fix: Use host network mode as default to resolve WebRTC/UDP issues

omnarayan · omnarayan · commit d11748fd6a4e · 2025-09-12T23:42:28.000+05:30
- Change default network mode from 'bridge' to 'host' in action.yml and Dockerfile
    - Solves WebRTC "Send failed" errors without requiring privileged mode
    - Bypasses Docker NAT/connection tracking issues
    - Works in organizations that block privileged containers

  - Make sysctl optimizations conditional on privileged mode
    - Prevents "permission denied" errors in GitHub Actions
    - Only applies buffer tuning when privileged-mode is explicitly enabled
    - Shows informative messages about optimization status

  This ensures the action works out-of-the-box for WebRTC/UDP traffic
  without requiring special permissions or violating security policies.
diff --git a/Dockerfile b/Dockerfile
@@ -19,7 +19,7 @@ ARG TEST_NODE_PORT=4723
 # Set environment variables
 ENV DEVICELAB_URL=${DEVICELAB_URL}
 ENV TEST_NODE_PORT=${TEST_NODE_PORT}
-ENV NETWORK_MODE=bridge
+ENV NETWORK_MODE=host
 
 # Configure sysctl settings for better network performance
 # These will be applied if the container has the necessary privileges
diff --git a/action.yml b/action.yml
@@ -34,7 +34,7 @@ inputs:
   network-mode:
     description: 'Docker network mode (bridge or host). Host mode provides better WebRTC/UDP performance'
     required: false
-    default: 'bridge'
+    default: 'host'
   
   enable-network-monitor:
     description: 'Enable network statistics monitoring'
@@ -206,11 +206,18 @@ runs:
           DOCKER_RUN_CMD="$DOCKER_RUN_CMD --privileged"
         fi
         
-        # Add sysctl capabilities for network tuning
-        DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.rmem_default=1048576"
-        DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.wmem_default=1048576"
-        DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.rmem_max=2097152"
-        DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.wmem_max=2097152"
+        # Add sysctl capabilities for network tuning (only with privileged mode)
+        # Note: sysctl requires privileged mode in GitHub Actions
+        if [ "${{ inputs.privileged-mode }}" = "true" ]; then
+          echo "📊 Adding sysctl network optimizations (privileged mode enabled)"
+          DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.rmem_default=1048576"
+          DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.wmem_default=1048576"
+          DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.rmem_max=2097152"
+          DOCKER_RUN_CMD="$DOCKER_RUN_CMD --sysctl net.core.wmem_max=2097152"
+        else
+          echo "ℹ️ Sysctl optimizations skipped (requires privileged mode)"
+          echo "   Using host network mode for WebRTC performance instead"
+        fi
         
         # Add environment variables
         DOCKER_RUN_CMD="$DOCKER_RUN_CMD -e NETWORK_MODE=${{ inputs.network-mode }}"
