Setting a mac address in a docker_container

bdeluca · July 17, 2024, 11:44am

Hi!, new to ansible taking over some one elses work, and I am having some difficulty setting a mac address in a docker container tasks.

Whilst code I am working with is much compex, I have made this simplier version that causes the issue to happen.

I run the playbook the container is built and runs but the mac address is wrong.

docker inspect my_container | grep MacAddress
            "MacAddress": "",
                    "MacAddress": "02:42:ac:12:00:02",

The playbook looks like this, I am aware of this ticket with the same issue ( docker_container: mac_address not respected · Issue #64555 · ansible/ansible (github.com)), and I believe the defaults now should mean that it functions with out me by default by setting the values explicitly. But even when I have tried setting. networks_cli_compatible=true and network_mode: custom_network. it still fails to set the mac address

 ---
  - hosts: my-host
    tasks:
      - name: Pull the latest Ubuntu image
        docker_image:
          name: ubuntu
          tag: latest
          source: pull
      - name: Create a custom Docker network
        docker_network:
          name: custom_network
          driver: bridge
      - name: Create a Docker container with a specific MAC address
        docker_container:
          name: my_container
          image: ubuntu:latest
          state: started
          networks:
            - name: custom_network
              mac_address: "02:42:ac:11:65:43"
          command: /bin/bash -c "while true; do sleep 1000; done"

Thanks for your advice and support!

felixfontein · July 17, 2024, 2:02pm

Did you manage to set it with the Docker CLI tool? If yes, how?

(If you are looking for the container’s “global” MAC address: that has been deprecated since Docker API 1.44 and you can no longer set it with any means. You can only set MAC addresses for specific network interfaces, which you already successfully did. See docker_container: mac_address no longer works with Docker API v1.44+ by felixfontein · Pull Request #764 · ansible-collections/community.docker · GitHub / Sign in to GitHub · GitHub)

bdeluca · July 18, 2024, 6:00am

Hi,
Yes, I can send the mac address via the docker command line and also through compose files. The global mac address is deprecated and but it still works both on the docker command line and in ansible. But I am trying to not use the method as it is deprecated.

The new method is to set it in the networks option after defining a custom network. I did that in my example, in your response you said I successfully set it, but you can see I requested, “02:42:ac:11:65:43” but received a different mac address “02:42:ac:12:00:02”.

I don’t think there is anything wrong with my syntax, and I think this is a bug. The bug report page says to ask for help here before reporting a bug. Can anyone tell me what I am doing wrong or confirm this behaviour is unexpected?

felixfontein · July 18, 2024, 6:54am

The behavior is indeed unexpected, the module is passing the requested MAC address on to the Docker daemon but for some reason it is not set. It is set by Compose though, so it would be interesting to find out what the difference between the two methods is…

bdeluca · July 18, 2024, 1:12pm

When I looked at the debug information, I can see it being set, but its not being sent to docker.

This is worth a bug report right? I am not just doing it wrong.

I should note I am running compose by hand.

felixfontein · July 18, 2024, 4:12pm

How did you see that? I looked at the body of the POST to connec the container to the network, and it is included there - but it’s still not set.

Yes, definitely.

felixfontein · July 18, 2024, 9:29pm

I tracked this down to a problem with the Docker Daemon: if a container is attached to a network with Docker Engine API v1.44 Reference, then it ignores the provided MAC address. If the container is created with a list of networks provided (Docker Engine API v1.44 Reference with NetworkingConfig provided), then the provided MAC address is used.

The docker_container module so far created the container without attaching the networks, and then attached the networks in a second step. That causes the difference between the module and Compose that you experienced.

(I also noticed that Compose always recreates the container if the network config changes, even if simply attaching/detaching from a network would suffice. So it will never run into this bug…)

bdeluca · July 19, 2024, 11:00am

I am super new with ansible, this is week one. I am going to defer to your opinion, I am likely reading information incorrectly.

bdeluca · July 19, 2024, 11:32am

I created a ticket here.

Setting a mac address in a docker_container isnt respected · Issue #83631 · ansible/ansible (github.com)

felixfontein · July 19, 2024, 10:08pm

That ticket got closed since that repository is for ansible-core, and not for community.docker. The correct repository is GitHub - ansible-collections/community.docker: Community Docker Collection for Ansible: modules and plugins for working with Docker.

felixfontein · July 20, 2024, 8:06am

I’ve created a PR that should fix the problem on community.docker’s side as much as possible, by basically doing what Compose does in case of container creation. For idempotency (adding networks that aren’t there yet) it isn’t possible due to the Docker bug.