Please help with this
I have a windows laptop --> On this installed VM ware Tool --> On this I've Installed Linux OS
Installed docker and stopped firewalld service (then only docker service start)
If I run the docker run command as:
docker run **--network=host** -p 8080:8080 -d tomcat
Then only can access the URL: http://:8080 i.e http://192.168.0.108:8080 (It was IP of Linux VM) from the browser on windows system
If I run the docker command without using the --network=host option I'm not able to access the container application. for example, if running docker run -p 8080:8080 -d tomcat
how can I access all running containers from the windows system browser?
Do I need to add a route in the Linux OS (the one Installed in a VM ware Tool) or in the Windows one or change the network settings in VMWare configuration?
Docker container Ip start with 172.17.xx.xx series and my windows/LINUX OS was on 192.168.xx.xx series. do need to add any route?
MY network details:
[root#Docker_test ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:e8ff:fef2:7ed7 prefixlen 64 scopeid 0x20<link>
ether 02:42:e8:f2:7e:d7 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 500 bytes 23738 (23.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.108 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::20c:29ff:fee6:b685 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:e6:b6:85 txqueuelen 1000 (Ethernet)
RX packets 2310526 bytes 3211791978 (2.9 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 457745 bytes 45884268 (43.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root#Docker_test]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 ens33
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
192.168.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
Regards
Ram
Related
I have created my docker image and container using the Dockerfile in this blog.
https://hackernoon.com/raspberry-pi-cluster-emulation-with-docker-compose-xo3l3tyw
I am able to ssh into the rpi and ifconfig returns the following status:
pi#raspberrypi:~ $ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
ether 52:54:00:12:34:56 txqueuelen 1000 (Ethernet)
RX packets 561 bytes 49862 (48.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 386 bytes 47311 (46.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 41 base 0x1000 dma 0xff
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 2 bytes 100 (100.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2 bytes 100 (100.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Now I want to be able to connect this to internet. As per docker docs, I tried to connect a running container to the internet using:
docker network connect multi-host-network 008796f5316a
It returns the error.
Error response from daemon: network multi-host-network not found.
How can I connect to the internet from inside the docker?
Edit:
The blog talks about running qemu on docker and installing a modified raspbian on top of that(for compatibility with qemu).
When I access the container using docker exec command,
docker exec -it testnode bash
ifconfig returns the following:
root#1f210520938c:~# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 637 bytes 356778 (356.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 404 bytes 39482 (39.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
And the ifconfig command for pi returns the results as shown above.
So, ping google.com is working on the root# and not on pi#raspberry.
I need to connect the pi directly to the internet.
This error occurs because you haven't created a Docker network called multi-host-network. To create it, you may refer to Docker docs.
By default, all docker containers are connected to the default bridge network (the name matches driver type). As for docker-compose, bridge network with name docker-compose-directory-name_defaultwill be created, as described [here][2]. You can check it by runningdocker network inspect docker-compose-directory-name_defaultand find your container inContainers` section.
Since your container is already connected to the internet, it should have internet access without explicitly connecting it to a network.
If there is no internet connection, please try solutions proposed in this question. I would suggest starting with
sysctl -w net.ipv4.ip_forward=1 # both on host and container
sudo service docker restart # (or sudo systemctl restart docker) on host
The instructions you're following set up QEMU to use "user-mode networking". This is (sort of) like QEMU itself emulating a little NAT-router and private network that the VM lives behind. This in turn is inside the docker container and talking to whatever the docker container's networking setup is, so you have two layers here -- you'll want to be clear about this double-layer setup so you don't get confused about which of the two might be the source of any problems you have.
User-mode networking has some limitations: notably, ping doesn't work, and you can't connect from the outside into the VM except where you have specific port-forwarding set up (the instructions include a port-forward from host port 2222 to the VM's ssh port 22).
So you need to figure out whether you can live with user-mode networking's limits, and make sure that whatever testing you're doing is testing what you care about and not things you probably don't really care about like whether ping packets in particular work. If you don't want user-mode networking, you'll need to set up a QEMU tap (bridge) network backend, which is a lot more complicated but does let you make a QEMU VM truly visible as a machine on the host network.
I have a cloud box running Ubuntu 18.04.5 LTS with the following IPs:
Primary IP: 203.0.113.199
Floating IP: 203.0.113.55
My goal is that all outgoing traffic from the box uses the floating IP as the source address.
For that I configured a virtual interface and assigned it the floating IP address:
auto eth0:1
iface eth0:1 inet static
address 203.0.113.55
netmask 32
This leads to the following output of ifconfig:
~$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 203.0.113.199 netmask 255.255.255.255 broadcast 203.0.113.199
inet6 xxxx::xxxx:xxxx:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxx:xxxx:xxxx:xxxx::xxxx prefixlen 64 scopeid 0x0<global>
ether xx:xx:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 5316856 bytes 2082365743 (2.0 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2462967 bytes 404933411 (404.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 203.0.113.55 netmask 255.255.255.255 broadcast 0.0.0.0
ether xx:xx:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
Then I (temporarily) set the default route to use the floating IP as the source address (172.31.1.1 is used as a default gateway of all servers public network interfaces at my cloud provider):
~$ ip route change default via 172.31.1.1 src 203.0.113.55
This leads to the desired effect when testing with curl from the terminal:
~$ curl -s -4 http://ifconfig.co
203.0.113.55
The desired source IP address is also used when using making a request inside a Docker container running with network mode host:
~$ docker run --rm --network=host curlimages/curl -s -4 http://ifconfig.co
203.0.113.55
But when using Docker networking, the default route is not respected and the request uses the servers primary IP as the source address:
~$ docker run --rm curlimages/curl -s -4 http://ifconfig.co
203.0.113.199
How can I configure Docker, preferably using docker-compose, to respect the host's default route and use the correct IP as the source address?
I've got a Fedora 26 QEMU guest VM with a LAMP application running on a Fedora 25 host. I can access the guest web server from both the guest and the host, but I can't access it from the other systems on my local LAN - and I'd like to be able to do that.
I've put a host static route entry in my router (LEDE) to route the F26 guest's static IPv4 address (192.168.122.186) to the F25 host. The F25 host already has a network route entry for the virbr0 v-interface (192.168.122.0/24).
It seems that the F25 host firewall is what's blocking the access because when I disable firewalld on the F25 host, it works as required.
I'd appreciate a pointer to how to wrangle firewalld in this type of configuration.
Edit 2017/12/11:
I started off with only one firewalld zone (public), but now I'm trying 2 (public and internal). The "services" (ports) shown below have always been open. http and https, in particular, are what I need to work.
I need to route the traffic from devices on my local LAN, 10.3.2.0/24, (except the F25 host, of course) through the F25 host to the F26 guest VM. As I wrote before, the routing appears to be working, except when firewalld is running on the F25 host - in which case this traffic is blocked.
I've spent a lot of time searching, and there are two recurring topics, forwarding and masquerading. None of the things suggested has done what I require, however.
How can I do this? Tx
========== running: firewall-cmd --get-zones ===========
FedoraServer FedoraWorkstation block dmz drop external home internal public trusted work
========== running: firewall-cmd --get-active-zones ===========
internal
interfaces: virbr0
public
interfaces: enp0s31f6
========== running: firewall-cmd --get-default-zone ===========
public
========== running: firewall-cmd --zone=public --list-all ===========
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s31f6
sources:
services: mdns ssh dhcpv6-client http https
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
========== running: firewall-cmd --zone=internal --list-all ===========
internal (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: virbr0
sources:
services: ssh http https dhcpv6-client mdns
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
$ ifconfig -a # on the F25 host
enp0s31f6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.3.2.10 netmask 255.255.255.0 broadcast 10.3.2.255
inet6 xxxxxxxxxxxxxxxxxxxxxxxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxxxxxxxxxxxxxxxxx prefixlen 128 scopeid 0x0<global>
inet6 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx prefixlen 64 scopeid 0x0<global>
ether xxxxxxxxxxxxxxxxx txqueuelen 1000 (Ethernet)
RX packets 145 bytes 16680 (16.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 217 bytes 27947 (27.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xf7000000-f7020000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 24 bytes 2056 (2.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 2056 (2.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:93:ae:d3 txqueuelen 1000 (Ethernet)
RX packets 99 bytes 11189 (10.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 73 bytes 9612 (9.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0-nic: flags=4098<BROADCAST,MULTICAST> mtu 1500
ether 52:54:00:93:ae:d3 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::fc54:ff:fe7c:437c prefixlen 64 scopeid 0x20<link>
ether fe:54:00:7c:43:7c txqueuelen 1000 (Ethernet)
RX packets 99 bytes 12575 (12.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 195 bytes 17988 (17.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.3.2.1 0.0.0.0 UG 0 0 0 enp0s31f6
10.3.2.0 0.0.0.0 255.255.255.0 U 0 0 0 enp0s31f6
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
I bought a Raspberry Pi yesterday and I am facing quite a large problem. I can't sudo apt-get update. I think this error comes from my dns because I am connected via ethernet (Physically). so the message it prints when I execute the command is that:
pi#raspberrypi:~ $ sudo apt-get update
Err:1 http://goddess-gate.com/archive.raspbian.org/raspbian jessie InRelease
Temporary failure resolving 'goddess-gate.com'
Err:2 http://archive.raspberrypi.org/debian stretch InRelease
Temporary failure resolving 'archive.raspberrypi.org'
Reading package lists... Done
W: Failed to fetch http://goddess-gate.com/archive.raspbian.org/raspbian/dists/jessie/InRelease Temporary failure resolving 'goddess-gate.com'
W: Failed to fetch http://archive.raspberrypi.org/debian/dists/stretch/InRelease Temporary failure resolving 'archive.raspberrypi.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.
So to resolve this problem I have tried a few things:
- Changing the etc/apt/sources.list to a valid mirror of my country (france)
- Reinstalling Raspbian (1st try was with NOOBS) and now I installed Raspbian with the .img file
- Changing my /ect/resolv.conf and /etc/network/interfaces nameservers to these ip 8.8.8.8 8.8.4.4
Nothing worked... I am really stucked, there is something elese, I can't browse any website with Chromium but I have internet connexion because I can pip install python modules... here is the Chromium message:
'This site can't be reached' ERR_NAME_RESOLUTION_FAILED
Other things, my inet ip is not valid, usally it should start with 192.168 but here it is 168.254.241.6 ... here is my if config:
pi#raspberrypi:~ $ ifconfig
enxb827ebaf69fc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 169.254.241.6 netmask 255.255.0.0 broadcast 169.254.255.255
inet6 fe80::5d8b:1a8c:c520:c339 prefixlen 64 scopeid 0x20<link>
ether b8:27:eb:af:69:fc txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 995 bytes 61042 (59.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 806 bytes 77318 (75.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 806 bytes 77318 (75.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether b8:27:eb:fa:3c:a9 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Type following at the command line in order to edit resolv.conf which is the linux configuration file where domain-name to IP mapping is stored for the purpose of DNS resolution.
sudo nano /etc/resolv.conf
then add these 2 lines:
nameserver 8.8.8.8
nameserver 8.8.4.4
hope it will help ...
The ip-adress range 169.254.0.0 to 169.254.255.255 is used by zeroconf.
Probably there is no active DHCP server in the LAN. Mostly the router is also a DHCP server.
You also have no public IPv6 address. But this could also come from a IPv4 only internet connection.
Try to configure the interface completly manual with corrected ip-address. When there should be an active DHCP server, try to fix it. Sometimes a reboot helps.
You can show your gateway with "ip r". It should be the address of the router.
Important is that the ip-address of the Pi is in the same subnet as the gateway.
sudo nano /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
I connected Raspberry Pi Directly with an Ethernet Cable.
it work.
I am trying to install Jupyter inside CentOS 7 VM (that I already had) so I can access it via port 8888 at my host Mac laptop. However, I cannot figure out the networking piece.
I am changing the IP address to 200.100.x.x for convenience
From Host Machine
I have 2 adapters for that CentOS VM
$ ifconfig gives me this (I believe those are the same):
vmnet1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:50:56:c0:00:01
inet 200.100.42.1 netmask 0xffffff00 broadcast 200.100.42.255
vmnet8: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:50:56:c0:00:08
inet 200.100.40.1 netmask 0xffffff00 broadcast 200.100.40.255
From within CentOS
[root#localhost ~]# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 200.100.40.145 netmask 255.255.255.0 broadcast 200.100.40.255
inet6 fe80::20c:29ff:febf:4878 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:bf:48:78 txqueuelen 1000 (Ethernet)
RX packets 645 bytes 97963 (95.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 215 bytes 24854 (24.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554984: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 200.100.42.128 netmask 255.255.255.0 broadcast 200.100.42.255
inet6 fe80::250:56ff:fe3d:7210 prefixlen 64 scopeid 0x20<link>
ether 00:50:56:3d:72:10 txqueuelen 1000 (Ethernet)
RX packets 18 bytes 1884 (1.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 45 bytes 6130 (5.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 220 bytes 50398 (49.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 220 bytes 50398 (49.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
My tests
I pinged the following IP addresses from my host machine and they all worked:
200.100.42.128
200.100.40.145
200.100.42.1
200.100.40.1
That means there is networking connectivity into the VM. Correct?
When I do jupyter notebook, I could access http://localhost:8888/tree inside the VM but I cannot go there using any IP address from my host OS on the Macbook.
I have restarted my VM many times.
Questions
Is it because of port blocking / not forwarding (8888) or something and if so, how to fix it?
Did I setup the networking incorrectly? Is there something else I need to do inside CentOS? I read this blog here http://twiki.org/cgi-bin/view/Blog/BlogEntry201310x2 and I don't see eth0 at all.
The problem is Jupyter picked 127.0.0.0 or localhost by default. If you have the adapter with other IP addresses, it won't work.
You need to change the IP of Jupyter inside the VM
http://jupyter-notebook.readthedocs.org/en/latest/config.html
$ jupyter notebook --generate-config
Edit it:
vi /root/.jupyter/jupyter_notebook_config.py
Then change:
c.Notebookapp.ip = '0.0.0.0'
Restart jupyter notebook and should be good to go.
Make sure firewall is off or open for port 8888 as well.