Using DRONE_RUNNER_NETWORKS results in random default gateway

Created a docker network as

docker network create -d macvlan -o parent=br0 --subnet 162.38.80.0/21 --gateway 162.38.80.1 --ip-range 162.38.85.0/28 fds

Configured docker-runner with DRONE_RUNNER_NETWORKS=fds
Then run .drone.yml

---
kind: pipeline
type: docker
name: ansible

platform:
  os: linux
  arch: amd64

- name: build
  image: docker:latest
  volumes:
  - name: dockersock
    path: /var/run/docker.sock
  commands:
    - docker pull ubuntu:bionic
    - docker build --no-cache -t ubuntu:fds -f docker/Dockerfile .

- name: test
  image: ubuntu:fds
  pull: if-not-exists
  commands:
    - apt install dnsutils netcat net-tools -y
    - ifconfig
    - route -n

volumes:
- name: dockersock
  host:
    path: /var/run/docker.sock

First run

Results in fds network to be picked up as eth0 and default gateway

+ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 162.38.85.1  netmask 255.255.248.0  broadcast 162.38.87.255
        ether 02:42:a2:26:55:01  txqueuelen 0  (Ethernet)
        RX packets 1254  bytes 4622389 (4.6 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1176  bytes 80995 (80.9 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.176.2  netmask 255.255.240.0  broadcast 192.168.191.255
        ether 02:42:c0:a8:b0:02  txqueuelen 0  (Ethernet)
        RX packets 9  bytes 766 (766.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 4  bytes 547 (547.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 547 (547.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

+ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         162.38.80.1     0.0.0.0         UG    0      0        0 eth0
162.38.80.0     0.0.0.0         255.255.248.0   U     0      0        0 eth0
192.168.176.0   0.0.0.0         255.255.240.0   U     0      0        0 eth1

Second run

Results in default network to be picked up as eth0 and default gateway

+ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.192.2  netmask 255.255.240.0  broadcast 192.168.207.255
        ether 02:42:c0:a8:c0:02  txqueuelen 0  (Ethernet)
        RX packets 1172  bytes 4621761 (4.6 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1156  bytes 79711 (79.7 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 162.38.85.0  netmask 255.255.248.0  broadcast 162.38.87.255
        ether 02:42:a2:26:55:00  txqueuelen 0  (Ethernet)
        RX packets 60  bytes 3992 (3.9 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 4  bytes 547 (547.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 547 (547.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

+ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.192.1   0.0.0.0         UG    0      0        0 eth0
162.38.80.0     0.0.0.0         255.255.248.0   U     0      0        0 eth1
192.168.192.0   0.0.0.0         255.255.240.0   U     0      0        0 eth0

I need 162.38.80.1 as default gateway.
Now it’s randomly selected.

Solutions

It would be great to be able

• To remove the default network with a trigger as DRONE_RUNNER_NETWORKS=", fds" or a new var DRONE_RUNNER_NO_DEFAULT_NETWORK=true
• To hardcode interface order as DRONE_RUNNER_NETWORKS="fds, default" to let me ajust manually default gateway with route -n inside the container
  EDIT : impossible to change running container’s default route with route

+ route del default && route add default gw 162.38.80.1
SIOCDELRT: Operation not permitted

• To be able to select which networks attached to a pipeline’s step, because in my case, i don’t need that “fds” network on all pipelines nor all steps, only on one of them, so this would be great

kind: pipeline
type: docker
name: ansible

steps:
- name: build
  image: ubuntu:bionic
  networks:
  - fds
  - default
  commands:
  - route -n

Thanks for reading

EDIT
Related :

• https://stackoverflow.com/questions/36882945/change-default-route-in-docker-container
• https://github.com/moby/moby/issues/21741#issuecomment-210090728

I see in : Can the pipeline container share the network with the host
That there exist an undocumented network_mode option.
Maybe it can be usefull to add a value disabled

pipeline:
  build:
    image: foo
    network_mode: disabled

EDIT - Related : [SOLVED] Deployment phase: Drone turning up another docker network

As we can’t change default gateway, in any way, neither we can control which network is attached, this is a bug and needs to be in appropriate category.

There isn’t, for now, any way to get a non random default gateway when using DRONE_RUNNER_NETWORKS

Workaround is to set privileged mode and to change route manually in commands

- name: test
  image: ubuntu:fds
  privileged: true
  pull: if-not-exists
  commands:
    - apt install net-tools -y && route del default && route add default gw 162.38.80.1