How to run MCC in Docker container?

There are multiple scenarios of how you want to run MCC in Docker container.

Scenario 1: Host network

In this scenario we use Docker image as an alternative to system packages to install and update MCC. In this case MCC uses host network.

docker run \
    --rm \
    --volume /etc/mcc:/etc/mcc \
    --device /dev/net/tun \
    --cap-add NET_ADMIN \
    --network host \
    --env DOCKER_MCC_DNSMASQ_LISTEN_ADDRESS=127.0.0.1 \
    --name mcc \
    registry.staex.io/staex/mcc:latest

To be able to resolve node ids into IP addresses add nameserver 127.0.0.1 to /etc/resolv.conf.

Scenario 2: Network of another container

In this scenario we add MCC Docker container to the network namespace of another container to enable access to MCC network. In this case MCC uses the network of target container.

docker run \
    --rm \
    --volume /etc/mcc:/etc/mcc \
    --device /dev/net/tun \
    --cap-add NET_ADMIN \
    --network container:CONTAINER_NAME \
    --name mcc \
    registry.staex.io/staex/mcc:latest

Here CONTAINER_NAME is the name of the target container.

Dnsmasq configuration

MCC Docker image contains Dnsmasq that is configured to resolve MCC node ids and Internet DNS names. Environment variables control how Dnsmasq is configured. You can specify them using --env argument of docker command.

DOCKER_MCC_DNSMASQ

Enable/disable Dnsmasq integration. Specify 1 to enable, 0 to disable. Enabled by default.

DOCKER_MCC_DNSMASQ_LISTEN_ADDRESS

Dnsmasq listen address. The default is 0.0.0.0. This option is useful to bind Dnsmasq to loopback address when using host network.

DOCKER_MCC_DNSMASQ_SERVERS

Space-separated list of DNS servers that are used to resolve Internet domain names. The default is 9.9.9.9.

If environment variables do not work for you, alternative Dnsmasq configuration file can be mounted to the container as a volume.

docker run \
...
    --volume /etc/my-dnsmasq.conf:/etc/dnsmasq.d/my-dnsmasq.conf \
...