Skip to content

feat(docker-new): enable lo multicast and DDS sysctl tuning at startup#7021

Merged
xmfcx merged 1 commit intomainfrom
feat/docker-new-dds-tuning
Apr 15, 2026
Merged

feat(docker-new): enable lo multicast and DDS sysctl tuning at startup#7021
xmfcx merged 1 commit intomainfrom
feat/docker-new-dds-tuning

Conversation

@xmfcx
Copy link
Copy Markdown
Contributor

@xmfcx xmfcx commented Apr 15, 2026
edited
Loading

  • Enable multicast on the loopback interface so Cyclone/FastDDS discovery works when traffic is pinned to lo.
  • Apply the DDS system-wide network tuning (net.core.rmem_max, net.ipv4.ipfrag_time, net.ipv4.ipfrag_high_thresh) at container startup.
  • All calls are guarded with || true so containers without NET_ADMIN / --privileged still start cleanly.

Why

The DDS tuning docs ask every user to apply these sysctls manually on the host, and loopback multicast is off by default on most distros. Doing it inside the entrypoint means the docker-new image works out of the box for single-host DDS without extra setup steps, while gracefully degrading when capabilities are missing.

Test plan

  • Pull a prebuilt image (or build locally via docker buildx bake -f docker-new/docker-bake.hcl base): 
    docker pull ghcr.io/autowarefoundation/autoware-new:base-jazzy
  • Run privileged and confirm settings were applied: 
    docker run --rm --privileged ghcr.io/autowarefoundation/autoware-new:base-jazzy bash -c "ip -d link show lo | grep -i multicast && sysctl net.core.rmem_max net.ipv4.ipfrag_time net.ipv4.ipfrag_high_thresh"
    Expect MULTICAST flag on lo and values 2147483647, 3, 134217728.
  • Run unprivileged and confirm container still starts (sysctls silently skipped): 
    docker run --rm ghcr.io/autowarefoundation/autoware-new:base-jazzy bash -c "echo entrypoint ok"
    Expect entrypoint ok with no fatal errors from the sysctl / ip link calls.
  • Smoke test ROS 2 multicast discovery on loopback inside the container (two terms, ros2 topic pub / ros2 topic echo with ROS_LOCALHOST_ONLY=1).

@xmfcx
feat(docker-new): enable lo multicast and DDS sysctl tuning at startup
b9370a3 
Apply the DDS network-tuning steps from the Autoware docs inside the
container at entrypoint so they take effect in its own network
namespace. Best-effort: silently skipped when the container lacks
CAP_NET_ADMIN.

Signed-off-by: Mete Fatih Cırıt <mfc@autoware.org>
@xmfcx xmfcx requested a review from mitsudome-r as a code owner April 15, 2026 14:12
@xmfcx xmfcx self-assigned this Apr 15, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 15, 2026

Thank you for contributing to the Autoware project!

🚧 If your pull request is in progress, switch it to draft mode.

Please ensure:

@xmfcx xmfcx added the run:health-check Run health-check label Apr 15, 2026
@xmfcx xmfcx merged commit 5fb59a1 into main Apr 15, 2026
22 of 23 checks passed
@xmfcx xmfcx deleted the feat/docker-new-dds-tuning branch April 15, 2026 16:23
@tier4-autoware-public-bot tier4-autoware-public-bot Bot mentioned this pull request Apr 16, 2026
Open
@xmfcx xmfcx mentioned this pull request Apr 20, 2026
Merged
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mitsudome-r mitsudome-r mitsudome-r approved these changes

Assignees

@xmfcx xmfcx

Labels

run:health-check Run health-check

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@xmfcx @mitsudome-r