From 4e0f2b4bfe8b786e0d9b1bdaa4904a9c49999dd1 Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Sun, 31 Mar 2024 21:56:50 +0900
Subject: [PATCH] [WIP] Accelerate networking with bypass4netns

Depends on:
- rootless-containers/bypass4netns PR 68
- containerd/nerdctl PR 2916

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 docker-compose.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 2ae7291..9e93974 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -39,6 +39,12 @@ services:
       # In addition, `net.ipv4.conf.default.rp_filter`
       # has to be set to 0 (disabled) or 2 (loose)
       # in the daemon's network namespace.
+    annotations:
+      # bypass4netns annotations are recognized since nerdctl v2.0
+      # TODO: enable bypass4netns only when bypass4netnsd is running.
+      "nerdctl/bypass4netns": "true"
+      "nerdctl/bypass4netns-ignore-bind": "true"
+      "nerdctl/bypass4netns-ignore-subnets": "[\"10.96.0.0/16\", \"10.244.0.0/16\", \"${U7S_NODE_SUBNET}\"]"
 networks:
   default:
     ipam: