Tweak Docker daemon config when host network overlaps with 172.17.0.0/16

[rudolphjacksonm]

We've stood up the actions-runner-controller on an EKS cluster. The VPC where the cluster resides, by sheer coincidence, has a CIDR range of 172.17.0.0/16. When we deploy Runners in our cluster, the default Docker bridge network is 172.17.0.0/16, which means all network traffic for the Runner is sent back to itself. This means every runner pod has no network connectivity outside of itself. The controller, cert-manager, and everything else outside of the runners works perfectly, so we're certain that the connectivity issue is down to the daemon overlapping with the host network.

Is there any suggested way of tweaking dind to change the daemon config? Would creating a ConfigMap and mounting it at /etc/docker/daemon.json work?

While I would love to move our cluster to another network, we're not in full control of our network topology, so we're essentially stuck in this CIDR range for the time being. The other option we're considering is to roll our own runner and dind containers with the daemon configured for a completely different range.