[Bug 1038329] New: Updating docker-io should probably restart the daemon
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1038329
Bug ID: 1038329
Summary: Updating docker-io should probably restart the daemon
Product: Fedora
Version: 19
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: luto(a)mit.edu
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
vbatts(a)redhat.com
I upgraded docker-io and, after the upgrade, I got errors about missing
dockerinit. systemctl restart docker fixed it.
--
You are receiving this mail because:
You are on the CC list for the bug.
9 years, 11 months
[Bug 1045173] New: Accessing Docker containers from outside network - adding firewall exceptions problem
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1045173
Bug ID: 1045173
Summary: Accessing Docker containers from outside network -
adding firewall exceptions problem
Product: Fedora EPEL
Version: el6
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: ajinkya(a)ajinkyakulkarni.com
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
skottler(a)redhat.com, vbatts(a)redhat.com
I am using Docker 0.7.0 to create containers on RedHat Enterprise Linux 6.5.
When firewall is turned off containers can talk to outside world, but when
firewall is on, container cannot be accessed from outside.
This is how I am running the docker and mapping a port from host to container
$ docker run -i -t -p 3838:3838 shiny "shiny-server"
Without firewall, I can access Node.js server running inside a container on
port 3838 from outside network as http://servername:3838, but not with firewall
turned on.
These are my default firewall rules –
==============================================
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
==============================================
I have tried opening a port 3838 by adding a rule as below, but it does not
work
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3838 -j ACCEPT
Docker is creating a virtual NAT on the host machine, I am feeling that somehow
firewall is blocking the packet forwarding from eth0 to docker 0
This is the output of $ifconfig (I have masked the server IP)
docker0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:172.17.42.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::87d:8dff:fed0:f16d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:408321 errors:0 dropped:0 overruns:0 frame:0
TX packets:681809 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:126511933 (120.6 MiB) TX bytes:924200959 (881.3 MiB)
eth0 Link encap:Ethernet HWaddr 00:25:64:A8:5B:8F
inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.XXX Mask:255.255.240.0
inet6 addr: XXXX::XXX:XXXX:XXXX:XXXX/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:29786186 errors:0 dropped:0 overruns:0 frame:0
TX packets:1137982 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4209047011 (3.9 GiB) TX bytes:234657696 (223.7 MiB)
Interrupt:17
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8444 errors:0 dropped:0 overruns:0 frame:0
TX packets:8444 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4701771 (4.4 MiB) TX bytes:4701771 (4.4 MiB)
Output of $docker version :
Client version: 0.7.0
Go version (client): go1.1.2
Git commit (client): 0ff9bc1/0.7.0
Server version: 0.7.0
Git commit (server): 0ff9bc1/0.7.0
Go version (server): go1.1.2
Last stable version: 0.7.2, please update docker
Output of $docker info:
Containers: 321
Images: 278
Driver: devicemapper
Pool Name: docker-8:17-13239310-pool
Data file: /var/lib/docker/devicemapper/devicemapper/data
Metadata file: /var/lib/docker/devicemapper/devicemapper/metadata
Data Space Used: 56464.5 Mb
Data Space Total: 102400.0 Mb
Metadata Space Used: 59.5 Mb
Metadata Space Total: 2048.0 Mb
I need help in making docker containers accessible from outside network without
turning off the entire firewall.
--
You are receiving this mail because:
You are on the CC list for the bug.
9 years, 11 months
[Bug 1088828] New: specifying tty crashes docker
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1088828
Bug ID: 1088828
Summary: specifying tty crashes docker
Product: Fedora
Version: 20
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: nmavrogi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: admiller(a)redhat.com, golang(a)lists.fedoraproject.org,
lsm5(a)redhat.com, mattdm(a)redhat.com,
mgoldman(a)redhat.com, skottler(a)redhat.com,
vbatts(a)redhat.com
Description of problem:
Running docker as:
sudo docker run -P --tty=false -p 22 -p 5551:5551/udp -a stderr -n --name test
test1
works. However changing --tty=false to --tty=true brings the following
backtrace:
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xb code=0x1 addr=0x20 pc=0x4f8d1d]
goroutine 7 [running]:
runtime.panic(0x8a5ac0, 0x1149948)
/usr/lib64/golang/src/pkg/runtime/panic.c:266 +0xb6
bufio.(*Reader).writeBuf(0xc210038a80, 0x0, 0x0, 0x90aea0, 0x7f5c00000001, ...)
/usr/lib64/golang/src/pkg/bufio/bufio.go:430 +0x6d
bufio.(*Reader).WriteTo(0xc210038a80, 0x0, 0x0, 0x7f5cf5b40258, 0x0, ...)
/usr/lib64/golang/src/pkg/bufio/bufio.go:402 +0x4d
io.Copy(0x0, 0x0, 0x7f5cf5b40130, 0xc210038a80, 0x0, ...)
/usr/lib64/golang/src/pkg/io/io.go:344 +0xa5
github.com/dotcloud/docker/api.func·016(0x0, 0x0)
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/api/client.go:2279
+0xf8
github.com/dotcloud/docker/utils.func·002()
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/utils/utils.go:38
+0x2e
created by github.com/dotcloud/docker/utils.Go
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/utils/utils.go:39
+0xa7
goroutine 1 [runnable]:
net/http.ReadResponse(0xc210038cc0, 0xc2100b1680, 0xc2100b1680, 0xc210050950,
0xc210000d01)
/usr/lib64/golang/src/pkg/net/http/response.go:108 +0x3b
net/http/httputil.(*ClientConn).Read(0xc2100b0420, 0xc2100b1680, 0x0, 0x0, 0x0)
/usr/lib64/golang/src/pkg/net/http/httputil/persist.go:397 +0x37b
net/http/httputil.(*ClientConn).Do(0xc2100b0420, 0xc2100b1680, 0x0, 0x0, 0x0)
/usr/lib64/golang/src/pkg/net/http/httputil/persist.go:421 +0x85
github.com/dotcloud/docker/api.(*DockerCli).call(0xc2100468c0, 0x935500, 0x4,
0xc210038c00, 0x52, ...)
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/api/client.go:2119
+0x86b
github.com/dotcloud/docker/api.(*DockerCli).CmdRun(0xc2100468c0, 0xc21000a020,
0xc, 0xc, 0x0, ...)
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/api/client.go:1924
+0x17d9
reflect.callMethod(0xc2100ac060, 0x7f5cf59aeab8)
/usr/lib64/golang/src/pkg/reflect/value.go:676 +0x17b
reflect.methodValueCall(0xc21000a020, 0xc, 0xc, 0xc2100ac060, 0x7f5cf5b3e101)
/usr/lib64/golang/src/pkg/reflect/asm_amd64.s:26 +0x24
github.com/dotcloud/docker/api.ParseCommands(0xc2100ad020, 0x4, 0xc2100ad027,
0x14, 0xc21000a010, ...)
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/api/client.go:70
+0x31f
main.main()
/builddir/build/BUILD/docker-0.9.1/docker/docker.go:151 +0x1f5f
goroutine 3 [syscall]:
os/signal.loop()
/usr/lib64/golang/src/pkg/os/signal/signal_unix.go:21 +0x1e
created by os/signal.init·1
/usr/lib64/golang/src/pkg/os/signal/signal_unix.go:27 +0x31
goroutine 6 [chan receive]:
github.com/dotcloud/docker/api.(*DockerCli).hijack(0xc2100468c0, 0x935500, 0x4,
0xc2100b90e0, 0x65, ...)
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/api/client.go:2307
+0x98a
github.com/dotcloud/docker/api.func·011(0x0, 0x6964c0)
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/api/client.go:1902
+0x1be
github.com/dotcloud/docker/utils.func·002()
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/utils/utils.go:38
+0x2e
created by github.com/dotcloud/docker/utils.Go
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/utils/utils.go:39
+0xa7
goroutine 8 [runnable]:
github.com/dotcloud/docker/utils.func·002()
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/utils/utils.go:37
created by github.com/dotcloud/docker/utils.Go
/builddir/build/BUILD/docker-0.9.1/_build/src/github.com/dotcloud/docker/utils/utils.go:39
+0xa7
--
You are receiving this mail because:
You are on the CC list for the bug.
9 years, 11 months