openconnect icon indicating copy to clipboard operation
openconnect copied to clipboard

Published 20 hours ago verified publisher icon aw1cks

NetworkSettings is broken

Open stephencheng opened this issue 3 years ago • 2 comments
trafficstars

I think the latet docker desktop has broken the following CLI command

CONTAINER_GW=$(sudo docker inspect "${CONTAINER_NAME}" | jq -r '.[0].NetworkSettings.Networks.bridge.IPAddress')

There is no output of NetworkSettings any more

My docker version: Docker Desktop 4.3.0 (71786) in Mac M1

We probably can do something using docker inspect Network instead

stephencheng avatar Dec 05 '21 13:12 stephencheng

I use the gateway ip instead, is that correct?

# docker network inspect b23f073d2158
[
    {
        "Name": "bridge",
        "Id": "b23f073d2158c8580ad19de6e48dcf298442fa0dd1468bcec8d3682959a7e699",
        "Created": "2021-12-04T04:00:52.673257417Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

stephencheng avatar Dec 05 '21 14:12 stephencheng

No, you need the IP address of the container itself. The gateway would be the default gateway address that the container would use.

For example:

alex@desktop::~» docker run --rm -ti alpine sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
/ # ip r
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 scope link  src 172.17.0.2
/ #

Notice how the interface has an address of 172.17.0.2 and not 172.17.0.1 - that's the default route. Since we're trying to route our traffic through the container itself, that's not the desired address.

aw1cks avatar Dec 06 '21 10:12 aw1cks

Closing in favour of https://github.com/aw1cks/openconnect/issues/5

aw1cks avatar Sep 27 '22 13:09 aw1cks