fix: k3d/LocalStack networking - use shared Docker network and container name

2026-02-03 15:39:07 +08:00 · 2026-01-27 19:49:50 +00:00
parent 8319673c26
commit 258e40d807
5 changed files with 130 additions and 20 deletions
--- a/.github/workflows/cloud-runner-integrity.yml
+++ b/.github/workflows/cloud-runner-integrity.yml
@@ -34,6 +34,8 @@ jobs:
      K3D_NODE_CONTAINERS: 'k3d-unity-builder-agent-0'
      AWS_FORCE_PROVIDER: aws
      RESOURCE_TRACKING: 'true'
+      # LocalStack container name on shared Docker network (for K8s pods to access)
+      LOCALSTACK_HOST: localstack-main
    steps:
      # ==========================================
      # SETUP SECTION
@@ -67,19 +69,27 @@ jobs:
          docker system prune -af --volumes || true
          docker image prune -af || true
          docker volume prune -f || true
+          # Create a shared network for k3d and LocalStack
+          docker network rm cloud-runner-net 2>/dev/null || true
+          docker network create cloud-runner-net || true
          echo "Disk usage after cleanup:"
          df -h
      - name: Start LocalStack (S3) as managed Docker container
        run: |
          echo "Starting LocalStack as managed Docker container..."
-          # Start LocalStack with specific name and resource limits
-          # Note: Using default DATA_DIR to avoid tmpfs mount conflicts
+          # Get host IP for container networking (host.docker.internal equivalent)
+          HOST_IP=$(ip route | grep default | awk '{print $3}')
+          echo "Host gateway IP: $HOST_IP"
+          # Start LocalStack with specific name on the shared network
+          # Use host networking alias so k3d pods can reach it
          docker run -d \
            --name localstack-main \
-            --network bridge \
+            --network cloud-runner-net \
+            --add-host=host.docker.internal:host-gateway \
            -p 4566:4566 \
            -e SERVICES=s3,cloudformation,ecs,kinesis,cloudwatch,logs \
            -e DEBUG=0 \
+            -e HOSTNAME_EXTERNAL=localstack-main \
            localstack/localstack:latest || true
          # Wait for LocalStack to be ready - check both health endpoint and S3 service
          echo "Waiting for LocalStack to be ready..."
@@ -197,15 +207,22 @@ jobs:
      - name: Create k3s cluster (k3d)
        timeout-minutes: 5
        run: |
-          # Create cluster - host.k3d.internal will allow pods to access host services (LocalStack)
+          # Get LocalStack container IP on the shared network
+          LOCALSTACK_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' localstack-main 2>/dev/null || echo "")
+          echo "LocalStack container IP: $LOCALSTACK_IP"
+          # Create cluster on the same network as LocalStack
+          # This allows pods to access LocalStack directly by container name or IP
          k3d cluster create unity-builder \
            --agents 1 \
+            --network cloud-runner-net \
            --wait
          kubectl config current-context | cat
+          # Store LocalStack IP for later use in tests
+          echo "LOCALSTACK_IP=$LOCALSTACK_IP" >> $GITHUB_ENV
      - name: Verify cluster readiness and LocalStack connectivity
        timeout-minutes: 2
        run: |
-          for i in {1..60}; do 
+          for i in {1..60}; do
            if kubectl get nodes 2>/dev/null | grep -q Ready; then
              echo "Cluster is ready"
              break
@@ -217,13 +234,19 @@ jobs:
          kubectl get storageclass
          # Show node resources
          kubectl describe nodes | grep -A 5 "Allocated resources" || true
+          # Get LocalStack IP for connectivity test
+          LOCALSTACK_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' localstack-main 2>/dev/null || echo "")
+          echo "LocalStack container IP: $LOCALSTACK_IP"
          # Test LocalStack connectivity from k3d cluster
          echo "Testing LocalStack connectivity from k3d cluster..."
-          echo "From host (should work):"
+          echo "From host via localhost (should work):"
          curl -s --max-time 5 http://localhost:4566/_localstack/health | head -5 || echo "Host connectivity failed"
-          echo "From k3d cluster via host.k3d.internal:"
-          kubectl run test-localstack --image=curlimages/curl --rm -i --restart=Never --timeout=10s -- \
-            curl -v --max-time 5 http://host.k3d.internal:4566/_localstack/health 2>&1 | head -20 || \
+          echo "From host via container name (should work on shared network):"
+          docker run --rm --network cloud-runner-net curlimages/curl \
+            curl -s --max-time 5 http://localstack-main:4566/_localstack/health 2>&1 | head -5 || echo "Container network test failed"
+          echo "From k3d cluster via LocalStack container IP ($LOCALSTACK_IP):"
+          kubectl run test-localstack --image=curlimages/curl --rm -i --restart=Never --timeout=30s -- \
+            curl -v --max-time 10 http://${LOCALSTACK_IP}:4566/_localstack/health 2>&1 | head -30 || \
            echo "Cluster connectivity test - if this fails, LocalStack may not be accessible from k3d"
      - name: Clean up K8s test resources before tests
        run: |