Can't pull docker image: no route to host - macos

When using boot2docker on OSX, I can't pull a new image from Docker Hub:
$ docker run mysql
Unable to find image 'mysql' locally
Pulling repository mysql
2014/06/24 16:58:18 Get https://index.docker.io/v1/repositories/mysql/images: dial tcp: read udp 192.168.0.1:53: no route to host
I can still access that URL using a browser or curl. What gives?

Restarting boot2docker fixed it for me. I think it had to do with switching wifi networks using different IP ranges.
$ boot2docker restart

Related

Can't connect from outside of container to Clickhouse by HTTP on Mac OS

I'm trying to use ClickHouse with docker on Mac OS. I use next command:
docker run -d -p 8123:8123 --rm --name some-clickhouse-server -v /my/config/path/config.xml:/etc/clickhouse-server/config.xml --ulimit nofile=262144:262144 yandex/clickhouse-server:latest
Container successfully started, but when I try to connect to it by http curl 'http://localhost:8123' I have an error:
Failed to connect to localhost port 8123: Connection refused
When I connect to Clickhouse from Clickhouse-client (also using docker image) everything is OK
I ran Clickhouse-server image in -it mode, installed curl, started server and tried to connect clickhouse-server from inside of container, it's OK too
Also I tried to modify config.xml (which was copied from docker image) settings for listen_host (::, 0.0.0.0, ::1, 127.0.0.1)
and for every setting I tried to connect by curl for localhost, 127.0.0.1, 0.0.0.0 - nothing of this solved my problem
Normally, docker desktop write these details of host and container to /etc/hosts, after adding the clickhouse-service as follows has resolved this issue.
127.0.0.1 localhost clickhouse-service
I used Docker Toolbox on Mac OS (in conjunction with VirtualBox). So, I've migrated to Docker Desktop and this has solved my problem

Setup ssh tunnel from docker container on macos Mojave 10.14

I am having trouble setting up an ssh tunnel on my mac machine. I have no problems setting up the tunnel on my ubuntu box. This is the command I run
ssh -nNT -L 172.18.0.1:4000:production-database-url:3306 jump-point
When I run this on my mac, I get the following error:
bind [172.18.0.1]:4000: Can't assign requested address
channel_setup_fwd_listener_tcpip: cannot listen to port: 4000 Could
not request local forwarding.
If I run without the bind_address (172.18.0.1), I am able to connect to the database via the tunnel.
If I bind to all interfaces (0.0.0.0), then tunnel is open, however, the connection to the database from inside the docker container does not work.
172.18.0.1 is the IP of docker's default bridge network gateway, not your host's IP.
You can run this command to check that.
$ docker network inspect bridge
Docker for Mac has limitations
There is no docker0 bridge on macOS (it's in the docker VM host on Mac and on Windows)
You cannot ping containers (without shaving a bunch of yaks)
Per-container IP addressing is not possible
Also note that this means the docker run option --net-host is not supported on Mac, but maybe that's a good thing
There is a workaround
These magic addresses resolve to the host's IP from within a container
docker.for.mac.localhost (deprecated)
docker.for.mac.host.internal (deprecated)
host.docker.internal
This resolves to the gateway of the host mac
gateway.docker.internal
Use the name host.docker.internal from within the container just like you would use localhost on the mac directly.
Don't worry about the bind address for the tunnel:
ssh -nNT -L 4000:production-database-url:3306 jump-point
You didn't mention which database but I take it from the port 3306 that it is MySQL.
To connect using the mysql cli from within a container, via an ssh tunnel on your host, to a remote mysql database server you can run:
mysql --host host.docker.internal [... other options go here]

Access Docker daemon Remote api on Docker for Mac

I'm runner Docker for OSX, and having trouble getting the Docker remote API to work.
My situation is this:
Docker daemon running natively on OSX (https://www.docker.com/products/docker#/mac, so not the boot2docker variant)
Jenkins running as docker image
No I want to use the Jenkins docker-build-step plugin to build a docker image, but I want it to use the docker daemon on the host machine, so in Jenkins settings, DOCKER_URL should be something like :2375. (Reason for this is I don't want to install docker on the jenkins container if I already have it on my host machine).
Is there a way to to this or is de Docker for Mac currently not supporting this? I tried fiddling with export DOCKER_OPTS or DOCKER_HOST options but still get a Connection refused on calling http://localhost:2375/images/json for example.
Basicly the question is more about enabling the Docker for OSX remote api, with use case calling it from a Jenkins docker container.
You could consider using socat. It solved my problem, which seem to be similar.
socat TCP-LISTEN:2375,reuseaddr,fork UNIX-CONNECT:/var/run/docker.sock &
This allows you to access your macOS host Docker API from a Docker container using: tcp://[host IP address]:2375
On macOS socat can be installed like this:
brew install socat
See here for a long discussion on this topic: Plugin: Docker fails to connect via unix:// on Mac OS X
If you already added an SSH public key to your remote server, then you can use this ssh credentials for your docker connection, too. You don't need to configure the remote api on the server for this approach.
When connecting to macOS Docker Desktop, you could use ssh (after you have enabled it on Mac)
docker -H ssh:user#192.168.64.1 images
or
export DOCKER_HOST=ssh:user#192.168.64.1
docker images
I had the same issue but with mysql. I needed to expose the port of my docker hosts on port 43306 to docker image mysql running on port 3306.
Solution:
Create your docker image with -p parameter.
Example:
#> docker run -p 0.0.0.0:43306:3306 --name mysql-5.7.23xx -e MYSQL_ROOT_PASSWORD=myrootdba -d mysql/mysql-server:5.7.23 --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
Now I can connect from my host docker server on port 43306 to mysql docker image.

How to access web page served by nginx web server running in docker container

We are trying to use docker to run nginx but for some reason I'm unable to access the nginx web server running inside the docker container.
We have booted a Docker Container using the following Dockerfile: https://github.com/dwyl/learn-docker/blob/53cca71042482ca70e03033c66d969b475c61ac2/Dockerfile
(Its a basic hello world using nginx running on port 8888)
To run the container we used:
docker run -it ubuntu bash
we determined the Container's IP address using the docker inspect command:
docker inspect --format '{{ .NetworkSettings.IPAddress }}' a9404c168b21
which is: 172.17.0.11
when I try to visit the container's IP address and the nginx port in a browser http://172.17.0.11:8888/ we get ERR_CONNECTION_TIMED_OUT
or using curl:
curl 172.17.0.11:8888
curl: (7) Failed to connect to 172.17.0.11 port 8888: Connection refused
To attempt to solve this we googled extensively but suspect we might be asking the "wrong" questions...
You shouldn't be trying to hit the IP address of the container, you should be using the IP address of the host machine.
What you are missing is the mapping of the port of the host machine to the port of the container running the nginx server.
Assuming that you want to use port 8888 on the host machine, you need a parameter such as this to map the ports:
docker run ... -p 8888:8888 ...
Then you should be able to access you server at http://<HOST_MACHINE_IP>:8888
EDIT: There is another gotcha if you are running on a Mac. To use Docker on a Mac it's common to use boot2docker but boot2docker adds in another layer. You need determine the IP address of the boot2docker container and use that instead of localhost to access nginx.
$ boot2docker ip
The VM's Host only interface IP address is: <X.X.X.X>
$ wget http://<X.X.X.X>:8888
...
Connecting to <X.X.X.X>:8888... connected.
HTTP request sent, awaiting response... 200 OK
Reference: https://viget.com/extend/how-to-use-docker-on-os-x-the-missing-guide
EDIT: ... or with docker-machine the equivalent command would be docker-machine ip <machine-name> where <machine-name> is likely to be "default".
You may need to check if your container is running:
docker ps ( you should have an active container)
If no container is active:
docker run -p 80:80 -it /bin/bash
you will then be on your image terminal
start nginx - sudo service nginx start
ctrl p + ctrl q to quit docker without exiting the container
if you are on mac and using boot2docker you cannot use localhost to check your running nginx
so use boot2docker ip
browse using the boot2docker ip

How to fix Docker's "Error pulling image...too many redirects" failures while pulling images from registry?

I am running Docker via CoreOS and Vagrant on OS X 10.10.
When I run docker pull ubuntu in CoreOS, I got following errors:
$ docker pull ubuntu
Pulling repository ubuntu
cc0067db4f11: Error pulling image (precise) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Get https://cdn-registry-1.docker.io/v1/images/cc0067db4f11198ef6fd0435f96a973e559b1cebfceb2bc8e4fe527b32045c2f/ancestry: dial tcp: lookup cdn-registry-1.dcc0067db4f11: Error pulling image (precise) from ubuntu, Get https://cdn-registry-1.docker.io/v1/images/cc0067db4f11198ef6fd0435f96a973e559b1cebfceb2bc8e4fe527b32045c2f/ancestry: dial tcp: lookup cdn-registry-1.docker.io on [10.0.2.3]:53: too many redirects
6006e6343fad: Error pulling image (quantal) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Get https://cdn-registry-1.docker.io/v1/images/6006e6343fadaaeb5dd98436a3cd17eac8c03cabca1ed4c8778d039e72ebcc9c/ancestry: dial tcp: lookup cdn-registry-1.d6006e6343fad: Error pulling image (quantal) from ubuntu, Get https://cdn-registry-1.docker.io/v1/images/6006e6343fadaaeb5dd98436a3cd17eac8c03cabca1ed4c8778d039e72ebcc9c/ancestry: dial tcp: lookup cdn-registry-1.docker.io on [10.0.2.3]:53: too many redirects
7656cbf56a8c: Error pulling image (13.04) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Get https://cdn-registry-1.docker.io/v1/images/7656cbf56a8c831de71ef43809b04fcf8125e7b039250835b6c5f6f280daf12e/ancestry: dial tcp: lookup cdn-registry-1.doc7656cbf56a8c: Error pulling image (13.04) from ubuntu, Get https://cdn-registry-1.docker.io/v1/images/7656cbf56a8c831de71ef43809b04fcf8125e7b039250835b6c5f6f280daf12e/ancestry: dial tcp: lookup cdn-registry-1.docker.io on [10.0.2.3]:53: too many redirects
3db9c44f4520: Error pulling image (lucid) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Get https://cdn-registry-1.docker.io/v1/images/3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710/ancestry: dial tcp: lookup cdn-registry-1.doc3db9c44f4520: Error pulling image (lucid) from ubuntu, Get https://cdn-registry-1.docker.io/v1/images/3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710/ancestry: dial tcp: lookup cdn-registry-1.docker.io on [10.0.2.3]:53: too many redirects
5cf8fd909c6c: Error pulling image (trusty) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Get https://cdn-registry-1.docker.io/v1/images/5cf8fd909c6ccc61199df6dbeb165767b83c23842ef49ca3ef3b81ece1bdce4f/ancestry: dial tcp: lookup cdn-registry-1.do5cf8fd909c6c: Error pulling image (trusty) from ubuntu, Get https://cdn-registry-1.docker.io/v1/images/5cf8fd909c6ccc61199df6dbeb165767b83c23842ef49ca3ef3b81ece1bdce4f/ancestry: dial tcp: lookup cdn-registry-1.docker.io on [10.0.2.3]:53: too many redirects
d2099a5ba6c5: Error pulling image (saucy) from ubuntu, endpoint: https://cdn-registry-1.docker.io/v1/, Get https://cdn-registry-1.docker.io/v1/images/d2099a5ba6c5a0f94f84162d69b4cb79b47c7ea1768550c6cee55a7ba2dc3647/ancestry: dial tcp: lookup cdn-registry-1.docd2099a5ba6c5: Error pulling image (saucy) from ubuntu, Get https://cdn-registry-1.docker.io/v1/images/d2099a5ba6c5a0f94f84162d69b4cb79b47c7ea1768550c6cee55a7ba2dc3647/ancestry: dial tcp: lookup cdn-registry-1.docker.io on [10.0.2.3]:53: too many redirects
2014/06/05 12:17:11 Could not find repository on any of the indexed registries.
I'd really appreciate if anyone could give me a useful advise on how to troubleshoot this problem.
Try this temporary workaround:
osx$ boot2docker up
osx$ boot2docker ssh
docker#boot2docker$ sudo echo "nameserver 8.8.8.8" > /etc/resolv.conf
docker#boot2docker$ sudo /etc/init.d/docker restart
It works until reboot.
I don't know about OS X, but on linux this could happen due to "bad" /etc/resolv.conf on the host. For example, ubuntu puts something like:
nameserver 127.0.1.1
and then handles the DNS requests through some service. The problem is, that this is accessible from inside of the image.
To fix this, I had to add some external nameservers, like:
nameserver 127.0.1.1
nameserver 8.8.8.8
nameserver 8.8.4.4
10.0.2.3 is virtualbox dns server, check Fine-tuning the VirtualBox NAT engine
You can as other suggested use 8.8.8.8 which is google dns server.
# /etc/resolve.conf
nameserver 8.8.8.8
And if you work in intranet, then replace it with your normal dns server, which you can add search as well like below
# /etc/resolve.conf
nameserver xxx.xxxx.xxx
search company.com
This will be good to access your private repo
I had a similar issue when trying to pull a container from docker repository with this command :
docker pull ubuntu
Note that I was using coreos inside virtualbox and I was using Nat as my Networking Configuration to have access to internet. When Switching network modes with virtualbox, I couldn't do any pull.
I solved the issue by restarting docker with systemctl by iniating this command :
sudo systemctl restart docker
And then my pull worked fine. I hope this solution helped you. And I got it from from google group issue addressed by one of CoreOS creators(Brandon Philips) through this link:
https://groups.google.com/forum/#!topic/coreos-dev/vWqSbPgNYro
On MacOSX, if you use Docker Machine you can try to:
docker-machine ls
docker-machine ssh YOUR_VM_NAME
and then from within the VM:
kill the /usr/local/bin/docker process and start it again by hand:
sudo /usr/local/bin/docker -d -D -g /var/lib/docker -H unix:// -H tcp://0.0.0.0:2376 --label provider=virtualbox --tlsverify --tlscacert=/var/lib/boot2docker/ca.pem --tlscert=/var/lib/boot2docker/server.pem --tlskey=/var/lib/boot2docker/server-key.pem -s aufs
Funnily enough, restarting like this
sudo /etc/init.d/docker restart
does not help.
On windows I was able to fix it by doing the following:
Go to virtual box application
Delete the VM that was created
Restart computer (optional, i think)
Start Kitematic
Go back to Virtual Box, hit show
Make sure ping google.com command works
Now I am able to download docker images from the hub.

Resources