Draft: Utilise anonymouse volumes to seperate between instances #44
Conversation
fisehara
force-pushed
the
docker-scaled-balenaOS-devices
branch
from
f355a12 to
cfac067
Compare
Dockerfile.template
Outdated
| RUN sed -i 's/hosts:.*/hosts:\t\tfiles myhostname mdns4 mdns dns \[NOTFOUND=return\]/g' /etc/nsswitch.conf | ||
| RUN echo -e '.local.\n.local\n'> /etc/mdns.allow | ||
|
|
||
| COPY ./bob.local.pem /usr/share/ca-certificates/ |
There was a problem hiding this comment.
can we just mount in the certificate? or are updating the conf file and running update-ca-certificates necessary for it to be picked up?
There was a problem hiding this comment.
When ot running update-ca-certificates the self-signed certificate is not trusted to fetch the os-config.
There was a problem hiding this comment.
moved into a bob specific dockerfile
docker-compose.yml
Outdated
| # see https://github.com/docker/compose/issues/2847#issuecomment-658999887 | ||
| network_mode: bridge | ||
| extra_hosts: | ||
| - "api.${BOB_TLD} vpn.${BOB_TLD} registry2.${BOB_TLD} delta.${BOB_TLD} s3.${BOB_TLD}:${BOB_IP}" #host and ip |
There was a problem hiding this comment.
same here, we could have a docker-compose.bob.yml that contains these modifications
There was a problem hiding this comment.
I can follow this, thanks. Creating a bob folder and moving docker-compose.yml into bob folder
|
|
||
|
|
||
| ### Question: | ||
| - What could be the difference between 2.48.0 and younger releases |
There was a problem hiding this comment.
I would like to know which meta-balena release breaks this, you seem to have narrowed it down to between 2.48 and 2.50. I see a bunch of seemingly unrelated changes, mostly supervisor bumps.
|
|
||
| Finally I found out, that the resinOS 2.48.0_rev3-intel-nuc image works with .local bob and static name resolution. The 2.68... version used prior was failing to resolve the domain names. | ||
|
|
||
| It's failing already in resinOS version 2.50, thus the linux Kernel 4 to 5 update isn't the root cause. Moreover, the latest supervisor code is working in the old resinOS 2.48 as this is used for the development and debugging. |
There was a problem hiding this comment.
linux Kernel 4 to 5 update
remember that this is a container, so we're not running the kernel here. I don't think anything that the balena-intel layer changed would be the cause for this
latest supervisor code is working in the old resinOS 2.48
if the supervisor implements the mdns broadcast itself in nodejs, it should be independent of the mdns implementation in balenaOS, correct. can we repro this somehow using a simpler application that the SV, a user container that does mdns resolution in the same way should also break in the same way...
fisehara
changed the title
Move systemd to volumes to be able to restart containers. Change-type: patch Signed-off-by: fisehara <harald@balena.io>
fisehara
force-pushed
the
docker-scaled-balenaOS-devices
branch
from
98dac78 to
d3739a4
Compare
Move systemd to volumes to be able to restart containers.
Change-type: patch
Signed-off-by: fisehara harald@balena.io