I have an issue with Docker not resolving my local DNS. Running even a basic ping will no longer work. Current version 0.11.1 running on Fedora 20. The last time I worked with docker (version 0.9) everything was fine.
sudo docker run base ping google.com
ping: unknown host google.com
My local DNS is resolving fine outside of Docker and I don't have localhost (127.0.0.1) set in my resolv.conf file. I have also tried setting the dns with the same outcome:
sudo docker run --dns=8.8.8.8 base ping google.com
ping: unknown host google.com
Any help would be greatly appreciated.
If anyone else has this issue I got it working by clearing out the iptables:
iptables -F
For a more permanent solution after restarting I listed the iptables before and after flushing but couldn't really see what was affecting it. I ended up loading the Firewall Configuration, and enabling the Masquerade zone worked. Not sure why this setting had changed or if a change in newer Docker versions now needed this to be set, but it works. Interestingly I had previously tried just enabling IP forwarding (sysctl -w net.ipv4.ip_forward=1), but this had no effect for me.
Related
I am connected to a corporate VPN and need to be able to run docker containers while the VPN is connected due to the fact that the container needs to be able to access corporate endpoints. However, when I am connected with AnyConnect VPN, docker has no internet access at all. Neither to our corporate endpoints or the internet.
I am running CentOS7 as my host operating system.
A simple way to reproduce this issue is to install a minimal linux distro, install AnyConnect VPN, connect to vpn and try to run the following docker container:
docker run -i -t ubuntu:14.04 /bin/bash
Once inside the container I try to ping google dns
[###]$ ping 8.8.8.8
There will be no response. If I disconnect from AnyConnect VPN and retry the above, I get a ping response.
How can I fix this issue?
Ping outside and internet access are different. You could access internet but could not ping as limit by your corporation network. I suggest running busybox
docker run -it --rm busybox
and check the dns setup inside
cat /etc/resolv.conf
From there you may see list of nameserver ip addresses. Now you could try to ping those to make sure they are reachable from inside. If not, you could try
traceroute 1.2.3.4
to see how far you could go from inside container, the first 2 lines should be ip of docker and the host machine, and then the ip of your corporation network
1 172.17.0.1 (172.17.0.1) 0.016 ms 0.011 ms 0.009 ms
2 10.1.249.4 (10.1.249.4) 38.487 ms 35.697 ms 35.558 ms
Usually it's problem of the nameserver generated inside /etc/resolv.conf
file. If it's the case, then you need to check /etc/resolv.conf
in the host machine and update the docker setup to generate the nameservers correctly inside container.
After you make a change to the network interfaces, you often need to restart the docker engine to rebuild all of the routes and iptables entries. With Linux and systemd, use:
systemctl restart docker
I'm trying to run the official Caddy 2 docker image. According to that page, to do that you should run:
docker run -p 80:80 \
-v $PWD/index.html:/usr/share/caddy/index.html \
-v caddy_data:/data \
caddy
When I run this, I get the following error:
{"level":"info","ts":1590185286.853735,"msg":"using provided configuration","config_file":"/etc/caddy/Caddyfile","config_adapter":"caddyfile"}
run: loading initial config: loading new config: starting caddy administration endpoint: listen tcp 45.90.28.0:2019: bind: cannot assign requested address
I'm not sure why it's trying to bind to that IP address by default? I tried changing it in the Caddyfile but it still doesn't bind correctly, and anyway that doesn't really solve the underlying issue here.
What could be causing this problem? Should I be using Caddy 1 instead?
I experienced this issue recently on Linux and the root cause for me was that my ISP supplied routers DNS server was resolving localhost to an incorrect IP address.
You might want to try changing your DNS servers to Cloudflare's 1.1.1.1 or Google's 8.8.8.8 servers.
It's OK to ping IP address.
picture about ping and cat /etc/resolve.conf
I can ping 8.8.8.8, so the DNS server is OK to reach, and /etc/resolv.conf edited correctly. But I just can't ping domain. I've tried shutdown firewall but failed. Too strange, I used service iptables stop and iptables was still there.
Two problems:
1. unknown host
2. stop iptables failed.
Anyone can tell me how to fix these?
I solved this problem by accident and I don't know if it's copyable, but I need to write it down.
1. I set /etc/hosts to run command `yum install bind-utils`.
2. then, I run command `dig +trace www.baidu.com` to find out why ping fail.
then, miracle happens. I can ping domain again. The problem solved magically just as it occurred.
I am running boot2docker on my Mac.
OSX version 10.9.3
boot2docker version 4.3.12
Docker version 0.12.0
The boot2docker image is a vagrant box, using virtualbox. I have tried a number of vagrant boxes (for example stigkj/boot2docker). All of them exhibiting the issue.
If I ssh into the boot2docker image and look at /etc/resolv.conf it is using the nameserver 10.0.2.3.
I boot up a simple docker image with the command:
docker run -i -t ubuntu /bin/sh
Looking at /etc/resolv.conf in that container, it is using 8.8.8.8 and 8.8.4.4 as nameservers.
In the docker.log file on the boot2docker vm, there is this line:
2014/06/30 15:25:01 Local (127.0.0.1) DNS resolver found in resolv.conf and containers can't use it. Using default external servers : [8.8.8.8 8.8.4.4]
From what I understand, docker is supposed to use the nameserver of the host. Only if the host is using 127.0.0.1 as it's nameserver should it default to the google nameservers as a backup.
The host isn't using 127.0.0.1 as a name server, but it appears that docker thinks it is. Any suggestions on how I can get it to properly detect the nameserver?
I found a fix.
It appears that the boot2docker image runs the docker daemon before it pulls the DNS from the host. So boot2docker thinks the DNS is set to 127.0.0.1 when it boots, then the machine changes it to the correct nameserver.
The fix is to restart the docker daemon after the image has booted.
In vagrant, I did this by adding the below command in the appropriate place in my Vagrantfile:
config.vm.provision :shell, inline: "/etc/init.d/docker restart"
It looks like this is a known issue in boot2docker that will be fixed in an upcoming version:
https://github.com/boot2docker/boot2docker/issues/357
credit to #oillio for the issue link and the discussion inside.
It happens in Windows 7 environment as well using boot2docker 1.0.1, I follow the suggestion in https://github.com/boot2docker/boot2docker/issues/357
$ sudo udhcpc # refresh the DHCP
$ sudo /etc/init.d/docker restart # restart the service
As said in headline, from Win7 host I'm trying to access Postgres 9.3 established in Linux Centos 5.8 which is in VirtualBox on the same machine. I'm trying to access it from PGAdmin and everything is OK when I start the Postgre from Win7 services, so PGAdmin is well configured.
What have I tried? I've read many articles about this subject, and even some questions on this forum but nothing worked. I have:
switched to NAT and forwarded port 5432 in VirtualBox GUI
set listenadresses = '*' in postgresql.conf file
put host all all 10.0.2.1/24 md5 line in the pg_hba.conf file
put 5432 port inbound and outbound rule in win7 firewall settings
disabled linux firewall with #service iptables stop
Just to mention. When service is started in virtual linux, I can access it from linux, so service is properly started. Problem is that windows doesn't see that service. And when service is started from linux, I can start the same service in Win and vice-versa although the port 5432 should be occupied.
The most suspicious part to me is point 3) because I'm not sure whether i have put good address in rule. That address vary from article to article, and I would appreciate if someone could explain me how to be sure which address (or range) to put there, according to my network. Or some other advice if possible. Thanks.
Solved.
Replacing:
"host all all 10.0.2.1/24 md5" with "host all all 0.0.0.0/0 trust" solved it.
In my case adding the below line to pg_hba.conf was enough:
host all all 10.0.0.0/16 md5
and then restart:
sudo /etc/init.d/postgresql restart
The Solution by Filip works, but you can tailor it further.
First, enable Adapter 2 in VM and set it to Host-only Adapter:
Second go to your host machine and find it's ip address.
This can be found by running ipconfig in your windows host machine.
Now you need to edit two files in your VMBox.
First is postgresql.conf
sudo nano /etc/postgresql/<version>/main/postgresql.conf
and add the following line:
listen_addresses = '*'
save it and then edit pg_hba.conf
sudo nano /etc/postgresql/<version>/main/pg_hba.conf
Here you need to add your host machine ip (in my case it was 192.168.56.1:
host all all 192.168.56.1/0 trust
Save it and restart postgresql
sudo /etc/init.d/postgresql restart
Now you can use pgadmin to connect to vm postgresql.
Convenience!