From 38cd5bacee3e7a957606f801e246ecc7a9b61590 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Fri, 13 Dec 2019 18:07:12 +0100 Subject: [PATCH] Intro a new blog article --- .../how-to-enable-ipv6-in-docker/contents.lr | 77 +++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 content/u/blog/how-to-enable-ipv6-in-docker/contents.lr diff --git a/content/u/blog/how-to-enable-ipv6-in-docker/contents.lr b/content/u/blog/how-to-enable-ipv6-in-docker/contents.lr new file mode 100644 index 0000000..433fdb9 --- /dev/null +++ b/content/u/blog/how-to-enable-ipv6-in-docker/contents.lr @@ -0,0 +1,77 @@ +title: How to enable IPv6 in docker +--- +pub_date: 2019-12-13 +--- +author: ungleich virtualisation team +--- +twitter_handle: ungleich +--- +_hidden: no +--- +_discoverable: yes +--- +abstract: +The first step to enable docker containers with IPv6 +--- +body: + +If you are like us and like to do fun things with IPv6 and if you also +like to run docker containers, then this article is for you. + +## Enabling IPv6 in docker + +Recent docker versions just need to have the **ipv6** flag and an IPv6 +network specfied in the **daemon.json**. This might look as follows: + +``` +{ + "ipv6": true, + "fixed-cidr-v6": "your-ipv6-network-here" +} +``` + +This configuration needs to be placed in **/etc/docker/daemon.json**. + +## Selecting the right IPv6 network + +In the IPv6 world we usually say, "just take a /64 for +everything". And while we will never create 18446744073709551616 +containers on one host, we will just follow this dogma and use +a /64 for docker. + +Why would we do this? One of the big advantages of IPv6 is that things +get simpler. Instead of using a tiny network like a /120 that is +suitable for 256 containers, we always choose a /64. This way we don't +have to use our brain power on choosing the network size or to +eventually later resize the network. + +If you have a /48 assigned to your host (like when you use the +[IPv6VPN](https://IPv6VPN.ch)), you can basically use **any** of the +65'536 networks that are available. We like to remember names so we +usually take the **b00** network for containers (b00 as in the sound a +ghost makes when flying around). + +So if your main /48 network was for instance 2a0a:e5c1:137::/48, we +would use *2a0a:e5c1:137:b00::/64* and the daemon.json configuration file +would look as follows: + +``` +{ + "ipv6": true, + "fixed-cidr-v6": "2a0a:e5c1:137:b00::/64" +} +``` + +After adding this configuration, you will also need to restart the +docker daemon. After that, your containers should be using IPv6. + +## IPv6++ + +If you want to learn more about IPv6 or how to secure your docker +containers, stay tuned for the next blog posts, which will explain on +how to secure access to your docker containers. + +In the mean time, you can also join the IPv6 discussion on +[IPv6.Chat](https://IPv6.chat) or if you want to spawn your docker +containers on a VM, you can do so on +[IPv6OnlyHosting.com](https://IPv6OnlyHosting.com).