Running macOS and docker ubuntu on it, I am unable to ping my local network's IP addresses. Below is the network configuration of my docker container. I can ping my host machine's IP address but I am unable to access other IP addresses on the local network.
root# ping 172.17.101.192
PING 172.17.101.192 (172.17.101.192) 56(84) bytes of data.
From 172.17.0.3 icmp_seq=1 Destination Host Unreachable
From 172.17.0.3 icmp_seq=2 Destination Host Unreachable
root# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:03
inet addr:172.17.0.3 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:3/64 Scope:Link
Is there any network configuration which would help me to perform this operation?
I have tried net=host but it is not helping it.
I was using docker for mac, the issue was docker internal network conflicting with my local network addressing.
To resolve the this issue, i need to go to Preferences in the dokcer menu.
In Preferences menu Daemon>Advanced Menu, i can supply other bip.
{
"bip" : "12.12.0.1/24"
}
Click apply and restart. The next time docker will start with internal network as 12.12.0.1/24.
I think docker internal network could be conflicting with your local network addressing.
Try to run Docker changing the default internal network to something that doesn't conflict, as 172.31.0.0/24. Add to your Docker startup options --bip 172.31.0.1/24, probably located in /etc/default/docker:
# Use DOCKER_OPTS to modify the daemon startup options.
DOCKER_OPTS="--bip 172.31.0.1/24"
UPDATE: Although this is true in Linux, Mac implementation is different, see docs here, so it depends if you're using Docker for Mac or for Linux.
Just to test, try to attach your laptop to a different network, any in the range of 192.168.0.0/16 would suffice.
I'm guessing you're using docker-machine.
You should check out docker for mac as it has some networking improvements that may make this work for you. This is what I'm using and I'm able to reach other hosts on my internal network from docker.
I tried the following, and it works:
mac-os $> ifconfig
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 78:31:c1:bd:4b:84
inet6 fe80::1425:a90d:9c00:ef53%en0 prefixlen 64 secured scopeid 0x4
inet 10.191.41.1 netmask 0xfffff800 broadcast 10.191.47.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
So my ip is 10.191.41.1. Then I do:
mac-os $> docker run -ti --rm ubuntu bash -c "apt-get update && apt-get install -y inetutils-ping && ping 10.191.41.1"
Which installs the "ping" command, and tries to ping my host. I get the right answers:
[...]
PING 10.191.41.1 (10.191.41.1): 56 data bytes
64 bytes from 10.191.41.1: icmp_seq=0 ttl=37 time=0.303 ms
64 bytes from 10.191.41.1: icmp_seq=1 ttl=37 time=0.536 ms
[...]
I wanted to throw this answer out as it happened to me on Windows, but could really on any environment. I was using a bridge network on my local machine for a service I was developing and ran into similar issues, what was weird was that pinging our production physical servers (which started with a 10.10... IP pattern) or the random sites on the internet I was able to receive a response. But the physical dev server which sat on a 172.16... pattern didn't work.
Finally I discovered through doing docker network inspect on the networks I had locally that one had created with the same subnet of 172.16... which overlapped my physical server IP address range. So when I was pinging the physical dev server, it was trying to find it on the virtual docker network, where it didn't exist.
After deleting that network (it was a dev one I didn't use), everything worked.
docker network rm {networkName}
If I had to keep the network, it is possible to change the subnet in the docker-compose file. If you need to change the conflicting subnet, the link to that is here How do configure docker compose to use a given subnet if a variable is set, or choose for itself if it isn't?
That would look something like this (if you wanted a 12.12 subnet):
networks:
default:
ipam:
config:
- subnet: 12.12.0.0/16
Related
On my windows 10 pro laptop I am running geth in WSL. The problem is I can not seem to get reach my wireless router. I am getting a status of not connected to my router. So the web3J calls returns a can not connect. I setup my geth:
geth --http.port "8545" --http.addr "192.168.1.15" --datadir test-chain-dir --http --dev
I setup eth0 to match my address in my ipv4 settings config in my vethernet adaptor
ifconfig eth0 192.168.1.15 and the mask ifconfig eth0 netmask 255.255.255.0
I also add a route ip route add default via 192.168.1.15
So what am I doing wrong? I also tried adding on the windows side the command to setup portproxy.
Is there some definitive instructions somewhere about setting up geth to work within WSL and able to reach out to the router? I wrote some simple code using web3j running on a android phone that is connected on my local network.
Thanks!
Hello I have following dockerfile on my macOS Sierr High (as example):
FROM richarvey/nginx-php-fpm:1.3.7
EXPOSE 80
And I'm able to build and run it on 192.168.8.101:8082 by
docker build -t myproject
docker run -d -p 192.168.8.101:8082:80 --name myproject myproject
and it works on http://192.168.8.101:8082 my local computer and devices (iPhone) connected to the same wifi network (I also have no problem to run container on localhost).
However when I try tu run this container on other IP like for example 192.168.8.102:8082 I get following error:
Mac-mini-Kamil:myproject Kamil$ docker run -d -p 192.168.8.102:8082:80 --name myproject myproject
f939d38243f420f812c859f5fe275faf49dc6e123d807583ec240fbdf0619a17
docker: Error response from daemon: driver failed programming external connectivity on endpoint myproject (0b546e63887e3ddeb4d2b21a8d6d15a94e33f1ff67c2765174a808bf6b13e120): Error starting userland proxy: listen tcp 192.168.8.102:8082: bind: cannot assign requested address.
I try also other addresses like 172.17.1.2 but with no success and I don't have idea why. Do someone cane give me advice (and/or instruction about what more information I should provide to this question to solve it) ? I would like to know: why I cannot use other IPs and what I can do to use other IPs?
UPDATE - additional informations:
After execute ifconfig I selected two interesting results :
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether a8:8e:24:a3:d3:91
inet6 fe80::18fe:1146:6389:b630%en1 prefixlen 64 secured scopeid 0xa
inet 192.168.8.101 netmask 0xffffff00 broadcast 192.168.8.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 32:00:11:fc:70:40
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
nd6 options=201<PERFORMNUD,DAD>
media: <unknown type>
status: inactive
The output of ifconfig (linux, OSX) or ipconfig (Windows) will probably tell you that your IP4 is 192.168.8.101.
That's reason why 192.168.8.101:8082:80 works. Docker can access the endpoint and can map port 80 of its container on port 8082 of 192.169.8.101.
When you use another IP this error will pop up:
Error response from daemon: driver failed programming external connectivity on endpoint
This means your Docker daemon can not access the endpoint 192.168.8.102 which is logical because it isn't the IPV4 address of your machine.
The bridge0 network is the default Docker network. If you don't specify a network your Docker container will be deployed inside this network.
You can do: docker inspect network bridge
The output of this command will return a subnet like "Subnet": "172.17.0.0/16". Every container will have an IP between this private range.
What you are actually doing is mapping 172.17.X.X:80 on 192.168.8.101:8082 which works when 192.168.8.101 is accessible from you machine.
i suspect that your previous container still using port 8082 try using another port. . i dont know how to check used port in mac but if its in linux you can check your open port with netstat -ntlp
I've got a app running on my computer in localhost:1235, and I'm trying to load test it.
I installed k6 container for docker to test it, but of course from the nature of docker, my container has a different localhost. I'm trying to understand what do.
I run the following command:
docker run -it --rm --net=host -v c:/users/k6:/k6 loadimpact/k6 run /k6/script
I read somewhere that --net=host doesn't work on windows, is that right? How would I find the host IP?
I've tried running by this tutorial:
http://blog.michaelhamrah.com/2014/06/accessing-the-docker-host-server-within-a-container/
The IP I find 172.17.0.1 doesn't work in my test.
I also tried adding -p 1235:1235 but it failed, I guess docker tries to bind this port and just forward to it.
Thanks in advance,
Chaim
Inside your k6 script use the url host.docker.internal to access something running on the host machine.
For example to access a service running on the host at http://localhost:8080
// script.js
import http from "k6/http";
import { sleep } from "k6";
export default function () {
http.get("http://host.docker.internal:8080");
sleep(1);
}
Then on windows or mac this can be run with:
$ docker run -i loadimpact/k6 run - <script.js
for linux you need an extra flag
$ docker run --add-host=host.docker.internal:host-gateway -i loadimpact/k6 run - <script.js
References:
Mac: https://docs.docker.com/docker-for-mac/networking/#use-cases-and-workarounds
Windows: https://docs.docker.com/docker-for-windows/networking/#known-limitations-use-cases-and-workarounds
Linux: https://stackoverflow.com/a/61424570/3757139
k6 inside the docker instance should be able to connect to the "public" IP on your host machine - the IP that is configured on your ethernet or Wifi interface. You can do a ipconfig /all to see all your interfaces and their IPs.
On my Mac I can do this:
$ python httpserv.py &
[1] 7824
serving at port 8000
$ ifconfig en1
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether b8:09:8a:bb:f7:ed
inet6 fe80::148f:5671:5297:fc24%en1 prefixlen 64 secured scopeid 0x5
inet 192.168.0.107 netmask 0xffffff00 broadcast 192.168.0.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
$ echo 'import http from "k6/http"; export default function() { let res = http.get("http://192.168.0.107:8000"); console.log(res.status); };' |docker run -i loadimpact/k6 run -
I.e. I start a simple HTTP server on port 8000 of the host machine, then executes the k6 docker image and tells it to access a URL based on the IP address of the physical, outward-facing en1 interface on the host machine. In your case, on Windows, you can use ipconfig to find out your external-facing IP.
I am running a windows docker container on a Windows Server 2016 host, running default configuration.
When running the docker container using the command:
docker run -it microsoft/windowsservercore powershell
When I run the command:
ping <hostIPAddress>
It just says that the request times out.
I have checked that I can ping 8.8.8.8 and google.com etc... and even other machines on the same subnet. The only one I cannot ping is the host.
I have added '--dns ' to the 'docker run' command but this only allows me to ping the host machine via hostname and not IP.
Has anyone else seen this problem and have a solution?
I found a workaround (I'm not willing to call it a solution):
Windows Container Network Drivers: create a 'transparent' network:
docker network create -d transparent trans
Attach container to this network
docker run --network=trans ...
Important: Please note, that with this network, your container needs to obtain an IP Adress from the Host Subnet and it is directly exposed to it.
maybe related (this is about access the containers from the host):
According to https://github.com/Microsoft/Virtualization-Documentation/issues/253#issuecomment-217975932 (JMesser81):
This is a known limitation in our Windows NAT implementation (WinNAT) that you cannot access the external port in a static port mapping directly from the container (NAT) host.
Hoping this might help somebody.
On Windows 10 when hosting a Linux container on 0.0.0.0:5057 I was able to ping my server from my Windows host (powershell) using the IP address of the vEthernet (Default Switch) NIC found in Control Panel>All Control Panel Items>Network Connections:
In my case I have a corporate managed McAfee firewall running on my Windows host. I could not add any additional rules on the firewall, but fortunately there was a rule that allowed access from 172.16.0.0/24.
I used "docker network create -d transparent trans" and it worked as described, but I was not happy with an IP from my host network assigned to the container.
I did the following:
docker network create --driver=nat --subnet=172.16.0.0/24 br0
Added --network=br0 to my docker run command
I am facing the same issue.
My workaround is to restart docker service, afterwards it works fine. I'm still looking for a permanent solution.
root#a6c40eb25cbf:/# ping xxx.xx.xx.xxx
PING xxx.xx.xx.xxx (xxx.xx.xx.xxx): 56 data bytes
64 bytes from xxx.xx.xx.xxx: icmp_seq=0 ttl=37 time=3.541 ms
64 bytes from xxx.xx.xx.xxx: icmp_seq=1 ttl=37 time=2.643 ms
64 bytes from xxx.xx.xx.xxx: icmp_seq=2 ttl=37 time=1.857 ms
^C--- xxx.xx.xx.xxx ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
This works for me, I hope it works for you.
Currently, you must have WSL or WSL2 installed and have Virtualization enabled to run Docker on Windows.
The installation of WSL from PowerShell is with the following command.
wsl --install -d Ubuntu
Obviously you need to download and install Docker Desktop on Windows. It will be necessary to enable the WSL integration from the Docker desktop settings after installing it.
After configuring WSL and Docker Desktop, you can create/use your containers. Example:
docker run --name some-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres
Finally you must identify the IP of WSL, you must open the Linux distribution that you installed in the first step, in our case Ubuntu, this will open your terminal and here we will execute:
ifconfig
and you will identify the ip of eth0. Example: 172.27.123.123
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.27.123.123 netmask 255.255.240.0 broadcast 172.27.127.255
inet6 fe80::215:5dff:fecf:b4 prefixlen 64 scopeid 0x20<link>
ether 00:15:5d:cf:00:b4 txqueuelen 1000 (Ethernet)
RX packets 4389 bytes 299784 (299.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4343 bytes 315643 (315.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Now you can ping from CMD in Windows to this IP.
NOTE: the connection will depend on the port of your container, example: 172.27.123.123:8080.
I'm using Boot2Docker 1.3.0 on my Mac and I'm pretty happy so far using it. But now I'd like to connect to a http container (exposes port 8080) not from my local machine but from another machine in my local network? If I'm doing it locally I just use http://192.168.59.103:8080 so I'm using the ip address of the docker host. This can't work for other machines in my local network but using the ip address of my mac does not work either. I'm pretty sure there are some solutions for this problem but I can't find any. It can't be that hard right? What I want is to make a request to http://[IP-Address-of-mac]:8080 from another host in my local network. I think I have to set up some routing rules on my local machine right? May anybody tell me what to do? Thanks in advance.
Best regards
Sascha
You need to port forward from the OSX box to the virtual machine
VBoxManage modifyvm "boot2docker-vm" --natpf1 "tcp-port8080,tcp,,8080,,8080";
should do the trick
or, you could use ssh based port forwarding:
boot2docker ssh -L 8000:localhost:8000
see https://github.com/boot2docker/boot2docker/blob/master/doc/WORKAROUNDS.md
On your Mac, determine the IP address that it uses on your local LAN:
$ ifconfig | grep 192
inet 192.168.1.21 netmask 0xffffff00 broadcast 192.168.1.255
inet 192.168.59.3 netmask 0xffffff00 broadcast 192.168.59.255
Then port forward:
$ boot2docker ssh -vnNTL 192.168.1.21:8080:localhost:8080
Now, requests that come into your Mac on port 8080 will get forwarded to the boot2docker Linux VM on port 8080. The docker server will then forward from the exposed port (VM port 8080) to the port your container is using for httpd (probably 80).
Note that "localhost" above is from the point of view of the Linux VM, not the Mac, because that is the host you are ssh'ing into.