basecamp
Allow overriding custom `kamal` network
hey 👋🏻
I'm running a couple of accessories that require host network mode and since v2, Kamnal forces the usage of custom kamal network.
Is there any chance to make this option configurable? These containers do not run behind a proxy anyway so there's no need for them to be discoverable
According to the upgrade guide, the recommendation for customizing the network is to use the docker-setup hook. https://kamal-deploy.org/docs/upgrading/network-changes/
then I would need to create a network called “kamal” with host access, which is far from ideal. i dont want all containers with host access, nor have to deal with port mapping because some containers port clash and host network exposes it all
@djmb I can add a configuration option to change the network if you are okay with this.
then I would need to create a network called “kamal” with host access, which is far from ideal. i dont want all containers with host access, nor have to deal with port mapping because some containers port clash and host network exposes it all
I don't think this would work - it would put the app and proxy containers in a host network as well, and then the proxy won't be able to access the app container by its container ID.
@igor-alexandrov - yes please if you have a chance to add this 👍
We'd add something like network: <name> I guess and then you can set it to network: host?
accessories:
redis:
image: redis:latest
port: 6379
network: host
you can have your accessories on multiple networks, for example for a Typesense cluster, static IPs are required. I solved this by adding:
accessories:
typesense:
options:
network: name=my-custom-net,ip=my-custom-ip
this way the accessory is on the kamal network as well on my-custom-net
I have the same problem - node_explorer for monitoring server require network host.
When setup accessory
node_explorer:
image: quay.io/prometheus/node-exporter:latest
host: <SERVER.IP>
cmd: "--path.rootfs=/host --collector.systemd --collector.processes"
directories:
- /:/host:ro,rslave
options:
net: "host"
pid: "host"
It will not work because kamal force to use own network
docker stderr: docker: conflicting options: cannot attach both user-defined and non-user-defined network-modes.
- I dont think you want to manage monitoring/ops stuff with kamal, kamal should be used for stuff thats application related, use different tools to manage obsevability and other tasks (like ansible)
- are you absolutely sure that node-explorer needs to run on host network?
#1020 this doesn't work :
INFO [797f1108] Running docker run --name my-app --detach --restart unless-stopped --network kamal --network "host" --cap-add "NET_ADMIN *******"
Releasing the deploy lock...
docker stderr: docker: conflicting options: cannot attach both user-defined and non-user-defined network-modes
Run 'docker run --help' for more information
now it's passing --network kamal --network host instead of overriding and only keeping --network host.
I don't think Kamal supports running container on host network, as you noted adding options.network will add aditional networks on top of the kamal network
@honzasterba while most accessories, it's fine to run on kamal network, it's just nice to also be able to run certain containers on the hostnetwork. For example, I had the following with Kamal v1 work fine.
accessories:
newrelic-infra:
image: newrelic/infrastructure:latest
hosts:
- web.host
- db.host
- redis.host
env:
secret:
- NRIA_LICENSE_KEY
volumes:
- /:/host:ro
- /var/run/docker.sock:/var/run/docker.sock
- ...
options:
network: host
cap-add: SYS_PTRACE
pid: host
cgroupns: host
This is no longer working. Question is, why not allow network to be overridden?
