming from whatever sources.
You can turn your device into a huge security nightmare if you are not careful.
So an ecosystem of signed/audited/tested/reviewed images available for installation of some sort might be the correct approach if you are really serious about security.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 9:20 am

Thanks. Still doesn't work. I guess I'll contact support.
same here ... totally numb ... like nothing
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 9:22 am

It works ...
.
may I ask on which hardware do you startet it ?!
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
nescafe2002
Forum Veteran
Forum Veteran
Posts: 846
Joined: Tue Aug 11, 2015 12:46 pm
Location: Netherlands

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 9:26 am

Good question. It works on a hAP ac³. It also works on a RB4011 if it's the single container.

It doesn't work if you have multiple containers (start 1 actually runs iperf3)
/container> print 
 0 file=iperf.tar name="2df45158-b892-4e06-af32-9ed00c0a1b9a" tag="" os="linux" arch="arm" interface=veth1 mounts="" dns="" status=running 

 1 file=alpine.tar name="2df45158-b892-4e06-af32-9ed00c0a1b9a" tag="" os="linux" arch="arm" interface=veth2 cmd="/usr/bin/id" mounts="" dns="" 
   logging=yes status=stopped
Ah, I see I have a naming conflict.. solved by recreating container with different host name.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 11:19 am

hAP ac³ is IPQ-4019 ... my test was on hAP ac² IPQ-4018 ??
... so when it's a hardware-limitation ... probably RAM ?!
could not find a document with min. requirements running docker ( ... are there min. requirements ??)
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
Quasar
newbie
Posts: 28
Joined: Sun Oct 05, 2014 1:11 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 11:38 am

same here ... totally numb ... like nothing
I've got a very helpful response from MikroTik support which made it work (and probably makes it work for you or anyone else struggling as well).

The root-dir= parameter is used to specify the location where the container root file system is extracted (that is my observation at least). Adding root-dir=disk1/container made it work in my case.

I suppose the tar you provide is extracted to some (invisible) place on flash by default. For devices with limited storage you'll need to provide external storage.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 11:56 am

tried that too ...
next idea was to vandalize customer spare-parts and give it a try on RB1100Dx4
... but 7.1rc3 seems on hold in the moment ? ... maybe rc4 is in the oven ?
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 1:01 pm

rc3 still avail for download on the MT-website ...
and ... positive ... works on RB1100AHx4
.
[admin@MikroTik] /container> print
 0 file=alpid.tar name="2df45158-b892-4e06-af32-9ed00c0a1b9a" tag="alpid:latest" os="linux" arch="arm" interface=veth1 cmd="/usr/bin/id" mounts="" dns="" logging=yes status=stopped 
[admin@MikroTik] /container> 
[admin@MikroTik] /container> start 0
[admin@MikroTik] /container> 
11:52:51 echo: container,info,debug uid=0(root) gid=0(root)
[admin@MikroTik] /container> 
[admin@MikroTik] /container> .. system/resource/print
             uptime: 14m30s
            version: 7.1rc3 (testing)
         build-time: Sep/08/2021 10:29:39
   factory-software: 6.41.3
        free-memory: 935.7MiB
       total-memory: 1024.0MiB
                cpu: ARMv7
          cpu-count: 4
           cpu-load: 0%
     free-hdd-space: 84.0MiB
    total-hdd-space: 128.2MiB
  architecture-name: arm
         board-name: RB1100AHx4 Dude Edition
           platform: MikroTik
[admin@MikroTik] /container> 
.
so it seems hAPac² isn't part of the equation yet ... doesn't even look like a reliable container-fortress
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 25042
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 2:58 pm

Yes, why wouldn't RC3 be available? It has been released publicly
No answer to your question? How to write posts
 
kivimart
newbie
Posts: 47
Joined: Thu Oct 10, 2013 3:06 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 3:45 pm

I get this message on a hapac2 and pihole container

Fri Sep 10 12:43:36 2021 (826): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)

I have put the mount on disk1
anybody knows this mean
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 3:50 pm

I get this message on a hapac2 and pihole container

Fri Sep 10 12:43:36 2021 (826): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)

I have put the mount on disk1
anybody knows this mean
Was this with "root-dir=disk1/containers/pihole"?
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 5:26 pm

Yes, why wouldn't RC3 be available? It has been released publicly
.
.
could'nt install via winbox ... it was possible to update from 6.45 to 6.49 in winbox ...
but developement-update was stuck while "computize download size" ... something like that
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
kivimart
newbie
Posts: 47
Joined: Thu Oct 10, 2013 3:06 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 5:32 pm

I get this message on a hapac2 and pihole container

Fri Sep 10 12:43:36 2021 (826): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)

I have put the mount on disk1
anybody knows this mean
Was this with "root-dir=disk1/containers/pihole"?
root-dir=disk1/containers/pihole
Its the same

On a USB formated to ext3
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 5:44 pm

could'nt install via winbox ... it was possible to update from 6.45 to 6.49 in winbox ...
but developement-update was stuck while "computize download size" ... something like that
You cannot upgrade from v6 to v7 that way. You need to download the appropriate v7 package from the website, upload it to the router, and reboot.
Once you are on a v7 version you can (usually, unless something was broken) do those in-place upgrades via winbox again.
 
mhaluska
just joined
Posts: 11
Joined: Sat Jun 13, 2020 1:20 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 6:03 pm

This docker implementation looks nice, but I don't think it's good idea, plus I think Mikrotik should invest their development time on more important RouterOS things - like they did with ZeroTier. It makes no sense to use docker container on some boards (maybe most of them) due to low memory or no HDD/SSD/USB available. I can find use case on my CCR2004-12S+ for example for pihole, but with missing USB there is no place for data, even if there will be, I'll not want to wear internal NAND. Isn't better buy cheap RaspberryPi (or 2 for HA) for this purpose? I expect/hope Mikrotik will be releasing new HW capable to use this feature.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 6:47 pm

This docker implementation looks nice, but I don't think it's good idea, plus I think Mikrotik should invest their development time on more important RouterOS things - like they did with ZeroTier.
To the contrary! When the docker implementation had been made earlier, MikroTik would have had zero development time to invest on things like ZeroTier, that could have been entirely made by the company behind it and released as a docker container.
I thin the docker container is the greatest addition to RouterOS made in a long time.
 
r00t
Member
Member
Posts: 478
Joined: Tue Nov 28, 2017 2:14 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 7:10 pm

Single purpose containers can be very small, easily fitting into devices even with just 16MB of flash. I'm trying to get UDPXY working and it's looking like it will be <100kB container. Same for things like MQTT. Tiny containers with just a single compiled program and minimum required chroot. Sure, you CAN run huge applications as containers, but you don't have to. There's a lot of tiny programs that will greatly improve ROS functionality and finally we can run them without ugly overhead of VM.
 
User avatar
jvanhambelgium
Long time Member
Long time Member
Posts: 587
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 7:30 pm

Single purpose containers can be very small, easily fitting into devices even with just 16MB of flash. I'm trying to get UDPXY working and it's looking like it will be <100kB container. Same for things like MQTT. Tiny containers with just a single compiled program and minimum required chroot. Sure, you CAN run huge applications as containers, but you don't have to. There's a lot of tiny programs that will greatly improve ROS functionality and finally we can run them without ugly overhead of VM.
for example, getting a MQTT container "up" is 1 thing, but still Mikrotik will have to do RouterOS development for integration. You want your MQTT to be able to publish some events coming out of RouterOS or react to some events on its suscribed topics.
With something like a "Pihole" container its more easy because there is already some DNS "logic" in RouterOS where you can set DNS-servers and have the pihole-container handle it from there. The rest is routing etc.
A mDNS-proxy (eg. Avahi) would also be quite autonomous as long as you can give it 2 interfaces across 2 different networks to do its magic. No real "hooks" into RouterOS needed aparte from the networking side.

Agree the overhead is very very low.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 7:43 pm

### snip ###
You cannot upgrade from v6 to v7 that way. You need to download the appropriate v7 package from the website, upload it to the router, and reboot.
Once you are on a v7 version you can (usually, unless something was broken) do those in-place upgrades via winbox again.
[/quote]
.
pretty shure I made exactly the same thing, with my hapac² yesterday ... but nobody knows ... it's the devil ... all the time
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 10, 2021 8:02 pm

### snip ###
To the contrary! When the docker implementation had been made earlier, MikroTik would have had zero development time to invest on things like ZeroTier, that could have been entirely made by the company behind it and released as a docker container.
I thin the docker container is the greatest addition to RouterOS made in a long time.
.
guess this is an evolutionary process ... MT had LUA support earlier (even netzilla had LUA support in their famous PIX/ASA'saurus-family)
... what happens, when the next-big-thing comes up ? ... and docker goes to the 'lebenshof' ?
'python' 'go' 'rust' ... 'ruby-on-rails*' (nobody knows anymore*)
.
there's always coffee in the cup ... principles ... (not like "real principles") never change
... and whats real ? ... (even this time ?) basically nothing ...
[guess this is ... already ... the weekend-chablis]
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
kayzersoze86
just joined
Posts: 3
Joined: Thu Aug 19, 2021 6:08 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 11:28 am

The usecase for pihole docker is not usable on rb4011. Since the device has only 512mb of usable space when extracting the image.tar, the device runs out of space. No usb or sdcard interface. Any way to mount a external file system only to host the tar files?
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 12:01 pm

The usecase for pihole docker is not usable on rb4011. Since the device has only 512mb of usable space when extracting the image.tar, the device runs out of space. No usb or sdcard interface. Any way to mount a external file system only to host the tar files?
The Pihole developers or some other contributor should develop a more lean version that is geared towards running in a container with minimal size.
 
zainarbani
just joined
Posts: 22
Joined: Thu Jul 22, 2021 9:42 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 3:10 pm

Awesome

Image
 
ntblade
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Mon Oct 01, 2012 2:47 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 3:45 pm

Hi all,
I've tried several times following the pihole example but my container doesn't start and there's no logging. I'm using a USB flash drive as the root:
/container mounts
add dst=/etc/pihole name=pihole src=disk1/containers/pihole
add dst=/etc/dnsmasq.d name=dnsmasq.d src=disk1/containers/dnsmasqd
/container
add envlist=pihole file=disk1/containers/pihole/pihole.tar hostname=PiHole interface=veth1 logging=yes mounts=pihole,dnsmasq.d root-dir=disk1/containers/pihole
/container envs
add list=pihole name=TZ value=Europe/London
add list=pihole name=ServerIP value=172.17.0.2
add list=pihole name=WEBPASSWORD value=********

/system logging
add topics=container
Running on RB3011, fresh install

Any ideas anyone?
Thanks,
N
 
kivimart
newbie
Posts: 47
Joined: Thu Oct 10, 2013 3:06 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 8:20 pm

Hi all,
I've tried several times following the pihole example but my container doesn't start and there's no logging. I'm using a USB flash drive as the root:
/container mounts
add dst=/etc/pihole name=pihole src=disk1/containers/pihole
add dst=/etc/dnsmasq.d name=dnsmasq.d src=disk1/containers/dnsmasqd
/container
add envlist=pihole file=disk1/containers/pihole/pihole.tar hostname=PiHole interface=veth1 logging=yes mounts=pihole,dnsmasq.d root-dir=disk1/containers/pihole
/container envs
add list=pihole name=TZ value=Europe/London
add list=pihole name=ServerIP value=172.17.0.2
add list=pihole name=WEBPASSWORD value=********

/system logging
add topics=container
Running on RB3011, fresh install

Any ideas anyone?
Thanks,
N
Create the folders on the usb that your config points to, and put the tar file in container root so it not will get deleted when you delete the container.
 
devin122
just joined
Posts: 8
Joined: Sat Sep 11, 2021 8:36 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 8:40 pm

Anybody have any luck with mips? I created a container from the openwrt mips imagebut after running `/container start 0` but the container still says its stopped, and nothing is showing up in the logs
 
User avatar
jr0dd
just joined
Posts: 13
Joined: Fri Feb 10, 2017 4:46 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 11, 2021 8:43 pm

Time to get CoreDNS loaded with k8s_gateway. 🚀
Although I would have rather seen podman instead of docker with the direction docker is going with subscriptions.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 1:18 am

hAP ac³ is IPQ-4019 ... my test was on hAP ac² IPQ-4018 ??
... so when it's a hardware-limitation ... probably RAM ?!
could not find a document with min. requirements running docker ( ... are there min. requirements ??)
.
case closed ... filesystem related !!? ... reformated the usb-flash drive: problem solved ... ffin' simple
.
[admin@hapac2] /container> add file=zdisk2/alpine-pex.tar interface=veth1 cmd="/bin/ping 192.168.222.254" root-dir=zdisk2/container/alpine logging=yes hostname=alp
[admin@hapac2] /container> start 0
[admin@hapac2] /container> 
00:05:34 echo: container,info,debug PING 192.168.222.254 (192.168.222.254): 56 data bytes
00:05:34 echo: container,info,debug 64 bytes from 192.168.222.254: seq=0 ttl=255 time=0.827 ms
[admin@hapac2] /container> 
00:05:35 echo: container,info,debug 64 bytes from 192.168.222.254: seq=1 ttl=255 time=0.448 ms
[admin@hapac2] /container> 
00:05:41 echo: container,info,debug 64 bytes from 192.168.222.254: seq=7 ttl=255 time=0.405 ms
[admin@hapac2] /container> 
00:05:42 echo: container,info,debug 64 bytes from 192.168.222.254: seq=8 ttl=255 time=0.417 ms
[admin@hapac2] /container> stop 0

00:05:44 echo: container,info,debug 64 bytes from 192.168.222.254: seq=10 ttl=255 time=0.430 ms
[admin@hapac2] /container> 
00:05:47 echo: container,info,debug 64 bytes from 192.168.222.254: seq=13 ttl=255 time=0.423 ms
[admin@hapac2] /container>
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 1:37 am

Huh I've been trying to run a container in my RB750Gr3 but seems like docker images like hello or busybox etc.. only have mips64le. Seems like I have to create images from scratch.
 
devin122
just joined
Posts: 8
Joined: Sat Sep 11, 2021 8:36 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 1:49 am

Huh I've been trying to run a container in my RB750Gr3 but seems like docker images like hello or busybox etc.. only have mips64le. Seems like I have to create images from scratch.
openwrt has rootfs images, however it looks like docker only supports mips64[le] https://github.com/docker/cli/blob/a32c ... til.go#L22 If you try anything else you get "unsupported os/arch combination: ..."
 
ntblade
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Mon Oct 01, 2012 2:47 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 1:34 pm

@kivimart, thanks for the reply

Started again from scratch and after wait extraction seems complete one of my CPUs is constantly utilising a lot of "management"
console         0  0%   
ssh             0  0%   
networking      0  0%   
winbox          0  0%   
management      0  8%   
profiling       0  0%   
unclassified    0  2%   
cpu0               10%  
lcd             1  0%   
console         1  0%   
ssh             1  0%   
networking      1  0.5% 
logging         1  0%   
management      1  73%  
unclassified    1  17.5%
cpu1               91%  
And I get an error when starting.
[admin@RouterOS] > container/start number=0 ;log/print follow-only 

11:24:16 container,info,debug exec: Exec format error 
11:24:16 container,info,debug close: Bad file descriptor 
Thanks
N
 
SSadistic
just joined
Posts: 17
Joined: Mon Jun 17, 2019 1:28 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 5:01 pm

Anyone tried running adguard?
https://hub.docker.com/r/adguard/adguardhome
Working just fune


Image
Can you give a quickl tutorial, please
 
shom
just joined
Posts: 1
Joined: Sun Sep 12, 2021 6:13 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 6:21 pm

How to mount a file instead of a folder ?
I want mount config.json
[admin@MikroTik] > container/mounts/print 
 0 name="godns" src="/config.json" dst="/etc/config.json" 
log
Error occurs while reading config file, please make sure config file exists!
time="2021-09-12T15:10:41Z" level=fatal msg="open ./config.json: no such file or directory"
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 12, 2021 9:05 pm

How to mount a file instead of a folder ?

You can't. The way linux works is that you can only mount a folder. Because mount point is always a folder. Usually application, run inside container, wants to open configuration file.

So you'll have to prepare a folder containing configuration file and mount that folder.
BR,
Metod
 
wtraylor
just joined
Posts: 2
Joined: Mon Oct 08, 2018 2:47 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 12:39 am

Has anyone managed to build your own container for mips architecture?
Last edited by wtraylor on Mon Sep 13, 2021 9:18 pm, edited 1 time in total.
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 9:39 am

@kivimart, thanks for the reply

Started again from scratch and after wait extraction seems complete one of my CPUs is constantly utilising a lot of "management"
console         0  0%   
ssh             0  0%   
networking      0  0%   
winbox          0  0%   
management      0  8%   
profiling       0  0%   
unclassified    0  2%   
cpu0               10%  
lcd             1  0%   
console         1  0%   
ssh             1  0%   
networking      1  0.5% 
logging         1  0%   
management      1  73%  
unclassified    1  17.5%
cpu1               91%  
And I get an error when starting.
[admin@RouterOS] > container/start number=0 ;log/print follow-only 

11:24:16 container,info,debug exec: Exec format error 
11:24:16 container,info,debug close: Bad file descriptor 
Thanks
N
The error means that either .tar file is corrupted/incomplete or build for the wrong arch
 
schadom
Member Candidate
Member Candidate
Posts: 156
Joined: Sun Jun 25, 2017 2:47 am
Location: Austria

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 2:25 pm

 
dnoguera80
Trainer
Trainer
Posts: 1
Joined: Tue Mar 12, 2019 6:33 pm
Location: Spain
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 5:56 pm

thanks guys, this is a breakthrough, you could use an x86 server to create small microservices.

I have done several tests and installed an ubuntu, this enables to use apt-get command to install anything (as long as it is supported) wordpress, mysql, python, etc ....
You do not have the required permissions to view the files attached to this post.
 
brotherdust
Member Candidate
Member Candidate
Posts: 118
Joined: Tue Jun 05, 2007 1:31 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 10:09 pm

I was going to ask the same thing. My guess is that containers aren’t allowed to make changes to the RouterOS routing table. This is based on the fact that one has to manually create interfaces for the containers. A workaround to this is to simply bridge physical interfaces with container interfaces. Not optimal as it’s going to have to copy each and every packet from one interface to the other.

Anyone else try this? If not, I might give it a go this week.
 
biomesh
Member
Member
Posts: 378
Joined: Fri Feb 10, 2012 8:25 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 11:15 pm

Here is my config for the nextdns client for use on CHR. The nextdns client does have builds for ARM, so for those interested it would probably work there as well.

Dockerfile:
FROM debian:bullseye-slim
RUN apt-get update && apt-get install -y apt-transport-https curl && \ 
        curl -o /usr/share/keyrings/nextdns.gpg https://repo.nextdns.io/nextdns.gpg && \
        echo "deb [signed-by=/usr/share/keyrings/nextdns.gpg] https://repo.nextdns.io/deb stable main" | tee /etc/apt/sources.list.d/nextdns.list && \
        apt-get update && apt-get install -y nextdns    
EXPOSE 53/tcp 53/udp
CMD /usr/bin/nextdns run ${NEXTDNS_ARGUMENTS} -config ${NEXTDNS_ID}
Commands on CHR:
/interface bridge
add name=docker
/ip address
add address=172.17.0.1/16 interface=docker network=172.17.0.0
/interface veth
add address=172.17.0.2/16 gateway=172.17.0.1 name=veth1
/interface bridge port
add bridge=docker interface=veth1

/container envs
add list=nextdns name=NEXTDNS_ARGUMENTS value="-listen :53 -cache-max-age 0s -\
    report-client-info=true -detect-captive-portals=false -control /var/run/ne\
    xtdns.sock -timeout 5s -max-inflight-requests 256 -auto-activate=false -lo\
    g-queries=false -cache-size 10MB -max-ttl 0s -discovery-dns -use-hosts=false"
add list=nextdns name=NEXTDNS_ID value=abc123

/container
add dns=192.168.20.5,192.168.20.10 envlist=nextdns file=nextdns-09132021v1.tar \
    interface=veth1 logging=yes

/ip firewall nat
add action=masquerade chain=srcnat src-address=172.17.0.0/16
add action=dst-nat chain=dstnat dst-address=192.168.30.20 dst-port=53 \
    protocol=tcp to-addresses=172.17.0.2 to-ports=53
add action=dst-nat chain=dstnat dst-address=192.168.30.20 dst-port=53 \
    protocol=udp to-addresses=172.17.0.2 to-ports=53

/container start 0
 
almeiras
newbie
Posts: 32
Joined: Fri Nov 15, 2019 9:16 pm
Location: Spain

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 11:51 pm

NO, PLEASE NO!

dumb user still exist...
Device "bricked" because the space is depleted (hAP ac)...
Image
viewtopic.php?f=2&t=178319
DAMN IT! Me too... I just bricked my RB4011. I uploaded a .tar image too big. Container status never changed to "stopped" so I continued doing other things. When I restarted the router... silence. I'll try to unbrick.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 13, 2021 11:52 pm

Has anyone managed to build your own container for mips architecture?
.
... guess the most un-thorny way would be installing qemu ...
running an open-wrt mips guest
installing docker-support
building a container
and copy it over to your target system
.
... if you're done ... copy it to a cloud-drive ...
... and I give it a check
.
(please:
- rancid-with-git;
- freeradius 802.1x-proxy
... and a
- full-featured frad-ldap-kerberos-AD-policy-daemon : )
.
docker-maybe.jpg
You do not have the required permissions to view the files attached to this post.
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
joegoldman
Long time Member
Long time Member
Posts: 672
Joined: Mon May 27, 2013 2:05 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 1:49 am

Because it supports protocols that RouterOS doesn't?

As someone else alluded to - it runs contained so it won't affect the RouterOS routing table directly, but you could use a diff protocol to talk between your router and container, then the container use its different route protocols to build up its own route table and share those routes to RouterOS. Very hacky though.
 
rplant
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Fri Sep 29, 2017 11:42 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 3:49 am

Some issues:
Hap AC^2

Installed iperf3 docker container per
viewtopic.php?f=1&t=178383&sid=e0768ea7 ... 4460fe602c

Good when its working.

Doesn't remember the container setup properly on /system/ reboot.

Before Reboot

/container
add envlist=iperf file=disk1/docker/iperf.tar hostname=iperf interface=veth1 logging=yes \
root-dir=disk1/docker/iperf-r

After Reboot

/container
add envlist=iperf file=disk1/docker/iperf.tar root-dir=disk1/docker/iperf-r

Often gets into a mode (after running an iperf3 test) where looks to be using 1 core fully, and then router reboots.
and usually (eventually) deletes the root-dir folder.

** Also needs a disabled=yes option **
so on reboot it only attempts to start not disabled containers

** Actually perhaps a start mode setting like a windows service might be good.
automatic, delayed, manual, disabled
**
Last edited by rplant on Thu Sep 16, 2021 6:15 am, edited 2 times in total.
 
mkx
Forum Guru
Forum Guru
Posts: 6666
Joined: Thu Mar 03, 2016 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 8:13 am

Because it supports protocols that RouterOS doesn't?

I wonder what's the point? Running container with routing engine ... on a router?

Why not take a decent RPI (more RAM, user can choose decently sized storage) and run FRR there? Pair RPI with a decent managed switch and you have a winning combination if you really need all those routing gems not available in ROS.
BR,
Metod
 
schadom
Member Candidate
Member Candidate
Posts: 156
Joined: Sun Jun 25, 2017 2:47 am
Location: Austria

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 9:24 pm



Because it supports protocols that RouterOS doesn't?

I wonder what's the point? Running container with routing engine ... on a router?

Why not take a decent RPI (more RAM, user can choose decently sized storage) and run FRR there? Pair RPI with a decent managed switch and you have a winning combination if you really need all those routing gems not available in ROS.

Because I really love the Mikrotik hardware, but profoundly hate RouterOS.
If one could easily run Debian and frr on Mikrotik hardware, this would be insane!

Unfortunately I don't think that will ever happen...
 
wtraylor
just joined
Posts: 2
Joined: Mon Oct 08, 2018 2:47 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 9:48 pm

The idea to use openwrt the container build process is interesting! I looked into it and unfortunately it's going to be more complicated than that because it seems it relies on upstream base images, and there are no prebuild base images for mips big endian. All seem to be mipsle, and outdated (though that's not necessarily a problem.) For example Debian mips was last available for Buster (Debian 10.) I can probably use the Debian distro build scripts with some modifications to create a mipsbe image to be used as a base container for the Mikrotik. I looked into many distributions (Debian, Ubuntu, Gentoo, Fedora) and haven't found anything ready in mipsbe and Debian seems the most ready to work with. If anyone knows of a base image built for mips be, or a build process ready to go to build one from another distro that could be adapted, please let me know. Otherwise I'll probably do what I just described to try to make a mipsbe base image build from Debian Buster.

Has anyone managed to build your own container for mips architecture?
.
... guess the most un-thorny way would be installing qemu ...
running an open-wrt mips guest
installing docker-support
building a container
and copy it over to your target system
.
... if you're done ... copy it to a cloud-drive ...
... and I give it a check
.
(please:
- rancid-with-git;
- freeradius 802.1x-proxy
... and a
- full-featured frad-ldap-kerberos-AD-policy-daemon : )
.
docker-maybe.jpg
 
Z0ltan
just joined
Posts: 16
Joined: Sat Dec 15, 2018 3:07 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 10:56 pm



Because I really love the Mikrotik hardware, but profoundly hate RouterOS.
If one could easily run Debian and frr on Mikrotik hardware, this would be insane!

Unfortunately I don't think that will ever happen...
It already happened: https://www.earth.li/~noodles/blog/2020 ... nline.html
 
planetcoop
Member Candidate
Member Candidate
Posts: 138
Joined: Thu May 15, 2014 2:32 pm
Location: Sacramento, CA

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 11:06 pm

Discussion topic about release from here:
viewtopic.php?f=1&t=178341

Manual (being updated): https://help.mikrotik.com/docs/x/KYAPBQ

1. you need a container tar archive
2. relevant menus:
 
  interface/veth
  container
3. super basic example:
1. Get Docker image as tar archive and copy to router (currently there is no 'pull' command in RouterOS, so containers should be exported from a working Docker environment). Also note that container's architecture should match with the router's.
-----------------------------------------------------

  $ docker pull docker/example-container
  $ docker save docker/example-container > my-container.tar

2. Add veth interface for the container
---------------------------------------

  [admin@MikroTik] > /interface/veth/add name=veth1 address=172.17.0.2/16 gateway=172.17.0.1


3. Create bridge for containers and add veth to it
--------------------------------------------------

  [admin@MikroTik] > /interface/bridge/add name=docker
  [admin@MikroTik] > /ip/address/add address=172.17.0.1/16 interface=docker
  [admin@MikroTik] > /interface/bridge/port add bridge=docker interface=veth1


4. Setup NAT for outgoing traffic
---------------------------------

  [admin@MikroTik] > /ip/firewall/nat/add chain=srcnat action=masquerade src-address=172.17.0.0/16


5. Create environment variables for container if needed
-------------------------------------------------------

  [admin@MikroTik] > /container/envs/add list=foo name=SECRET value=12345678
  [admin@MikroTik] > /container/envs/add list=foo name=FOO value=bar


6. Define mounts if needed
--------------------------

  [admin@MikroTik] > /container/mounts/add name=etc src=disk1/etc dst=/etc
  [admin@MikroTik] > /container/mounts/add name=opt src=disk1/opt dst=/opt

If ``src`` directory does not exist on first time use then it will be populated
with whatever container have in ``dst`` location.


7. Create container from image tar
----------------------------------

  [admin@MikroTik] > /container/add file=my-container.tar interface=veth1 envlist=foo root-dir=disk1/foo mounts=etc,opt

Use ``logging=yes`` to see container output in log with tags
``container,debug,info``.


8. Make sure container has been added and status is stopped
-----------------------------------------------------------

  [admin@MikroTik] > container/print

9. Redirect port 8080 traffic to container
------------------------------------------

  [admin@MikroTik] > /ip/firewall/nat/add chain=dstnat action=dst-nat to-addresses=172.17.0.2 to-ports=80 protocol=tcp dst-port=8080


10. Start container
-------------------

  [admin@MikroTik] > /container/start 0
normis - will there be pull support in the future? Im have tested a number of containers since the 7.1rc3 release and really look forward to the feature, just wish it had pull support. :)
 
User avatar
Xtreme512
Frequent Visitor
Frequent Visitor
Posts: 92
Joined: Sun Jun 08, 2014 2:43 pm
Location: Nicosia, CY
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 14, 2021 11:45 pm

Here is my config for the nextdns client for use on CHR. The nextdns client does have builds for ARM, so for those interested it would probably work there as well.

Dockerfile:
FROM debian:bullseye-slim
RUN apt-get update && apt-get install -y apt-transport-https curl && \ 
        curl -o /usr/share/keyrings/nextdns.gpg https://repo.nextdns.io/nextdns.gpg && \
        echo "deb [signed-by=/usr/share/keyrings/nextdns.gpg] https://repo.nextdns.io/deb stable main" | tee /etc/apt/sources.list.d/nextdns.list && \
        apt-get update && apt-get install -y nextdns    
EXPOSE 53/tcp 53/udp
CMD /usr/bin/nextdns run ${NEXTDNS_ARGUMENTS} -config ${NEXTDNS_ID}
Commands on CHR:
/interface bridge
add name=docker
/ip address
add address=172.17.0.1/16 interface=docker network=172.17.0.0
/interface veth
add address=172.17.0.2/16 gateway=172.17.0.1 name=veth1
/interface bridge port
add bridge=docker interface=veth1

/container envs
add list=nextdns name=NEXTDNS_ARGUMENTS value="-listen :53 -cache-max-age 0s -\
    report-client-info=true -detect-captive-portals=false -control /var/run/ne\
    xtdns.sock -timeout 5s -max-inflight-requests 256 -auto-activate=false -lo\
    g-queries=false -cache-size 10MB -max-ttl 0s -discovery-dns -use-hosts=false"
add list=nextdns name=NEXTDNS_ID value=abc123

/container
add dns=192.168.20.5,192.168.20.10 envlist=nextdns file=nextdns-09132021v1.tar \
    interface=veth1 logging=yes

/ip firewall nat
add action=masquerade chain=srcnat src-address=172.17.0.0/16
add action=dst-nat chain=dstnat dst-address=192.168.30.20 dst-port=53 \
    protocol=tcp to-addresses=172.17.0.2 to-ports=53
add action=dst-nat chain=dstnat dst-address=192.168.30.20 dst-port=53 \
    protocol=udp to-addresses=172.17.0.2 to-ports=53

/container start 0
about time someone tried to use nextdns. is it working well? sending client device names etc?
I Walk Alone
 
biomesh
Member
Member
Posts: 378
Joined: Fri Feb 10, 2012 8:25 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 1:21 am

about time someone tried to use nextdns. is it working well? sending client device names etc?
It works just like the nextdns client that I run on some raspberrypis - no problems at all.
 
damianivereigh
just joined
Posts: 15
Joined: Sun May 22, 2016 1:06 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 2:48 am

Adding docker to RouterOS opens up some interesting possibilities that I am wondering if Mikrotik are going to explore. Namely allowing a docker to get deeper into the workings of the RouterOS configuration (with appropriate permission of course). The low level packet manipulation of RouterOS is great but some of it's higher level features, like DHCP (e.g. adding traffic queues via radius) are missing features and if nothing else are complex to setup.

It would be awesome to optionally be able to offload these higher level features to docker where it would for example handle the DHCP requests and make the appropriate RouterOS config changes to suit. Others have mentioned running FRR, which essentially is also a high level application - having the ability of a docker container to add and remove dynamic routes from the routing table.

Because docker could run people's own software (or there may even be a place for a commercial market), much more complex and sophisticated things could done on the Mikrotik's without them having to decide if a feature is worth implementing and supporting.

On further thinking this could be mostly done with the docker talking through the API. However there would be a problem with figuring out the current state. Dynamic config entries are automatically wiped when ROS restarts whereas config entries created via the API would not. It would be hard for a docker to figure out it's state given there is no search pattern match functionality in the API (so you couldn't match on say a comment hashtag). It would be great if you could create dynamic entries through the API (or ones that could be tagged in a way that the docker could start by saying "give me a list of all the configs I created before").
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 11:33 am

While the matching capabilities of the API are quite limited, in many cases you can match what is possible in the query, then retrieve the entire matched list and do the remainder of the matching in the client.
I have made several API programs (on external systems so far) that work this way, and it should work fine unless you are manipulating very long lists and want to see only a very small part of it.
For example, for some purpose I want to list open IPsec connections through a NAT router. In the API I query I query /ip/firewall/connection/print and there I match on protocol=udp and seen-reply=true, retrieve that entire list and in the client I match dst-address~":4500$".
Of course this means I am potentially retrieving a long list, but at least I cut out the tcp connections before transferring it (about 3/4 in our router). It handles lists of thousands of items just fine, but of course with hundreds of thousands of items that could be different.
 
User avatar
floaty
Member Candidate
Member Candidate
Posts: 268
Joined: Sat Oct 20, 2018 1:24 am
Location: 52°08'32.34"N 14°39'05.0"E

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 4:21 pm

... no prebuild base images for mips big endian. All seem to be mipsle, and outdated (though that's not necessarily a problem.) For example Debian mips was last available for Buster (Debian 10.)
.
indeed ... seems a mips-device isn't the golden choice to start a "mikrotik-docker-career",
since I'm a bloody docker-newbie I've build my first test-containers for my armv7-devices on a QNAP, which has pull-feature and the ability to export self-cooked docker-images
... not shure if there is similiar 'pre-supported' hardware out there for MIPS



.
~~
We know what happens to people who stay in the middle of the road. They get run over.
 
devin122
just joined
Posts: 8
Joined: Sat Sep 11, 2021 8:36 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 6:00 pm

The idea to use openwrt the container build process is interesting! I looked into it and unfortunately it's going to be more complicated than that because it seems it relies on upstream base images, and there are no prebuild base images for mips big endian.
I've been using the mips_24kc-21.02.0 tag on https://hub.docker.com/r/openwrtorg/rootfs . However it appears to be a dead end at the moment as it looks like the mips kernel on the current release is not built with proper support for containers (viewtopic.php?f=1&t=178516)
 
rjow2021
newbie
Posts: 49
Joined: Thu Nov 19, 2020 6:26 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 6:16 pm

I run AdGuard Home on a Windows 10 box, but there is a docker image available.

How would an RB4011 fair with AdGuard Home docker installed, in docker, with OISD (8.7MB) block list?

Would this be possible?
 
User avatar
jvanhambelgium
Long time Member
Long time Member
Posts: 587
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 15, 2021 6:26 pm

How it resource-management done on the way the docker/containerisation is implemented ?
What amount of resources (% cpu, i/o , mem) are maximum allowed to be consumed or is there no protection again resource-hoggers?
Because in principle, the routerOS core tasks must not be impacted if some container runs into issues, starts looping forever etc,etc.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 10:24 am

Linux is a multitasking operating system and has scheduling algorithms that make sure that all tasks get some CPU time, unless major foul-ups have been made setting realtime priority.
Even when one "regular" process (which I assume the containers are) is using 100% CPU, other similar processes still get CPU time.
It is like a process asking 100% CPU automatically gets a slightly lower priority than all others, so that it does not get 100% but rather "all remaining time".
That has always been the case in Linux (and Unix). On a typical Linux system there is more to fear from programs that use 100% of the disk bandwidth (either through file I/O or through swapping) than from programs using 100% CPU.
 
ParSor2
just joined
Posts: 2
Joined: Thu Sep 16, 2021 10:32 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 11:11 am

@kivimart, thanks for the reply
[admin@RouterOS] > container/start number=0 ;log/print follow-only 

11:24:16 container,info,debug exec: Exec format error 
11:24:16 container,info,debug close: Bad file descriptor 
Thanks
N
The error means that either .tar file is corrupted/incomplete or build for the wrong arch
The reason is not in a broken .tar file, but in free space on the main disk. I have CHR, I install containers on an additional disk, but they deploy something on the main one. I saw that there was 0% free space on it. Removing all containers did not help, /files/print is empty, but there is no free space, reboot does not help, after installation and reboot, the containers have status = extracting.
Solution: I took the x86 .iso file, installed it on the 1Gb disk and all containers started working.

Another bug:
Using "root-dir" expands a huge number of files. When "/files" starts, the CPU load becomes 100% and either WinBox crashes or the VM is completely overloaded.
 
kowal
just joined
Posts: 21
Joined: Sun Jul 06, 2014 2:23 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 5:12 pm

Maybe I'm doing something wrong.
After creating package with docker on windows, using links from wiki (not current) for arm architecture and putting it on hAP ac3 it always tells that it's build for amd64 not arm.
But unpacking pihole.tar and revieving files reveals that is buld for arm, amd64 is mentioned only in one *json file.
So if it's built for arm, i've changed that line in *json file and tried starting container. It creates some files and stops without any error.
Previously with first-build arm (in RoS it shows still amd64) when I tried to start container it showed eroor "bad file descriptor" but only once - removing, recreating containers using same file do not give any errors.

It's even possible that running:
arm
    docker pull pihole/pihole:latest@sha256:381a39fc1a131e5fa1bb7e1ea6241147758c61206ffa851446a3737c61cf4162
    docker save pihole/pihole:latest > pihole.tar
can build image for amd64 instead of arm? Size of package in my example is 340MB.

Maybe somebody who tried using docker will provide built image? I'm running out of ideas what's wrong...
You do not have the required permissions to view the files attached to this post.
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 5:42 pm

Try using docker pull --platform arm pihole/pihole instead of hash code.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 5:46 pm

Another bug:
Using "root-dir" expands a huge number of files. When "/files" starts, the CPU load becomes 100% and either WinBox crashes or the VM is completely overloaded.
Spoiler: Fixed in rc4
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
kowal
just joined
Posts: 21
Joined: Sun Jul 06, 2014 2:23 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 6:23 pm

Try using docker pull --platform arm pihole/pihole instead of hash code.
It doesn't help, it still shows amd64, I will try on another PC with fresh docker install
 
dksoft
Member Candidate
Member Candidate
Posts: 108
Joined: Thu Dec 06, 2012 8:56 am
Location: Germany

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 6:37 pm

Try using docker pull --platform arm pihole/pihole instead of hash code.
It doesn't help, it still shows amd64, I will try on another PC with fresh docker install
Check with docker images and remove all before pulling a cross platform one. That helped me getting it the other way, e.g. from arm to arm64.
Setup: Dt. Telekom FTTH, CCR2004, CRS317, CRS328-24P-4S+RM, multiple WAP AC via CAPsMAN. MCTNA
 
kowal
just joined
Posts: 21
Joined: Sun Jul 06, 2014 2:23 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 16, 2021 8:36 pm

I'm getting out of ideas - it still builds version for amd64, even on PC with fresh docker installed.
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 17, 2021 9:49 am

The `type=amd64` for PiHole containers is gonna be for every package they publish on every arch and can be ignored. Unfortunately that is a quirk and/or a bug on their end.
As for why pihole container would not run - please create a supout.rif file and send it to support@mikrotik.com (mentioning this forum discussion) so we can look into it.
 
zainarbani
just joined
Posts: 22
Joined: Thu Jul 22, 2021 9:42 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 17, 2021 10:45 am

I'm getting out of ideas - it still builds version for amd64, even on PC with fresh docker installed.
its arm or arm64 board btw?

try pull 2021.09-armhf-buster tag,
or just this, https://dockerimagesave.akiel.dev/downl ... er.tar.zip (extract from .zip).
 
kowal
just joined
Posts: 21
Joined: Sun Jul 06, 2014 2:23 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 17, 2021 4:37 pm

Thanks for that build.

After contacting Mikrotik Support, we have tracked the isssue( thanks Krisjanis!)
The issue was filesystem on external USB storage - it was FAT32, I've missed that when formatting disk to use as container storage.
After change of filesystem to ext3 container files have been unpacked properly and container finally works.
So always check filesystem on external storages :)
 
ParSor2
just joined
Posts: 2
Joined: Thu Sep 16, 2021 10:32 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 18, 2021 10:41 am

Bug:
the command "/interface/veth/set address =" does not actually change the address
[admin@RouterOS] > /interface/veth/add name=veth1 address=10.10.0.2/16 gateway=10.10.0.1
[admin@RouterOS] > /interface/bridge/add name=docker
[admin@RouterOS] > /ip/address/add address=10.10.0.1/16 interface=docker
[admin@RouterOS] > /interface/bridge/port add bridge=docker interface=veth1
[admin@RouterOS] > /interface/veth/print 
Flags: X - disabled; R - running 
 0  R name="veth1" address=10.10.0.2/16 gateway=10.10.0.1 

[admin@RouterOS] > ping 10.10.0.2
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                              
    0 10.10.0.2                                  56  64 93us      
    1 10.10.0.2                                  56  64 43us      
    2 10.10.0.2                                  56  64 44us      
    sent=3 received=3 packet-loss=0% min-rtt=43us avg-rtt=60us max-rtt=93us 

[admin@RouterOS] > /interface/veth/set numbers=0 address=10.10.0.3
[admin@RouterOS] > /interface/veth/print 
Flags: X - disabled; R - running 
 0  R name="veth1" address=10.10.0.3 gateway=10.10.0.1 

[admin@RouterOS] > ping 10.10.0.3
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                              
    0 10.10.0.3                                                    timeout                                                             
    1 10.10.0.3                                                    timeout                                                             
    2 10.10.0.3                                                    timeout                                                             
    sent=3 received=0 packet-loss=100% 

[admin@RouterOS] > ping 10.10.0.2
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                              
    0 10.10.0.2                                  56  64 33us      
    1 10.10.0.2                                  56  64 44us      
    2 10.10.0.2                                  56  64 45us      
    sent=3 received=3 packet-loss=0% min-rtt=33us avg-rtt=40us max-rtt=45us 
after reboot
[admin@RouterOS] > /interface/veth/print 
Flags: X - disabled; R - running 
 0    name="veth1" address=10.10.0.3 gateway=10.10.0.1 
[admin@RouterOS] > ping 10.10.0.2
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                             
    0 10.10.0.2                                                    timeout                                                            
    1 10.10.0.2                                                    timeout                                                            
    sent=2 received=0 packet-loss=100% 

[admin@RouterOS] > ping 10.10.0.3
  SEQ HOST                                     SIZE TTL TIME       STATUS                                                             
    0 10.10.0.3                                                    timeout                                                            
    1 10.10.0.3                                                    timeout                                                            
    sent=2 received=0 packet-loss=100% 
it is possible to change the address only by deleting and adding an interface
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 18, 2021 9:03 pm

Huh I've been trying to run a container in my RB750Gr3 but seems like docker images like hello or busybox etc.. only have mips64le. Seems like I have to create images from scratch.
openwrt has rootfs images, however it looks like docker only supports mips64[le] https://github.com/docker/cli/blob/a32c ... til.go#L22 If you try anything else you get "unsupported os/arch combination: ..."
huh, maybe we need to use a docker alternative that uses the same container protocols/ generates images in same format. I'm not a docker expert so don't know much about how to proceed. On that note, how did routeros dev team tested container functionality on mips? Maybe they can provide some test images....
 
User avatar
IGHOR
just joined
Posts: 7
Joined: Tue Oct 21, 2014 12:36 am
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 20, 2021 3:44 pm

huh, maybe we need to use a docker alternative that uses the same container protocols/ generates images in same format. I'm not a docker expert so don't know much about how to proceed. On that note, how did routeros dev team tested container functionality on mips? Maybe they can provide some test images....
It is not about MikroTik itself, but about mipsbe support by a linux distros, if you find one that supports mipsbe, you can use it with no problems.
Looks like there is only 20 mips supported images in the Docker hub https://hub.docker.com/search?type=imag ... cture=mips
Also you can compile mipsbe rootfs by yourself.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 20, 2021 4:17 pm

I have not yet studied what special requirements there are for making a docker image, but in the past I have compiled programs for MIPS without problem by installing a cross-development environment on my PC. It consists of a cross-compiling gcc, linker, libraries etc. all in a user directory I created for that.
Would that not work in this case?
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 20, 2021 7:30 pm

huh, maybe we need to use a docker alternative that uses the same container protocols/ generates images in same format. I'm not a docker expert so don't know much about how to proceed. On that note, how did routeros dev team tested container functionality on mips? Maybe they can provide some test images....
It is not about MikroTik itself, but about mipsbe support by a linux distros, if you find one that supports mipsbe, you can use it with no problems.
Looks like there is only 20 mips supported images in the Docker hub https://hub.docker.com/search?type=imag ... cture=mips
Also you can compile mipsbe rootfs by yourself.
docker only supports mips64. So what I understood so far, even if you made a mips rootfs, you can't make a docker image/container with it, as the architecture is unsupported. From debian wiki
Through the Debian 10 ("buster") release, Debian currently provides 3 ports, 'mips', 'mipsel', and 'mips64el'
Also openwrt seems to support mips too. So linux is certainly available for mips, but the problem is to make a docker container out of it.
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 20, 2021 10:59 pm

So I tried to run docker hello world example in RB750Gr3. After some research and looking at openwrt wiki and inspecting the binaries of routeros package, It concluded that its using mips little endian.

In ubuntu I compiled it using
mipsel-linux-gnu-gcc -mtune=24kc -static ../../hello.c -o hello
I tried with and without -mtune=24kc. I also tried mips-linux-gnu-gcc which is big endian.

My Dockerfile is just
FROM scratch
COPY hello /
CMD ["/hello"]
Then I build it using,
docker build --platform linux/mipsel -t sarim/hello-mips:0.6 .
I also tried linux/mips when using mips-linux-gnu-gcc.

Then
docker save sarim/hello-mips:0.6 -o hello-mips.tar
In routeros I added "container" to system/logging.
[admin@GittuTik] /container> add file=hello-mips.tar interface=veth1 logging=yes root-dir=disk4  
[admin@GittuTik] /container> print 
 0 file=hello-mips.tar name="98f82a3b-c4b6-49d0-b17d-bbd1aa409f27" tag="sarim/hello-mips:0.6" os="linux" arch="mipsel" 
   interface=veth1 root-dir=disk4 mounts="" dns="" workdir="/" logging=yes status=stopped
[admin@GittuTik] /container> start 0

[admin@GittuTik] /container> print 
 0 file=hello-mips.tar name="98f82a3b-c4b6-49d0-b17d-bbd1aa409f27" tag="sarim/hello-mips:0.6" os="linux" arch="mipsel" 
   interface=veth1 root-dir=disk4 mounts="" dns="" workdir="/" logging=yes status=stopped
[admin@GittuTik] /container> 
I tried with and without root-dir=disk4 .With many variations the result is the same. after start 0 nothing happens. Nothing shows up in log. No error.

After several hours of digging I think its an bug with RB750Gr3 and routeros. I mean no matter what I do no error message shows up in log. Anyone got any idea what is going on? Should I contact support?
 
dhoulbrooke
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Sun Apr 19, 2015 7:24 am
Location: Whakatāne, New Zealand

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 20, 2021 11:56 pm

docker only supports mips64. So what I understood so far, even if you made a mips rootfs, you can't make a docker image/container with it, as the architecture is unsupported. From debian wiki

mipsbe is supported in docker. Try the multiarch containers https://hub.docker.com/r/multiarch/debi ... ips-buster

There were some fixes in rc4 for mips arch containers. Previously they were not working.

docker pull multiarch/debian-debootstrap:mips-buster
docker save multiarch/debian-debootstrap > mips-buster.tar

RouterOS config:

/interface bridge
add name=docker
/interface veth
add address=172.17.0.2/16 gateway=172.17.0.1 name=veth1
/container
add cmd="uname -ar" file=mips-buster.tar hostname=debian interface=veth1 logging=yes
/interface bridge port
add bridge=docker interface=veth1
/ip address
add address=172.17.0.1/16 interface=docker network=172.17.0.0

Run the container and see the below in the logs:
Screenshot_20210921_084428.png
You do not have the required permissions to view the files attached to this post.
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 12:46 am

docker only supports mips64. So what I understood so far, even if you made a mips rootfs, you can't make a docker image/container with it, as the architecture is unsupported. From debian wiki

mipsbe is supported in docker. Try the multiarch containers https://hub.docker.com/r/multiarch/debi ... ips-buster

There were some fixes in rc4 for mips arch containers. Previously they were not working.
What is your hardware? My router, RB750Gr3 is not mipsBE. In Routeros page its listed as Mmips. Nevertheless I tried the image you references, nothing happens. It extracts but then start does nothing. No log no error nothing.
 
dhoulbrooke
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Sun Apr 19, 2015 7:24 am
Location: Whakatāne, New Zealand

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 1:50 am

What is your hardware?

mipsbe / RB450G


For a RB750Gr3 you could try the little endian containers and see if they work: https://hub.docker.com/r/multiarch/debi ... sel-buster
 
chrisfr
just joined
Posts: 3
Joined: Thu Sep 02, 2021 3:35 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 10:37 am

I tried with very small container (arm32v7/busybox:stable-musl , tar size is about 1,4MB) on CRS305 and CRS309, but container never start (and nothing is write in logs despite logging=yes) :
[admin@CRS309-BU] /container> /container/print 
 0 file=arm32v7_busybox.tar name="3850934b-17c1-4403-8f04-65ead4703936" tag="arm32v7/busybox:stable-musl" os="linux" arch="arm" interface=veth1 mounts="" dns="" hostname="mybbox" logging=yes 
   status=stopped 
[admin@CRS309-BU] /container>
[admin@CRS309-BU] /container> /container/start number=0 ; /log/print follow-only

09:26:10 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:11 system,info,account user prometheus logged out from 192.168.0.182 via api 
09:26:15 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:16 system,info,account user prometheus logged out from 192.168.0.182 via api 
09:26:20 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:21 system,info,account user prometheus logged out from 192.168.0.182 via api 
09:26:25 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:25 system,info,account user prometheus logged out from 192.168.0.182 via api 

I guess as CRS3xx have very tiny SPI Flash, Mikrotik didn't test container on theses hardware. I tried with other docker images, but i always have the same result.
 
krisjanisj
MikroTik Support
MikroTik Support
Posts: 102
Joined: Wed Feb 20, 2019 2:53 pm
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 10:38 am

I tried with very small container (arm32v7/busybox:stable-musl , tar size is about 1,4MB) on CRS305 and CRS309, but container never start (and nothing is write in logs despite logging=yes) :
[admin@CRS309-BU] /container> /container/print 
 0 file=arm32v7_busybox.tar name="3850934b-17c1-4403-8f04-65ead4703936" tag="arm32v7/busybox:stable-musl" os="linux" arch="arm" interface=veth1 mounts="" dns="" hostname="mybbox" logging=yes 
   status=stopped 
[admin@CRS309-BU] /container>
[admin@CRS309-BU] /container> /container/start number=0 ; /log/print follow-only

09:26:10 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:11 system,info,account user prometheus logged out from 192.168.0.182 via api 
09:26:15 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:16 system,info,account user prometheus logged out from 192.168.0.182 via api 
09:26:20 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:21 system,info,account user prometheus logged out from 192.168.0.182 via api 
09:26:25 system,info,account user prometheus logged in from 192.168.0.182 via api 
09:26:25 system,info,account user prometheus logged out from 192.168.0.182 via api 

I guess as CRS3xx have very tiny SPI Flash, Mikrotik didn't test container on theses hardware. I tried with other docker images, but i always have the same result.
Could You please generate a supout.rif file and send it to support@mikrotik.com so we can look into this further?
 
chrisfr
just joined
Posts: 3
Joined: Thu Sep 02, 2021 3:35 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 12:29 pm

...
Could You please generate a supout.rif file and send it to support@mikrotik.com so we can look into this further?
I send it with also the tar image, thank you.
 
devin122
just joined
Posts: 8
Joined: Sat Sep 11, 2021 8:36 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 9:22 pm

I've managed to get containers on MIPSBE working with 7.1rc4, however when the container is running, cpu usage is pinned at 100% despite all the processes inside the container sitting pretty much idle
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 21, 2021 10:21 pm

What is your hardware?

mipsbe / RB450G


For a RB750Gr3 you could try the little endian containers and see if they work: https://hub.docker.com/r/multiarch/debi ... sel-buster
Unfortunately nothing happens. I emailed support with supout.rif.
 
User avatar
Amm0
Member Candidate
Member Candidate
Posts: 153
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 22, 2021 5:50 am

Boy my lightly used RB1100 "dude" works pretty well with the new container support.

But some way to access to "console" would be very handy. It's not always easy to add SSH support to just any docker image, in particular some of the language runtimes like NodeJS, Julia or R - where you don't need SSH once you've packaged an image with the code you want. Certainly using a stock Linux/OS to "test" on the platform can work...but then your still left unwinding what the more basic version for docker be of that work.

While the Dockerfile on the host can add the need code/entry point before generating the tar – sometimes it's easier to try stuff out in the "running" docker image, then edit the Dockerfile to recreate your "diffs". Now ideally, the containers console would be like any ROS port redirected like any other ROS serial thing, but some "/container/console", similar to /system/serial-console command be very useful. I'd imagine it's be especially useful on the "more escotic" platform since there isn't some go-to stash of TILE base images, yet... and logging=yes will only get you so far at troubleshooting a greenfield like "docker-on-tile" – one way to make use of the unused cores on the TILE RBs.

One other thought, is the basic feature of MetaROUTER was running another ROS instance. I'm surprise that wasn't an example – be awfully handy to run ROS v6 on a ROS v7, since you'd have the dude (which seems forgot in v7 feature-blitz) and could more easily allow testing any differences between v7 and v6...
 
User avatar
sszbv
Trainer
Trainer
Posts: 6
Joined: Sun Oct 07, 2012 11:47 am
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Sep 23, 2021 3:28 pm

Thanks for this awesome feature!

I'm running a domoticz container on a rb5009, works great.
It would be nice if you could add devices support, so I can connect USB or serial devices (like kwh meters).

The docker command line is:

docker run -d \
-p 8080:8080 \
-p 8443:443 \
-v <path for config files>:/opt/domoticz/userdata \
-e TZ=Europe/Amsterdam
--device=<device_id> \
--name=<container name> \
domoticz/domoticz

I mean the --device= part.
Maybe you can create a devices list, using the same approach as for the mounts and envs.
 
haedertowfeq
just joined
Posts: 7
Joined: Thu Nov 19, 2020 5:58 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 24, 2021 1:51 am

Noop
How to ssh to pihole 🤔
To use command like
Pihole -u for update
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 1589
Joined: Mon Apr 08, 2019 1:16 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Sep 24, 2021 9:10 pm

"docker exec -it" / "docker container exec" ??? Or is there no docker program?
For GUI comfort I use the "portainer" container, but without "docker exec" that would probably not work on RouterOS.
(https://docs.portainer.io/v/ce-2.6/user ... Fbin%2Fash.)

cfr : https://www.mankier.com/1/docker-exec
 
rplant
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Fri Sep 29, 2017 11:42 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 25, 2021 8:12 am

Hi,
How do I connect a container to 2 network interfaces?
I thought I'd have a go at avahi as a reflector.

Thanks
 
User avatar
Amm0
Member Candidate
Member Candidate
Posts: 153
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Sep 25, 2021 9:21 pm

How do I connect a container to 2 network interfaces?
Kinda depends on how the LANs (or VLANs...) your trying do mDNS reflection on ingress the router/switch. The simplest case would be using two bridges (bridgeA and bridgeB) and two virtual ethernets, vethA and vethB, for Avanti container. Assuming your "LAN A" (e.g. "computers/WiFi") is using ether1 and "LAN B" (e.g. "printers") is using ether2. You'd then add ether1 & vethA as bridge ports on bridgeA, same for ether2+vethB going as ports on bridgeB (on /interface/bridge/ports).

VLAN Filtering likely be better long term, be one bridge, but that adds complexity here. You'd add both vethA and vethB as interface to the /container. Like more, basically one bridge/veth per [V]LAN you want Avanti to use.

Where I think the trouble lies isn't bridging the L2 traffic – lots of way to do that in ROS. But finding a pre-compiled Dockerfile that exposes some UI to manage Avanti or has SSH enabled out-of-the box, AND is pre-compiled for the Mikrotik CPU your want to use, which need some "real" disk (USB, SSD, etc). Lots of Docker images for X86/AMD64, but only some number for ARM32 etc... You got a TILE, well, good luck but be interesting.

The current implementation doesn't allow "console access" so once you get the image running on the Mikrotik, you have to essentially start/stop the container and use /container/set 0 cmd="..." each time to modify the image. Normally you can just "compile" a Dockerfile, but unless you're on the same CPU arch, that get tricky – most people don't use an ARM32 as there desktop computer – docker supports "buildx" and scheme to deal with this BUT way more complex than L2 bridging on a Mikrotik part.

But, a poor-man function to proxy for a shell to the container looks like this, assuming you a container, it's working, and logging=yes. Add something like this (as example of concept):

:global DockerDo do={/container/stop $1; :delay 10s; /container/set $1 cmd="$2"; /container/start $1; /log/print follow where topics~"container" and time>([/system/clock/get time]-10s)}

To use this, you can issue a ONE command $DockerDo [container number, "0"] [cmd to run in container] against the docker image, which will start/stop in-between your commands. Since the output it shown via /log/print follow, you'll need to use Ctrl-C to then issue another command:
> $DockerDo 0 "uname -a"
                                            
12:55:51 container,info,debug Linux julia162 5.6.3 #15 SMP Mon Sep 20 07:31:39 UTC 2021 armv7l GNU/Linux 

> $DockerDo 0 "uname -a"

12:57:58 container,info,debug Linux julia162 5.6.3 #15 SMP Mon Sep 20 07:31:39 UTC 2021 armv7l GNU/Linux 

-- Ctrl-C to quit. Space prints separator. New entries will appear at bottom.


Although I've never been sold on the need for "reflecting" mDNS – kinda the point of subnetting is to limit broadcasting. If you just have some "well known printers" you want showing up on iPhone, using domain name in DHCP and some specfic DNS PTR/SRV records will do the same as mDNS broadcasts if that's what your after, see RFC6763 - https://www.ietf.org/rfc/rfc6763.txt

Now why Mikrotik has not added mDNS/avanti, just to stop the requests, is a different question. Guessing they are betting Docker is simpler answer, well see.
 
rplant
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Fri Sep 29, 2017 11:42 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Sep 26, 2021 3:13 am

How do I connect a container to 2 network interfaces?
Kinda depends on how the LANs (or VLANs...) your trying do mDNS reflection on ingress the router/switch. The simplest case would be using two bridges (bridgeA and bridgeB) and two virtual ethernets, vethA and vethB, for Avanti container. Assuming your "LAN A" (e.g. "computers/WiFi") is using ether1 and "LAN B" (e.g. "printers") is using ether2. You'd then add ether1 & vethA as bridge ports on bridgeA, same for ether2+vethB going as ports on bridgeB (on /interface/bridge/ports).
...

VLAN Filtering likely be better long term, be one bridge, but that adds complexity here.

Although I've never been sold on the need for "reflecting" mDNS – kinda the point of subnetting is to limit broadcasting. If you just have some "well known printers" you want showing up on iPhone, using domain name in DHCP and some specfic DNS PTR/SRV records will do the same as mDNS broadcasts if that's what your after, see RFC6763 - https://www.ietf.org/rfc/rfc6763.txt
Thanks,
I have tried the manual DNS thing in the past, but Mikrotik DNS doesn't support PTR records at present (maybe that will change), I did try on another DNS server, but never had much success.

Unfortunately I think I didn't explain myself very well
There seems to be no (obvious) way to add more than 1 interface to a container in the /container add command.

Perhaps VLan filtering might be what I need to use, with the 2 interfaces coming in on 1 veth, a native, and a vlan

I haven't tried this, but was thinking I could drop a netcat into the container's bin directory, and set cmd to "nc -L 5000 -e /bin/sh"
(nil security, but you can firewall access to it)
 
almeiras
newbie
Posts: 32
Joined: Fri Nov 15, 2019 9:16 pm
Location: Spain

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 27, 2021 12:35 pm

Hello! Yet again I resurrected my RB4011. I updated it to 7.1 RC4. Then I used
/Container
to install a Docker image for iperf3, the beloved speedtest app. I picked this image from sk278 since it supports ARMv7 (32 bit ARM).

I leave here my steps for other newbies plus some doubts at the end.

First I created the virtual network interface and bridge for using with
/Container
. I sticked with the default network
172.17.0.0/24
from MT’s Container help. No environment variables or mountpoints were needed for this image.

Then I went to my computer and launched a console terminal app:
  1. docker manifest inspect sk278/iperf3
    
  2. Get the right hash for your architecture, in my case, MikroTik RB4011 is ARMv7:
    sha256:823a7cd38cfeea8fce736639cac8146c069246759463f262be832cff340e3bfa
    
    (latest image version is this one)
  3. Download the image:
    docker pull sk278/iperf3:latest@sha256:823a7cd38cfeea8fce736639cac8146c069246759463f262be832cff340e3bfa
    
  4. Have the image compressed:
    docker save sk278/iperf3 > iperf3.tar
    
  5. Upload it to the router filesystem using your preferred method (just drop it in “Files” section using Webfig).
Time to go to the router command prompt (via SSH, online terminal, serial cable…)
  1. Create the container in using the image file you just uploaded:
    /container/add file=iperf3.tar interface=veth1 logging=yes
    
    . (you can also add a
    hostname
    
    if you want)
  2. /container/start [find file=iperf3.tar]
    
  3. Check if
    status=running
    
    with
    /container/print detail
    
    (it takes some time in bigger containers).
OK, now some questions arise in my head:
  • In my case, the container got itself the IP 172.16.0.2. Can anyone explain why? I mean, there is no environment variable for the IP as in PiHole`s image, nor any kind of negotiation that I’m aware of. Does this depend on the number of the container (0 gets first available IP, 1 gets second…)?
  • I tried to create a DHCP server for the containers, but I couldn’t since veth1 is a slave of a bridge. I tried creating the server for the bridge, but this made no effect since the Docker images are bound to
    veth1
    
    , not the bridge (see
    /container/print
    
    ).
  • iperf3 speed looks to be limited to 100 Mbps, although all my network is 1 Gbps… I have no idea why is that, all physical interfaces look correct.
  • MikroTik support team, will you bring interactive terminal console to containers? Pretty please? We really need that.
Anyway, congratulations MikroTik for this breakthrough. These are exciting times for us, users. My Raspberry is going to have some rest.
 
almeiras
newbie
Posts: 32
Joined: Fri Nov 15, 2019 9:16 pm
Location: Spain

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 27, 2021 2:01 pm

I tried the official Debian image: https://hub.docker.com/_/debian?tab=des ... st_updated
docker pull debian:stable@sha256:ae04ba555bd7342b5d49305425dcd9f233ea51321d16f1c04b26173a32918349
But once installed, it doesn't start. Architecture is correct. I also tried to stop the other image, but no effect, Debian remains stopped forever:
/container/print 
 0 file=iperf3.tar name="0d8ad45e-b1c0-4380-b720-906baf7db7fc" tag="" os="linux" arch="arm" 
   interface=veth1 mounts="" dns="" hostname="iperf3" logging=yes status=stopped 

 1 file=debian.tar name="7274b731-37e4-45b0-8c5c-4f336218333e" tag="" os="linux" arch="arm" 
   interface=veth1 mounts="" dns="" logging=yes status=stopped 
 
User avatar
jr0dd
just joined
Posts: 13
Joined: Fri Feb 10, 2017 4:46 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Sep 27, 2021 4:10 pm


But once installed, it doesn't start. Architecture is correct. I also tried to stop the other image, but no effect, Debian remains stopped forever:
I’ve tried numerous containers and I can’t get 1 to start also on ARM.
 
vchrizz
just joined
Posts: 16
Joined: Sun Jul 10, 2016 11:07 am
Location: Austria, Vienna
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 28, 2021 2:52 am

I've managed to get containers on MIPSBE working with 7.1rc4, however when the container is running, cpu usage is pinned at 100% despite all the processes inside the container sitting pretty much idle
what container(s) did you try? im looking for some working mipsbe images as examples.

or how would one manage to create docker images for mipsbe?
there is no docker.io package for mips/mipsbe in debian.
for debian/bullseye there is a docker.io package for mips64el and mipsel but not mips/mipsbe because debian dropped mips/mipsbe support since bullseye.
on other linux distros i also could not find possibilities to run docker on mipsbe to be able to create images (or tar files from images)

how else is it possible to create docker images without running docker on mipsbe arch?
(i crosscompiled an application already but am not able to create docker images for mipsbe)

thanks for any hints!

EDIT: i crosscompiled mipsbe binary which works fine on other mipsbe devices running debian. then i created a container (with docker on openwrt/mipsel), saved it to a tar file and uploaded it to a rb960pgs running ros v7.1rc4:
[admin@MikroTik] > /container/add file=mipsolsrd.tar interface=veth1 hostname=olsrd logging=yes
[admin@MikroTik] > /container/print
0 file=mipsolsrd.tar name="51b47d9f-9f81-4a26-9f57-1d59d715cbd3" tag="vchrizz/mipsolsrd:latest" os="linux" arch="mipsle" interface=veth1
mounts="" dns="" hostname="olsrd" logging=yes status=stopped
[admin@MikroTik] > /container/start number=0

[admin@MikroTik] > /container/print
0 file=mipsolsrd.tar name="51b47d9f-9f81-4a26-9f57-1d59d715cbd3" tag="vchrizz/mipsolsrd:latest" os="linux" arch="mipsle" interface=veth1
mounts="" dns="" hostname="olsrd" logging=yes status=stopped
seems to look ok but it does not start, nothing is shown in logs on why it did not start (i already added topic "container" to system/logging)

how to debug the container what is wrong to fix that?
Last edited by vchrizz on Thu Sep 30, 2021 2:21 am, edited 1 time in total.
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Sep 28, 2021 3:04 am


But once installed, it doesn't start. Architecture is correct. I also tried to stop the other image, but no effect, Debian remains stopped forever:
I’ve tried numerous containers and I can’t get 1 to start also on ARM.
Have you managed to get any errors / logs? No reply yet from support dev team, But the main problem is lack of logs / errors. How are you supposed to debug this if no log appears. NB: container topic is added in logging and logging=yes is set. But no log appears.
 
User avatar
jr0dd
just joined
Posts: 13
Joined: Fri Feb 10, 2017 4:46 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 29, 2021 7:51 am


Have you managed to get any errors / logs? No reply yet from support dev team, But the main problem is lack of logs / errors. How are you supposed to debug this if no log appears. NB: container topic is added in logging and logging=yes is set. But no log appears.
No logs of any kind. It just stays stopped.
 
almeiras
newbie
Posts: 32
Joined: Fri Nov 15, 2019 9:16 pm
Location: Spain

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 29, 2021 11:07 am

I find interesting the possibility of running a RouterOS container (stable ROS version) inside your own router (development ROS version). This way you could use "The Dude server" (stable versions only) as well as the newer funcionalities (WG, Docker, Zerotier...).
I can't test it since my RB4011 is armv7 (32 bit only), but it would be nice to hear from any of you. Maybe MT support team finds it interesting to maintain their own ROS image (@normis?). Thank you.

PS: This implementation would require a second ROS software key.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 29, 2021 11:32 am

I find interesting the possibility of running a RouterOS container (stable ROS version) inside your own router (development ROS version).
Well, this is essentially how it all started on old MikroTik models that offered "MetaROUTER" where you could run either RouterOS or another image.
This fell out of attention as later architectures do not offer it, and the current Docker support is more or less a successor of that.
 
antonatos
just joined
Posts: 5
Joined: Wed Mar 05, 2014 11:58 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Sep 29, 2021 7:38 pm

Hey folks,

I recently upgraded 1100 AHx4 to 7.1.rc4 in order to test containers.
Although I manage to make it work. I faced the below issues:
  • Transferring big files is causing kernel panic
  • Extracting tar image takes more than 15mins which consumes 1 CPU and cause packet drop and Capsman link drop
  • There is no exec to get a console in order to configure more.
Have you found any solution for the above?

Thanks,
Nikos
 
almeiras
newbie
Posts: 32
Joined: Fri Nov 15, 2019 9:16 pm
Location: Spain

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Oct 01, 2021 4:33 pm

  • Transferring big files is causing kernel panic
  • There is no exec to get a console in order to configure more.
No problem with file transfers in ny case. I use ‘scp’ and webfig for uploading (RB4011, ARMv7 32 bit).

Regarding the lack of interactive console shell, you have to settle for images with ssh, web config or environment variables. This is really annoying. I hope we get interactive shell soon. My kingdom for ‘docker exec -it bash‘
 
devin122
just joined
Posts: 8
Joined: Sat Sep 11, 2021 8:36 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Oct 01, 2021 6:45 pm

I've managed to get containers on MIPSBE working with 7.1rc4, however when the container is running, cpu usage is pinned at 100% despite all the processes inside the container sitting pretty much idle
what container(s) did you try? im looking for some working mipsbe images as examples.
First I was using openwrt images (mips_24kc-21.02.0 tag on https://hub.docker.com/r/openwrtorg/rootfs) . However, I suspect something about their init system is causing the 100% cpu usage. Now I'm rolling my own images based on openwrt but without their init system.

or how would one manage to create docker images for mipsbe?
I have just been making tarballs of the root fs and then using
docker import 
and
docker export
to add the necessary metadata

there is no docker.io package for mips/mipsbe in debian.
There won't be. Since mipsbe isn't officially supported by docker, it wont let you tag an image as being for it (see https://github.com/docker/cli/blob/a32c ... til.go#L22) . However other than displaying it in the UI, ROS seems to ignore the platform tag (my images all say AMD64, but they are running fine)

Have you managed to get any errors / logs? No reply yet from support dev team, But the main problem is lack of logs / errors. How are you supposed to debug this if no log appears. NB: container topic is added in logging and logging=yes is set. But no log appears.
adding logging=yes seems to just log stdout/stderr from inside the container, no info about debugging the container runtime itself. There is some limited debugging info available in supout.rif in the
@container@
sections
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Oct 01, 2021 11:10 pm

Have you managed to get any errors / logs? No reply yet from support dev team, But the main problem is lack of logs / errors. How are you supposed to debug this if no log appears. NB: container topic is added in logging and logging=yes is set. But no log appears.
adding logging=yes seems to just log stdout/stderr from inside the container, no info about debugging the container runtime itself. There is some limited debugging info available in supout.rif in the
@container@
sections
How are you reading supout.rif? I viewed my supout.rif in mikrotik.com -> account but It doesn't contain a "container" section :(

EDIT: Thank you so much, finally a bit of hint of logging. I used a third party tool (github.com/farseeker/go-mikrotik-rif) to open the supout and found this.
@container@
2021.09.20-21:07:21.81@1: Starting container app.
2021.09.20-21:07:21.81@1: Running app...
2021.09.20-21:14:08.29@3: unable to copy resolv.conf
2021.09.20-21:14:08.30@3: clone: Invalid argument
2021.09.20-21:14:08.30@3: child spawn failed
2021.09.20-21:14:19.53@2: unable to copy resolv.conf
2021.09.20-21:14:19.53@2: clone: Invalid argument
2021.09.20-21:14:19.53@2: child spawn failed
2021.09.20-21:14:20.92@2: image not running
2021.09.20-21:25:41.33@1: no id
2021.09.20-21:40:04.07@3: clone: Invalid argument
2021.09.20-21:40:04.07@3: child spawn failed
2021.09.20-21:40:45.10@0: clone: Invalid argument
2021.09.20-21:40:45.10@0: child spawn failed
2021.09.20-21:41:12.92@2: clone: Invalid argument
2021.09.20-21:41:12.92@2: child spawn failed
2021.09.21-18:55:23.41@0: clone: Invalid argument
2021.09.21-18:55:23.41@0: child spawn failed
2021.09.21-18:55:45.42@1: clone: Invalid argument
2021.09.21-18:55:45.42@1: child spawn failed
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: /ram/pckg/container/nova/bin/container
2021.09.21-18:57:16.72@1: --- signal=17 --------------------------------------------
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: pc=0x77fe4214 at=0x00000001 v0=0x00000004 v1=0x00000000
2021.09.21-18:57:16.72@1: a0=0x77ff9560 a1=0x00000002 a2=0xffffffff a3=0x00000001
2021.09.21-18:57:16.72@1: t0=0x00000001 t1=0x77f7aa90 t2=0x66206e77 t3=0x656c6961
2021.09.21-18:57:16.72@1: t4=0x7fffb780 t5=0x00000000 t6=0x00000000 t7=0x00420000
2021.09.21-18:57:16.72@1: s0=0x0000105c s1=0xffffffff s2=0x780014f4 s3=0x7fffbbc0
2021.09.21-18:57:16.72@1: s4=0x0000004f s5=0xffffffff s6=0x00000004 s7=0x00421558
2021.09.21-18:57:16.72@1: t8=0x004209a0 t9=0x77fe41d0 k0=0x00000000 k9=0x00000000
2021.09.21-18:57:16.72@1: gp=0x780018d0 sp=0x7fffbac8 s8=0x004217f8 ra=0x77fdc120
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: maps:
2021.09.21-18:57:16.72@1: 00400000-00411000 r-xp 00000000 07:01 8          /ram/pckg/container/nova/bin/container
2021.09.21-18:57:16.72@1: 00420000-00421000 rwxp 00010000 07:01 8          /ram/pckg/container/nova/bin/container
2021.09.21-18:57:16.72@1: 00421000-0042c000 rwxp 00000000 00:00 0          [heap]
2021.09.21-18:57:16.72@1: 77de5000-77ee5000 rwxp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 77ee5000-77f07000 r-xp 00000000 07:00 241        /lib/libuc++.so
2021.09.21-18:57:16.72@1: 77f07000-77f08000 rwxp 00012000 07:00 241        /lib/libuc++.so
2021.09.21-18:57:16.72@1: 77f08000-77f77000 r-xp 00000000 07:00 243        /lib/libumsg.so
2021.09.21-18:57:16.72@1: 77f77000-77f79000 rwxp 0005f000 07:00 243        /lib/libumsg.so
2021.09.21-18:57:16.72@1: 77f79000-77f7b000 rwxp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 77f7b000-77fa4000 r-xp 00000000 07:00 247        /lib/libubox.so
2021.09.21-18:57:16.72@1: 77fa4000-77fa5000 rwxp 00019000 07:00 247        /lib/libubox.so
2021.09.21-18:57:16.72@1: 77fa5000-77fea000 r-xp 00000000 07:00 240        /lib/libc.so
2021.09.21-18:57:16.72@1: 77ff6000-77ff7000 rwxs 00000000 00:0a 2052       /ram/rtrace/control
2021.09.21-18:57:16.72@1: 77ff7000-77ff9000 r-xp 0ea7c000 00:06 1326       /dev/jiffies
2021.09.21-18:57:16.72@1: 77ff9000-77ffb000 rwxp 00044000 07:00 240        /lib/libc.so
2021.09.21-18:57:16.72@1: 77ffb000-77ffc000 rwxp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 7ffdb000-7fffc000 rwxp 00000000 00:00 0          [stack]
2021.09.21-18:57:16.72@1: 7fffc000-7fffd000 r-xp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: stack: 0x7fffc000 - 0x7fffbac8 
2021.09.21-18:57:16.72@1: 00 00 00 00 40 11 42 00 d0 f8 f7 77 58 15 42 00 00 00 00 00 00 00 00 00 d0 18 00 78 5c 10 00 00 
2021.09.21-18:57:16.72@1: 00 00 00 00 00 00 00 00 10 10 42 00 30 bb ff 7f ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: code: 0x77fe4214
2021.09.21-18:57:16.72@1: 10e00002 27bd0020 00021023 03e00008 00000000 8f998574 03200008 00000000 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: backtrace: 0x77fe4214 0x77fdc120 
2021.09.21-18:57:16.72@1: 
Any idea anyone?
 
devin122
just joined
Posts: 8
Joined: Sat Sep 11, 2021 8:36 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Oct 03, 2021 3:13 am


Any idea anyone?
What version are you running. I was seeing the same error on rc3 as the kernel was not built with full support for namespaces. Issue was resolved with rc4
 
gittubaba
just joined
Posts: 16
Joined: Thu May 31, 2018 5:55 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sun Oct 03, 2021 3:18 am


Any idea anyone?
What version are you running. I was seeing the same error on rc3 as the kernel was not built with full support for namespaces. Issue was resolved with rc4
7.1rc4. Then guess it wasn't solved for mmpis/RB750Gr3
 
fakejuke
just joined
Posts: 2
Joined: Tue Oct 05, 2021 9:10 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Oct 05, 2021 3:37 pm

Hello! Tried pihole and iperf on my ac3 with external usb flash. Both stuck on "extracting". Any ideas?
 
vchrizz
just joined
Posts: 16
Joined: Sun Jul 10, 2016 11:07 am
Location: Austria, Vienna
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Oct 06, 2021 4:34 pm

EDIT: Thank you so much, finally a bit of hint of logging. I used a third party tool (github.com/farseeker/go-mikrotik-rif) to open the supout and found this.
@container@
2021.09.20-21:07:21.81@1: Starting container app.
2021.09.20-21:07:21.81@1: Running app...
2021.09.20-21:14:08.29@3: unable to copy resolv.conf
2021.09.20-21:14:08.30@3: clone: Invalid argument
2021.09.20-21:14:08.30@3: child spawn failed
2021.09.20-21:14:19.53@2: unable to copy resolv.conf
2021.09.20-21:14:19.53@2: clone: Invalid argument
2021.09.20-21:14:19.53@2: child spawn failed
2021.09.20-21:14:20.92@2: image not running
2021.09.20-21:25:41.33@1: no id
2021.09.20-21:40:04.07@3: clone: Invalid argument
2021.09.20-21:40:04.07@3: child spawn failed
2021.09.20-21:40:45.10@0: clone: Invalid argument
2021.09.20-21:40:45.10@0: child spawn failed
2021.09.20-21:41:12.92@2: clone: Invalid argument
2021.09.20-21:41:12.92@2: child spawn failed
2021.09.21-18:55:23.41@0: clone: Invalid argument
2021.09.21-18:55:23.41@0: child spawn failed
2021.09.21-18:55:45.42@1: clone: Invalid argument
2021.09.21-18:55:45.42@1: child spawn failed
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: /ram/pckg/container/nova/bin/container
2021.09.21-18:57:16.72@1: --- signal=17 --------------------------------------------
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: pc=0x77fe4214 at=0x00000001 v0=0x00000004 v1=0x00000000
2021.09.21-18:57:16.72@1: a0=0x77ff9560 a1=0x00000002 a2=0xffffffff a3=0x00000001
2021.09.21-18:57:16.72@1: t0=0x00000001 t1=0x77f7aa90 t2=0x66206e77 t3=0x656c6961
2021.09.21-18:57:16.72@1: t4=0x7fffb780 t5=0x00000000 t6=0x00000000 t7=0x00420000
2021.09.21-18:57:16.72@1: s0=0x0000105c s1=0xffffffff s2=0x780014f4 s3=0x7fffbbc0
2021.09.21-18:57:16.72@1: s4=0x0000004f s5=0xffffffff s6=0x00000004 s7=0x00421558
2021.09.21-18:57:16.72@1: t8=0x004209a0 t9=0x77fe41d0 k0=0x00000000 k9=0x00000000
2021.09.21-18:57:16.72@1: gp=0x780018d0 sp=0x7fffbac8 s8=0x004217f8 ra=0x77fdc120
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: maps:
2021.09.21-18:57:16.72@1: 00400000-00411000 r-xp 00000000 07:01 8          /ram/pckg/container/nova/bin/container
2021.09.21-18:57:16.72@1: 00420000-00421000 rwxp 00010000 07:01 8          /ram/pckg/container/nova/bin/container
2021.09.21-18:57:16.72@1: 00421000-0042c000 rwxp 00000000 00:00 0          [heap]
2021.09.21-18:57:16.72@1: 77de5000-77ee5000 rwxp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 77ee5000-77f07000 r-xp 00000000 07:00 241        /lib/libuc++.so
2021.09.21-18:57:16.72@1: 77f07000-77f08000 rwxp 00012000 07:00 241        /lib/libuc++.so
2021.09.21-18:57:16.72@1: 77f08000-77f77000 r-xp 00000000 07:00 243        /lib/libumsg.so
2021.09.21-18:57:16.72@1: 77f77000-77f79000 rwxp 0005f000 07:00 243        /lib/libumsg.so
2021.09.21-18:57:16.72@1: 77f79000-77f7b000 rwxp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 77f7b000-77fa4000 r-xp 00000000 07:00 247        /lib/libubox.so
2021.09.21-18:57:16.72@1: 77fa4000-77fa5000 rwxp 00019000 07:00 247        /lib/libubox.so
2021.09.21-18:57:16.72@1: 77fa5000-77fea000 r-xp 00000000 07:00 240        /lib/libc.so
2021.09.21-18:57:16.72@1: 77ff6000-77ff7000 rwxs 00000000 00:0a 2052       /ram/rtrace/control
2021.09.21-18:57:16.72@1: 77ff7000-77ff9000 r-xp 0ea7c000 00:06 1326       /dev/jiffies
2021.09.21-18:57:16.72@1: 77ff9000-77ffb000 rwxp 00044000 07:00 240        /lib/libc.so
2021.09.21-18:57:16.72@1: 77ffb000-77ffc000 rwxp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 7ffdb000-7fffc000 rwxp 00000000 00:00 0          [stack]
2021.09.21-18:57:16.72@1: 7fffc000-7fffd000 r-xp 00000000 00:00 0 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: stack: 0x7fffc000 - 0x7fffbac8 
2021.09.21-18:57:16.72@1: 00 00 00 00 40 11 42 00 d0 f8 f7 77 58 15 42 00 00 00 00 00 00 00 00 00 d0 18 00 78 5c 10 00 00 
2021.09.21-18:57:16.72@1: 00 00 00 00 00 00 00 00 10 10 42 00 30 bb ff 7f ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: code: 0x77fe4214
2021.09.21-18:57:16.72@1: 10e00002 27bd0020 00021023 03e00008 00000000 8f998574 03200008 00000000 
2021.09.21-18:57:16.72@1: 
2021.09.21-18:57:16.72@1: backtrace: 0x77fe4214 0x77fdc120 
2021.09.21-18:57:16.72@1: 
thanks for the hint! looking at supout.rif with the tool go-mikrotik-rif i get similar stack trace:
@container@
2021.10.05-00:18:06.50@0: 
2021.10.05-00:18:06.50@0: 
2021.10.05-00:18:06.50@0: /ram/pckg/container/nova/bin/container
2021.10.05-00:18:06.50@0: --- signal=17 --------------------------------------------
2021.10.05-00:18:06.50@0: 
2021.10.05-00:18:06.50@0: pc=0x77fd4654 at=0x00000001 v0=0x00000004 v1=0x00000000
2021.10.05-00:18:06.51@0: a0=0x77f0ef00 a1=0x00000002 a2=0xffffffff a3=0x00000001
2021.10.05-00:18:06.51@0: t0=0x00000000 t1=0xfeffffff t2=0x00421064 t3=0x77f82fb0
2021.10.05-00:18:06.51@0: t4=0x00000001 t5=0x10000000 t6=0x77f82980 t7=0x77f20000
2021.10.05-00:18:06.51@0: s0=0x00421064 s1=0xffffffff s2=0x77f80000 s3=0x7fffabe0
2021.10.05-00:18:06.51@0: s4=0x0000004f s5=0xffffffff s6=0x00000004 s7=0x00421558
2021.10.05-00:18:06.51@0: t8=0x004208dc t9=0x77fd4640 k0=0x77f7f960 k9=0x00000000
2021.10.05-00:18:06.51@0: gp=0x78001370 sp=0x7fffab70 s8=0x004217f8 ra=0x77f33848
2021.10.05-00:18:06.51@0: 
2021.10.05-00:18:06.51@0: maps:
2021.10.05-00:18:06.51@0: 00400000-00411000 r-xp 00000000 07:01 8          /ram/pckg/container/nova/bin/container
2021.10.05-00:18:06.51@0: 00420000-00421000 rwxp 00010000 07:01 8          /ram/pckg/container/nova/bin/container
2021.10.05-00:18:06.51@0: 00421000-0042d000 rwxp 00000000 00:00 0          [heap]
2021.10.05-00:18:06.51@0: 77dec000-77eec000 rwxp 00000000 00:00 0 
2021.10.05-00:18:06.51@0: 77eec000-77f0e000 r-xp 00000000 07:00 240        /lib/libuc++.so
2021.10.05-00:18:06.51@0: 77f0e000-77f0f000 rwxp 00012000 07:00 240        /lib/libuc++.so
2021.10.05-00:18:06.51@0: 77f10000-77f7f000 r-xp 00000000 07:00 242        /lib/libumsg.so
2021.10.05-00:18:06.52@0: 77f7f000-77f81000 rwxp 0005f000 07:00 242        /lib/libumsg.so
2021.10.05-00:18:06.52@0: 77f81000-77f83000 rwxp 00000000 00:00 0 
2021.10.05-00:18:06.52@0: 77f84000-77fad000 r-xp 00000000 07:00 246        /lib/libubox.so
2021.10.05-00:18:06.52@0: 77fad000-77fae000 rwxp 00019000 07:00 246        /lib/libubox.so
2021.10.05-00:18:06.52@0: 77fae000-77fea000 r-xp 00000000 07:00 239        /lib/libc.so
2021.10.05-00:18:06.52@0: 77ff4000-77ff5000 rwxs 00000000 00:0a 370        /ram/rtrace/control
2021.10.05-00:18:06.52@0: 77ff6000-77ff8000 r-xp 0717c000 00:06 393        /dev/jiffies
2021.10.05-00:18:06.52@0: 77ff9000-77ffa000 rwxp 0003b000 07:00 239        /lib/libc.so
2021.10.05-00:18:06.52@0: 77ffa000-77ffb000 rwxp 00000000 00:00 0 
2021.10.05-00:18:06.52@0: 7ffda000-7fffb000 rwxp 00000000 00:00 0          [stack]
2021.10.05-00:18:06.52@0: 7fffb000-7fffc000 r-xp 00000000 00:00 0 
2021.10.05-00:18:06.52@0: 
2021.10.05-00:18:06.52@0: stack: 0x7fffb000 - 0x7fffab70 
2021.10.05-00:18:06.52@0: 77 f7 f9 60 00 00 00 00 7f ff ab a0 00 ff 00 00 77 f8 79 f0 77 f3 f6 0c 00 42 10 64 00 42 11 14 
2021.10.05-00:18:06.53@0: 7f ff ac 80 7f ff ab e0 00 00 00 4f ff ff ff ff 00 00 00 04 77 f3 3a a0 77 f8 2b 00 77 fc 0e a8 
2021.10.05-00:18:06.53@0: 
2021.10.05-00:18:06.53@0: code: 0x77fd4654
2021.10.05-00:18:06.53@0: 10e00002 00402025 00022023 8f998078 100099ea 00000000 00000000 3c1c0003 
2021.10.05-00:18:06.53@0: 
2021.10.05-00:18:06.53@0: backtrace: 0x77fd4654 
from what i experimented so far with building a container from scratch, and trying to run it on an rb960pg (mipsbe) i can tell:
- if it stucks at status extracting, there is something wrong with the container image (tar file)
- if it does not start but extracts fine, container image seems ok but there is something wrong with the binaries within the container or the container was built/saved on wrong architecture.
- comparing architectures, with a container built on mips64 or mipsel i get stacktrace with signal 11 (SIGSEGV - Segmentation violation)
- saving the built container from a mips32 system i get signal 17 (SIGUSR2 - User-defined signal 2) stacktrace.

so not only the architecture has to match (what is clear to me), but also the build-tools have to match i guess?
i am trying to build the container on a qemu-mips (malta) VM running openwrt 21.02, which uses musl toolchain afaik.
the binaries which run fine in openwrt on mips32 seem not to work in the container on the rb960.
does anybody know what toolchain must be used for binaries in a container to run on a rb960pg (mipsbe) ?
 
User avatar
Amm0
Member Candidate
Member Candidate
Posts: 153
Joined: Sun May 01, 2016 7:12 pm
Location: California
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Oct 07, 2021 6:23 pm

I find interesting the possibility of running a RouterOS container (stable ROS version) inside your own router (development ROS version).
Well, this is essentially how it all started on old MikroTik models that offered "MetaROUTER" where you could run either RouterOS or another image.
This fell out of attention as later architectures do not offer it, and the current Docker support is more or less a successor of that.
What's old is new again. Mikrotik was ahead of it's time with MetaROUTER. And, yet still people wanting to run a full Linux distro with stuff PBX etc. But with MetaROUTER, the Wiki had a clear description of how to use with ROS – that's missing in v7 Containers IMO.

Just saying ROS-on-ROS is could be simplier for stuff like VRF, and likely good example of "SDN" potential of Containers. Since there are no examples of any containers for TILE, if Mikrotik had some examples of getting ROS in a working container, that be a good place to know if anyother container could on some hardware platform.
 
fakejuke
just joined
Posts: 2
Joined: Tue Oct 05, 2021 9:10 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Oct 08, 2021 10:55 pm

Hello! Tried pihole and iperf on my ac3 with external usb flash. Both stuck on "extracting". Any ideas?
Tried to create .tar in Linux invironment (instead of windows 10) and everything works!
 
vchrizz
just joined
Posts: 16
Joined: Sun Jul 10, 2016 11:07 am
Location: Austria, Vienna
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 11, 2021 9:20 pm

First I was using openwrt images (mips_24kc-21.02.0 tag on https://hub.docker.com/r/openwrtorg/rootfs) . However, I suspect something about their init system is causing the 100% cpu usage. Now I'm rolling my own images based on openwrt but without their init system.
sorry, i overlooked that comment.
many many thanks for that information! based on that i also could finally get a container to work. based on that container i built my own container.
I have just been making tarballs of the root fs and then using
docker import 
and
docker export
to add the necessary metadata
i tried that but maybe i did something wrong because this didnt work for me, but based on the mips_24kc-21.02.0 openwrt container i could create a container myself and build it with "docker build -t mytag ." then "docker save mytag > mytag.tar" to use the tar file on the router.

so i got a working container on a rb960pgs which is really nice!

just giving feedback:
following things i noticed are not (yet) working correctly, but i guess they will be fixed in future ROS versions:
  • "sometimes" after stopping a container the file autosupout.rif is written and then starting a container is not possible any more until the router is rebootet. (in autosupout.rif i see signal 11 in the log)
  • when the container is running, after a usual reboot of the router, the container store and the tar-file/image is lost, but the configuration is still there, so i have to remove the container, upload the image and add it again.
  • are containers started automatically after router reboot? (assuming the previous mentioned problem is fixed)
  • "sometimes" i have to "/container/start number=0" more than once until the container starts correctly although nothing changed and i just uploaded the image again and re-added the container. looking in supout.rif i see signal 17 as described before.

thanks for this great feature, keep it up!
 
Janosch
just joined
Posts: 2
Joined: Thu Sep 10, 2015 4:58 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Oct 13, 2021 12:43 pm

Is it possible to get access to devices connected to the USB Bus from within Docker?
(=run Docker in piviledged mode?)
If yes, could you please post an example?

So I could interact with USB devices (IE Serial devices) from within Docker?

Thanks
Janosch
 
r00t
Member
Member
Posts: 478
Joined: Tue Nov 28, 2017 2:14 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Oct 13, 2021 3:18 pm

No, because entire point of having docker is to isolate it from rest of the ROS environment.
Maybe sharing USB block devices with docker container can be added as a feature later...

But for now you can use following workaround:
Set up serial port server(s) in ROS and then you can access your USB serial ports over TCP/IP, ie. even from the container.
As long as it's just serial port (and not some other device that would require libusb access) it should work without problems.
 
User avatar
deadkat
newbie
Posts: 38
Joined: Sun Nov 15, 2020 11:14 pm
Location: Alabama, USA

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Oct 14, 2021 4:57 pm

I would like it if containers didn't have to be placed behind NAT....

Please Mikrotik, at least add the ability to use host networking. others would be potentially useful but limiting us to only bridge networking limits what can be done inside a container running on a mikrotik device. https://docs.docker.com/network/#network-drivers
MTCNA, MTCRE
 
rplant
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Fri Sep 29, 2017 11:42 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Oct 15, 2021 4:43 am

Avahi (mdns Reflector)

Hap AC^2 (256M)

It took a while to get working, but I was able to build an Avahi container. Using the cross build instructions at

https://hub.docker.com/r/taoyou/iperf3-alpine

And the avahi container at

https://github.com/flungo-docker/avahi

It came out a bit over 8M in size, so quite big.

It uses a couple of vlans (Vlan setup currently hard coded in the tar file) on it's veth to connect to the local networks.

It is configured as a mdns reflector.

While working out how to make it work, I used netcat from openwrt to provide a couple of cli sessions. The cli is very basic but works, (You need 2 for when you break one) Probably should learn how to setup a dropbear.

I used 7zip on my desktop to open the tar file, and edit config files, and insert the executables (netcat binary and runcat2.sh script)

It seems to work ok.
Not sure I really want it now though :(
 
mankomal
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Fri Nov 24, 2006 8:56 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 18, 2021 6:40 am

Hey,
tried to run pi-hole on CHR getting this
 (445): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)

[api@RouterOS] > container envs/pri
 0 list="pihole" name="TZ" value="Asia/Kolkata" 

 1 list="pihole" name="Server IP" value="172.16.10.2" 

 2 list="pihole" name="WEBPASSWORD" value="password" 
[api@RouterOS] > container/print 
 0 file=pihole.tar name="471a7373-e48f-480b-aca2-7c7ee7195241" 
   tag="pihole/pihole:latest" os="linux" arch="amd64" interface=veth1 
   envlist="pihole" mounts="" dns="" hostname="PiHole" logging=yes 
   status=stopped 
[api@RouterOS] > 
[api@RouterOS] > system resource prin
                   uptime: 2m41s
                  version: 7.1rc4 (testing)
               build-time: Sep/20/2021 10:18:44
              free-memory: 14.1MiB
             total-memory: 96.0MiB
                      cpu: Intel(R)
                cpu-count: 1
            cpu-frequency: 2599MHz
                 cpu-load: 1%
           free-hdd-space: 1416.3MiB
          total-hdd-space: 2038.1MiB
  write-sect-since-reboot: 1320
         write-sect-total: 1321
        architecture-name: x86_64
               board-name: CHR
                 platform: MikroTik
Any idea what could be the problem?
 
mankomal
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Fri Nov 24, 2006 8:56 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 18, 2021 6:46 am

Hey,
tried to run pi-hole on CHR getting this
 (445): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)

[api@RouterOS] > container envs/pri
 0 list="pihole" name="TZ" value="Asia/Kolkata" 

 1 list="pihole" name="Server IP" value="172.16.10.2" 

 2 list="pihole" name="WEBPASSWORD" value="password" 
[api@RouterOS] > container/print 
 0 file=pihole.tar name="471a7373-e48f-480b-aca2-7c7ee7195241" 
   tag="pihole/pihole:latest" os="linux" arch="amd64" interface=veth1 
   envlist="pihole" mounts="" dns="" hostname="PiHole" logging=yes 
   status=stopped 
[api@RouterOS] > 
[api@RouterOS] > system resource prin
                   uptime: 2m41s
                  version: 7.1rc4 (testing)
               build-time: Sep/20/2021 10:18:44
              free-memory: 14.1MiB
             total-memory: 96.0MiB
                      cpu: Intel(R)
                cpu-count: 1
            cpu-frequency: 2599MHz
                 cpu-load: 1%
           free-hdd-space: 1416.3MiB
          total-hdd-space: 2038.1MiB
  write-sect-since-reboot: 1320
         write-sect-total: 1321
        architecture-name: x86_64
               board-name: CHR
                 platform: MikroTik
Any idea what could be the problem?
This is the complete log that comes:
Oct/18/2021 09:14:06 container,info,debug [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
Oct/18/2021 09:14:07 container,info,debug [s6-init] ensuring user provided files have correct perms...exited 0.
Oct/18/2021 09:14:07 container,info,debug [fix-attrs.d] applying ownership & permissions fixes...
Oct/18/2021 09:14:07 container,info,debug [fix-attrs.d] 01-resolver-resolv: applying... 
Oct/18/2021 09:14:07 container,info,debug [fix-attrs.d] 01-resolver-resolv: exited 0.
Oct/18/2021 09:14:07 container,info,debug [fix-attrs.d] done.
Oct/18/2021 09:14:07 container,info,debug [cont-init.d] executing container initialization scripts...
Oct/18/2021 09:14:07 container,info,debug [cont-init.d] 20-start.sh: executing... 
Oct/18/2021 09:14:08 container,info,debug  ::: Starting docker specific checks & setup for docker pihole/pihole
Oct/18/2021 09:14:09 container,info,debug 
Oct/18/2021 09:14:09 container,info,debug   [i] Installing configs from /etc/.pihole...
Oct/18/2021 09:14:09 container,info,debug   [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
Oct/18/2021 09:14:09 container,info,debug   [i] Installing /etc/dnsmasq.d/01-pihole.conf...
[K  [✓] Installed /etc/dnsmasq.d/01-pihole.conf
Oct/18/2021 09:14:09 container,info,debug   [i] Installing /etc/.pihole/advanced/06-rfc6761.conf...
[K  [✓] Installed /etc/dnsmasq.d/06-rfc6761.conf
Oct/18/2021 09:14:14 container,info,debug Existing DNS servers detected in setupVars.conf. Leaving them alone
Oct/18/2021 09:14:14 container,info,debug ::: Pre existing WEBPASSWORD found
Oct/18/2021 09:14:14 container,info,debug DNSMasq binding to default interface: eth0
Oct/18/2021 09:14:14 container,info,debug Added ENV to php:
Oct/18/2021 09:14:14 container,info,debug 			"PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",
Oct/18/2021 09:14:14 container,info,debug 			"ServerIP" => "0.0.0.0",
Oct/18/2021 09:14:14 container,info,debug 			"CORS_HOSTS" => "",
Oct/18/2021 09:14:14 container,info,debug 			"VIRTUAL_HOST" => "0.0.0.0",
Oct/18/2021 09:14:14 container,info,debug Using IPv4 and IPv6
Oct/18/2021 09:14:14 container,info,debug ::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))
Oct/18/2021 09:14:14 container,info,debug https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
Oct/18/2021 09:14:15 container,info,debug ::: Testing pihole-FTL DNS: FTL started!
Oct/18/2021 09:14:18 container,info,debug ::: Testing lighttpd config: Syntax OK
Oct/18/2021 09:14:18 container,info,debug ::: All config checks passed, cleared for startup ...
Oct/18/2021 09:14:18 container,info,debug ::: Enabling Query Logging
Oct/18/2021 09:14:19 container,info,debug   [i] Enabling logging...
Oct/18/2021 09:14:19 container,info,debug 
[K  [✓] Logging has been enabled!
Oct/18/2021 09:14:19 container,info,debug  ::: Docker start setup complete
Oct/18/2021 09:14:19 container,info,debug   Checking if custom gravity.db is set in /etc/pihole/pihole-FTL.conf
Oct/18/2021 09:14:19 container,info,debug   Pi-hole version is v5.5 (Latest: v5.5)
Oct/18/2021 09:14:19 container,info,debug   AdminLTE version is v5.7 (Latest: v5.7)
Oct/18/2021 09:14:20 container,info,debug   Current FTL version is v5.10.2
Oct/18/2021 09:14:20 container,info,debug   Container tag is: 2021.10
Oct/18/2021 09:14:20 container,info,debug [cont-init.d] 20-start.sh: exited 0.
Oct/18/2021 09:14:20 container,info,debug [cont-init.d] done.
Oct/18/2021 09:14:20 container,info,debug [services.d] starting services
Oct/18/2021 09:14:20 container,info,debug [services.d] done.
Oct/18/2021 09:14:20 container,info,debug Starting pihole-FTL (no-daemon) as root
Oct/18/2021 09:14:20 container,info,debug Starting lighttpd
Oct/18/2021 09:14:20 container,info,debug Starting crond
Oct/18/2021 09:14:29 container,info,debug Mon Oct 18 03:44:29 2021 (423): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)
Oct/18/2021 09:14:34 container,info,debug Mon Oct 18 03:44:34 2021 (424): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)
Oct/18/2021 09:14:38 container,info,debug Mon Oct 18 03:44:38 2021 (425): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)
after this CHR becomes unresponsive and reboots with a 'kernel panic'
 
User avatar
frank333
Member Candidate
Member Candidate
Posts: 245
Joined: Mon Dec 18, 2017 12:17 pm
Location: S.Marino Router model: RB3011UiAS-RM

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 18, 2021 9:29 am

having memory, there is portainer.io, should be installed as a normal docker image, and provides a simple graphical interface to install all the images you want. you can customize the run commands, extensions, ports, volumes, etc..
 
vchrizz
just joined
Posts: 16
Joined: Sun Jul 10, 2016 11:07 am
Location: Austria, Vienna
Contact:

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 18, 2021 3:59 pm

is it on purpose, that there is no container package for SMIPS architecture or was it just forgotten?
on all architectures i can find the container package in the all_packages-*-7.1rc4.zip file but not for SMIPS ?
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 18, 2021 4:18 pm

is it on purpose, that there is no container package for SMIPS architecture or was it just forgotten?
on all architectures i can find the container package in the all_packages-*-7.1rc4.zip file but not for SMIPS ?
There is no SMIPS device with enough RAM to allow the use of Docker containers...
 
zandhaas
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Tue Dec 11, 2018 11:02 pm
Location: The Netherlands

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Oct 19, 2021 4:41 pm

Hey,
tried to run pi-hole on CHR getting this
 (445): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)
I saw the same error the first time I tried to start the container.
I checked the amount of memory I gave the CHR (128MB). I changed the amount of memeory to 1GB and after that the container seems to start.

Now I need to find out why I'm not able to connect to the GUI (172.18.0.2/admin).
 
devboi
just joined
Posts: 1
Joined: Tue Oct 19, 2021 8:59 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Tue Oct 19, 2021 9:09 pm

Has anybody been able to get a container virtual interface to sniff network traffic? I have a container running and the application says it's capturing but would love to figure out how to best route traffic to the interface on the CHR.
 
mankomal
Frequent Visitor
Frequent Visitor
Posts: 76
Joined: Fri Nov 24, 2006 8:56 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Oct 20, 2021 6:05 am

Hey,
tried to run pi-hole on CHR getting this
 (445): Fatal Error Unable to allocate shared memory segment of 134217728 bytes: shmget: Function not implemented (38)
I saw the same error the first time I tried to start the container.
I checked the amount of memory I gave the CHR (128MB). I changed the amount of memeory to 1GB and after that the container seems to start.

Now I need to find out why I'm not able to connect to the GUI (172.18.0.2/admin).
Thanks mate,
Increasing the RAM to 2GB worked for me, was quite an oversight from my side.
If your IP is routed then it should open on 172.18.0.2 I did not face any such problem,
Check if the lighthttpd service is starting in the logs
 
zandhaas
Frequent Visitor
Frequent Visitor
Posts: 57
Joined: Tue Dec 11, 2018 11:02 pm
Location: The Netherlands

Re: v7.1rc3 adds Docker (TM) compatible container support

Wed Oct 20, 2021 9:42 am

When I was at home last evening it worked for me also.
 
tobber
just joined
Posts: 3
Joined: Fri Nov 06, 2020 12:29 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Oct 21, 2021 1:20 pm

Enable SysV IPC support. Shared Memory (SHM) is not enabled and (/dev/shm) is missing

Looks like it is not enabled in the kernel:
- kernel not configured for message queues
- kernel not configured for semaphores
- kernel not configured for shared memory

11:54:06 container,info,debug Filesystem Size Used Available Use% Mounted on
11:54:06 container,info,debug ubi1:RouterOS 437.1M 164.9M 267.5M 38% /
11:54:06 container,info,debug tmpfs 64.0M 0 64.0M 0% /dev

Containers using shared memory e.g. Zabbix Proxy can't run as of now. Please enable.

https://docs.docker.com/engine/referenc ... ings---ipc

The Linux kernel default configuration normally enables SysV IPC support. If the SysV IPC is not supported in your Linux kernel, you need to configure your kernel source with the CONFIG_SYSVIPC set to enable SysV IPC facilities. You need to rebuild your kernel after changing the configuration.

The SysV IPC facilities are widely used throughout various Linux applications. For example, some database applications create shared memory segments for data sharing. The Linux kernel dynamically allocates memory for IPC objects whenever a new IPC resource is requested.
 
pe1chl
Forum Guru
Forum Guru
Posts: 7796
Joined: Mon Jun 08, 2015 12:09 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Thu Oct 21, 2021 3:41 pm

But wouldn't most applications have several options for this and possibly autodetect the availability during ./configure?
When you cross-compile an application for another platform you should be careful to check that this process works right, and maybe do something like:
./configure --without-sysv-ipc
 
jult
just joined
Posts: 21
Joined: Sat Dec 26, 2020 1:16 am

Re: v7.1rc3 adds Docker (TM) compatible container support

Fri Oct 22, 2021 6:11 pm

Just an FYI for people running PPC devices, like the RB850Gx2 and similar, the docker sadly is not available for you.. Found that out, crushing my hopes of running pihole on a MT router.
RB4011iGS+5HacQ2HnD / RBMetalG-52SHPacn / RB850Gx2 / CSS106-1G-4P-1S
 
mystichussar
just joined
Posts: 13
Joined: Mon Oct 04, 2021 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Sat Oct 23, 2021 4:26 pm

Hi! Followed guide from 1st post of this thread. After reboot found this in logs:

Image

And this:

Image

Can you please tell me what I am doing wrong?
 
infabo
Member Candidate
Member Candidate
Posts: 189
Joined: Thu Nov 12, 2020 12:07 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 25, 2021 3:11 pm

you need to create a veth interface. name=veth1 in your case apparently.
 
mystichussar
just joined
Posts: 13
Joined: Mon Oct 04, 2021 10:23 pm

Re: v7.1rc3 adds Docker (TM) compatible container support

Mon Oct 25, 2021 7:32 pm

@infabo I said I followed guide from the first post, which has the following:
[admin@MikroTik] > /interface/veth/add name=veth1 address=172.17.0.2/16 gateway=172.17.0.1
[admin@MikroTik] > /interface/bridge/add name=docker
[admin@MikroTik] > /ip/address/add address=172.17.0.1/16 interface=docker
[admin@MikroTik] > /interface/bridge/port add bridge=docker interface=veth1
Do I miss smth?

Who is online

Users browsing this forum: Amazon [Bot], DevTek and 6 guests