1.7.0 --net=host doesn't work with bridge=none #14106
Comments
|
Hi! Please read this important information about creating issues. If you are reporting a new issue, make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead. If you suspect your issue is a bug, please edit your issue description to include the BUG REPORT INFORMATION shown below. If you fail to provide this information within 7 days, we cannot debug your issue and will close it. We will, however, reopen it if you later provide the information. This is an automated, informational response. Thank you. For more information about reporting issues, see https://github.com/docker/docker/blob/master/CONTRIBUTING.md#reporting-other-issues BUG REPORT INFORMATIONUse the commands below to provide key information from your environment:
Provide additional environment details (AWS, VirtualBox, physical, etc.): List the steps to reproduce the issue: Describe the results you received: Describe the results you expected: Provide additional info you think is important: ----------END REPORT --------- #ENEEDMOREINFO |
docker infoContainers: 8 uname -aLinux master-s1.r1.xxx 3.17.0-031700-generic #201410060605 SMP Mon Oct 6 10:07:09 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
|
I'm pretty sure this affects CoreOS 723.0.0 (coreos/manifest@a197f13) as it uses |
Signed-off-by: Tim Dettrick <t.dettrick@uq.edu.au>
Signed-off-by: Tim Dettrick <t.dettrick@uq.edu.au>
|
I've modified a couple of tests to detect this bug: The bad behaviour only occurs with I ported the tests back to 1.6.2, and they pass: |
|
@cetex @tjdett I have identified the issue and am working on a proper solution. Will push PR shortly that will address this issue. |
|
I assume bridge=none means that docker won't use a bridge and won't try to setup a bridge. This combined with all the other options we use should mean that docker won't try to do anything "automagically" at all when it comes to networking. and if we want networking in a container we need to specify "--net=host". :) |
|
This is already in master and will be released in 1.7.1 as part of #14264. Closing, thanks for reporting this issue! 🤘 |
There's a regression in docker 1.7.0
"docker run --net=host" doesn't work with "docker -d --bridge=none"
We need --bridge=none (as well as --ip-forward=false --ip-masq=false --iptables=false) since we need to be able to push quite a lot of traffic (over 10Gbit/s) to / from the services running in the containers, so docker can't modify host networking at all.
docker version
Client version: 1.7.0
Client API version: 1.19
Go version (client): go1.4.2
Git commit (client): 0baf609
OS/Arch (client): linux/amd64
Get http:///var/run/docker.sock/v1.19/version: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
This works:
/usr/bin/docker -d
INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
INFO[0008] [graphdriver] using prior storage driver "btrfs"
WARN[0008] Running modprobe bridge nf_nat failed with message: , error: exit status 1
INFO[0009] Loading containers: start.
............
INFO[0009] Loading containers: done.
INFO[0009] Daemon has completed initialization
INFO[0009] Docker daemon commit=0baf609 execdriver=native-0.2 graphdriver=btrfs version=1.7.0
INFO[0013] POST /v1.19/containers/create
INFO[0013] POST /v1.19/containers/59083f45c267c89c905a42d7ab43e9e05b2432b0afcf699727ef41efae7e9ce0/attach?stderr=1&stdin=1&stdout=1&stream=1
INFO[0013] POST /v1.19/containers/59083f45c267c89c905a42d7ab43e9e05b2432b0afcf699727ef41efae7e9ce0/start
INFO[0013] No non-localhost DNS nameservers are left in resolv.conf. Using default external servers : [nameserver 8.8.8.8 nameserver 8.8.4.4]
INFO[0013] POST /v1.19/containers/59083f45c267c89c905a42d7ab43e9e05b2432b0afcf699727ef41efae7e9ce0/resize?h=24&w=80
INFO[0014] GET /v1.19/containers/59083f45c267c89c905a42d7ab43e9e05b2432b0afcf699727ef41efae7e9ce0/json
^CINFO[0016] Processing signal 'interrupt'
docker run --net host -i -t ubuntu ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 10.255.255.255/32 scope global lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: p2p1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether xx:xx:xx:96:9f:b4 brd ff:ff:ff:ff:ff:ff
3: p2p2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether xx:xx:xx:96:9f:b5 brd ff:ff:ff:ff:ff:ff
4: em1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master lan state UP group default qlen 1000
link/ether xx:xx:xx:ab:c7:50 brd ff:ff:ff:ff:ff:ff
5: em2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master lan state UP group default qlen 1000
link/ether xx:xx:xx:ab:c7:50 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN group default
link/ether xx:xx:xx:16:ef:b5 brd ff:ff:ff:ff:ff:ff
This doesn't work:
/usr/bin/docker -d --bridge=none
INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
^Croot@master-s1:~# /usr/bin/docker -d --bridge=none
INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
INFO[0006] [graphdriver] using prior storage driver "btrfs"
INFO[0006] Loading containers: start.
..............
INFO[0006] Loading containers: done.
INFO[0006] Daemon has completed initialization
INFO[0006] Docker daemon commit=0baf609 execdriver=native-0.2 graphdriver=btrfs version=1.7.0
INFO[0006] POST /v1.19/containers/create
INFO[0006] POST /v1.19/containers/6ff79398d247dc56d9720547e28d545f3f4fc0cdb5f5cc44aa0210c61d253268/attach?stderr=1&stdin=1&stdout=1&stream=1
INFO[0006] POST /v1.19/containers/6ff79398d247dc56d9720547e28d545f3f4fc0cdb5f5cc44aa0210c61d253268/start
INFO[0006] POST /v1.19/containers/6ff79398d247dc56d9720547e28d545f3f4fc0cdb5f5cc44aa0210c61d253268/resize?h=24&w=80
INFO[0007] GET /v1.19/containers/6ff79398d247dc56d9720547e28d545f3f4fc0cdb5f5cc44aa0210c61d253268/json
docker run --net host -i -t ubuntu ip addr show
1: lo: mtu 65536 qdisc noop state DOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
The text was updated successfully, but these errors were encountered: