docker-host
docker-host copied to clipboard
qoomon
Container does not work on linux rootless
The container does not work on rootless docker with linux. It tries to connect to the gateway ip just fine but somehow this ip leads no where. My knowledge of slirp4netns is simply not enough to figure it out.
I have been using the DOCKER_HOST variable with the public ip of the host os as a workaround.
Daemon logs:
/user.slice/user-1000.slice/[email protected]/app.slice/docker.service
├─ 3114 rootlesskit --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin --copy->
├─ 3147 /proc/self/exe --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin --co>
├─ 3173 slirp4netns --mtu 65520 -r 3 --enable-sandbox --enable-seccomp 3147 tap0
├─ 3181 dockerd
├─ 3237 containerd --config /run/user/1000/docker/containerd/containerd.toml --log-level info
├─178725 /usr/bin/rootlesskit-docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8025 -container-ip 172.20.0.3 -container-port 8025
├─178731 docker-proxy -container-ip 172.20.0.3 -container-port 8025 -host-ip 127.0.0.1 -host-port 8025 -proto tcp
├─178740 /usr/bin/rootlesskit-docker-proxy -proto tcp -host-ip :: -host-port 8025 -container-ip 172.20.0.3 -container-port 8025
├─178746 docker-proxy -container-ip 172.20.0.3 -container-port 8025 -host-ip ::1 -host-port 8025 -proto tcp
Docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.1-docker)
compose: Docker Compose (Docker Inc., v2.2.3)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 18
Running: 6
Paused: 0
Stopped: 12
Images: 154
Server Version: 20.10.14
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: false
userxattr: true
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux nvidia runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc version: v1.0.3-0-gf46b6ba
init version: de40ad0
Security Options:
seccomp
Profile: default
rootless
cgroupns
Kernel Version: 5.17.5-76051705-generic
Operating System: Pop!_OS 22.04 LTS
OSType: linux
Architecture: x86_64
CPUs: 16
Total Memory: 62.51GiB
Name: pop-os
ID: XXXXXXXXXXXXXXXXXXXX
Docker Root Dir: /home/freek/.local/share/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
WARNING: No cpu shares support
WARNING: No cpuset support
WARNING: No io.weight support
WARNING: No io.weight (per device) support
WARNING: No io.max (rbps) support
WARNING: No io.max (wbps) support
WARNING: No io.max (riops) support
WARNING: No io.max (wiops) support
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
seems to be related to https://github.com/moby/moby/issues/41904 and https://github.com/moby/moby/issues/43116
I looks like there is no workaround so far 😟
Better yet... Is there some documentation that would allow us to reinstall a previous build of Docker that works? My Docker Swarm is down hard since I attempted to upgrade to the latest release.
I had the same issue. The solution is thankfully relatively simple, but also involves the user needing to edit their ~/.bash_profile or ~/.bashrc file
In your ~/.bashrc or ~/.bash_profile add the following line. This is to make the bash specific value available to the docker engine.
export HOSTNAME=$HOSTNAME
Then in your docker-compose.yml add:
environment:
- DOCKER_HOST=${HOSTNAME}
of if you can't edit the bash file, have the execute command be
DOCKER_HOST=$HOSTNAME docker-compose up
You can use another workaround - use 'hostname' tool.
environment:
- DOCKER_HOST=$(hostname -f)
