rarias/jungle
2
0
Fork 3
Code Issues 62 Pull Requests 10 Actions Packages Projects Releases Wiki Activity

Use host mode for docker network #235

Manually merged
rarias merged 1 commits from docker-tc1 into master 2026-03-05 15:38:02 +01:00
Conversation 2 Commits 1 Files Changed 1 +1
rarias commented 2026-03-05 15:08:49 +01:00
Owner
Copy Link

In order to reduce the traffic of the secondary Ethernet device we need
to be able to directly use the physical device instead of the virtual
one. For now use the host mode and see later if we can revert it.

In order to reduce the traffic of the secondary Ethernet device we need to be able to directly use the physical device instead of the virtual one. For now use the host mode and see later if we can revert it.
rarias added 1 commit 2026-03-05 15:08:49 +01:00
Use host mode for docker network
All checks were successful
CI / build:cross (pull_request) Successful in 8s
Details
CI / build:all (pull_request) Successful in 16s
Details
d0a795e52f 
In order to reduce the traffic of the secondary Ethernet device we need
to be able to directly use the physical device instead of the virtual
one. For now use the host mode and see later if we can revert it.
rarias requested review from abonerib 2026-03-05 15:08:53 +01:00
rarias force-pushed docker-tc1 from d0a795e52f to 13bebe6f52 2026-03-05 15:12:13 +01:00 Compare
abonerib approved these changes 2026-03-05 15:13:27 +01:00
abonerib left a comment
Collaborator
Copy Link

LGTM, but I am not sure of the security implications of giving access to the host network to the runner.

LGTM, but I am not sure of the security implications of giving access to the host network to the runner.
rarias commented 2026-03-05 15:28:15 +01:00
Author
Owner
Copy Link

LGTM, but I am not sure of the security implications of giving access to the host network to the runner.

Thanks!, I don't think for our particular setup it causes new problems, but in the future we may want to add more restrictions for general runners. It may be possible to also reduce the traffic speed with tc on the virtual interface but I didn't investigate further.

I would leave it as-is for now as it is needed to do the TC1 tests and address it later when we have a bit more time to review it and do more experiments.

> LGTM, but I am not sure of the security implications of giving access to the host network to the runner. Thanks!, I don't think for our particular setup it causes new problems, but in the future we may want to add more restrictions for general runners. It may be possible to also reduce the traffic speed with tc on the virtual interface but I didn't investigate further. I would leave it as-is for now as it is needed to do the TC1 tests and address it later when we have a bit more time to review it and do more experiments.
👍 1
rarias force-pushed docker-tc1 from 13bebe6f52 to 84a5cb09ee 2026-03-05 15:30:08 +01:00 Compare
rarias manually merged commit 84a5cb09ee into master 2026-03-05 15:38:02 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
abonerib
Labels
Clear labels
bug
ceph
ci
config
cross
hw
io
kernel
mpi
net
nix
ops
repair
slurm
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
abonerib anavarro arocanon varcila rarias
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: rarias/jungle#235
Delete Branch "docker-tc1"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?