Menu
Containers in a host "suddenly" loses connection to outside-world containers. However, some hosts were refreshed and suddenly we had the following situation:
Here's an example:
[root@pprdespap322 deploy]# ping ci.docker.company.net
PING pprdespap324.corp.company.net (10.137.55.22) 56(84) bytes of data.
64 bytes from pprdespap324.corp.company.net (10.137.55.22): icmp_seq=1 ttl=64 time=0.282 ms
64 bytes from pprdespap324.corp.company.net (10.137.55.22): icmp_seq=2 ttl=64 time=0.341 ms
^C
--- pprdespap324.corp.company.net ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.282/0.311/0.341/0.034 ms
Now, from the container itself, we cannot ping the same host:
[root@pprdespap322 deploy]# docker run -ti quay.io/coreos/registry ping ci.docker.company.net
WARNING: IPv4 forwarding is disabled. Networking will not work.
ping: unknown host ci.docker.company.net
The first time I saw this warning was in the initial versions of Docker... Having Docker 1.9.1 and 1.10.3, How to solve this problem?
317
On the Gateway Docker container, IP forwarding is enabled by default.
Docker relies on the host being capable of performing certain functions to make Docker networking work. Namely, your Linux host must be configured to allow IP forwarding.
If the host running docker doesn't have IP forwarding, then the container won't have access to the outside world.
To make a port available to services outside of Docker, or to Docker containers which are not connected to the container's network, use the --publish or -p flag. This creates a firewall rule which maps a container port to a port on the Docker host to the outside world.
The error is commonly encountered as you are trying to build a docker image, the warning " [Warning] IPv4 forwarding is disabled. Networking will not work."
This will be done using the sysctl parameter net.ipv4.ip_forward. It can be set once from the command line but upon system restart will not be retained, so I set it in the docker sysctl file: This will then set the net.ipv4.ip_forward variable to true every time the docker daemon is started or restarted.
Another common error is that the docker daemon cannot connect to the outside world to download anything during build time. This can be corrected in a number of ways, but I have done it thusly. The error is commonly encountered as you are trying to build a docker image, the warning " [Warning] IPv4 forwarding is disabled.
I reviewed http://chrisgilmerproj.github.io/ubuntu/network/docker/2013/09/05/ipv4-forwarding-and-docker.html and it helped me solving the problem on the host.
I added the following to /etc/sysctl.conf:
net.ipv4.ip_forward=1
I then restarted the network service and validated the setting:
[root@pprdespap322 deploy]# systemctl restart network
[root@pprdespap322 deploy]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
[root@pprdespap322 deploy]# docker run -ti quay.io/coreos/registry ping ci.docker.company.net
PING pprdespap324.corp.company.net (10.137.55.22) 56(84) bytes of data.
64 bytes from pprdespap324.corp.company.net (10.137.55.22): icmp_seq=1 ttl=63 time=0.329 ms
64 bytes from pprdespap324.corp.company.net (10.137.55.22): icmp_seq=2 ttl=63 time=0.306 ms
^C
--- pprdespap324.corp.company.net ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.306/0.317/0.329/0.021 ms
All containers now can communicate with outside world containers!
237
Try restarting Docker service.
E.g. for Ubuntu:
$ sudo systemctl restart docker
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
