Can't access internet after installing docker in a fresh ubuntu 18.04 machine

I’ve installed docker in a fresh ubuntu 18.04 machine and I lost internet connection immediately after the installation finished. More specifically, I can ping 8.8.8.8 but I can’t ping www.google.com.

From what I’ve read so far, the problem comes from NetworkManager's attempt to manage the docker0 interface or something like that (I’m not entirely sure about this). So far I’ve attempted the following:

  • Hardcoding nameserver 8.8.8.8 in /etc/resolv.conf works
  • Removing dnsmasq from /etc/NetworkingManager.conf: I used this solution as I show here https://github.com/moby/moby/issues/36153, which shows the same problem on ubuntu 16.04. My fresh installation of 18.04 does not have this line, so this fix is not valid anymore
  • Docker docs suggest disabling or removing NetworkManager completely as shown in but I’m not sure if this refers to my problem. I also don’t know if this will break other stuff.
  • Other suggestion is disabling management for docker0 but it does not fix the problem in my case

So far the only thing that works is hardcoding the google dns server address in resolv.conf, which is not a clean approach in my opinion. I also have to automate this process on startup, which is something I don’t like.

How does one properly fix the NetworkingManager problem in a development machine that has docker?

Current environment

My default resolv.conf has

nameserver 127.0.0.53

and systemd-resolve --status returns (I’ve checked with a colleague and we have the same output)

Global
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 4 (docker0)
      Current Scopes: none
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

Link 3 (eno1)
      Current Scopes: DNS
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
         DNS Servers: 172.17.100.3
                      172.17.100.70

Link 2 (eno2)
      Current Scopes: none
       LLMNR setting: yes
MulticastDNS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

ifconfig docker0

bluesmonk@laptop:/etc/NetworkManager$ ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:86:e0:f0:94  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

and the status of the docker service

$ sudo service docker status
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-07-03 10:17:35 -04; 4min 52s ago
     Docs: https://docs.docker.com
 Main PID: 14992 (dockerd)
    Tasks: 31
   CGroup: /system.slice/docker.service
           ├─14992 /usr/bin/dockerd -H fd://
           └─15015 docker-containerd --config /var/run/docker/containerd/containerd.toml

jul 03 10:17:32 laptop dockerd[14992]: time="2018-07-03T10:17:32.981563020-04:00" level=warning msg="Your kernel does not support swap memory limit"
jul 03 10:17:32 laptop dockerd[14992]: time="2018-07-03T10:17:32.981595408-04:00" level=warning msg="Your kernel does not support cgroup rt period"
jul 03 10:17:32 laptop dockerd[14992]: time="2018-07-03T10:17:32.981603807-04:00" level=warning msg="Your kernel does not support cgroup rt runtime"
jul 03 10:17:32 laptop dockerd[14992]: time="2018-07-03T10:17:32.982040899-04:00" level=info msg="Loading containers: start."
jul 03 10:17:34 laptop dockerd[14992]: time="2018-07-03T10:17:34.403909997-04:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used
jul 03 10:17:35 laptop dockerd[14992]: time="2018-07-03T10:17:35.083366302-04:00" level=info msg="Loading containers: done."
jul 03 10:17:35 laptop dockerd[14992]: time="2018-07-03T10:17:35.458766295-04:00" level=info msg="Docker daemon" commit=9ee9f40 graphdriver(s)=overlay2 version=18.03.1-ce
jul 03 10:17:35 laptop dockerd[14992]: time="2018-07-03T10:17:35.458857295-04:00" level=info msg="Daemon has completed initialization"
jul 03 10:17:35 laptop dockerd[14992]: time="2018-07-03T10:17:35.470042819-04:00" level=info msg="API listen on /var/run/docker.sock"
jul 03 10:17:35 laptop systemd[1]: Started Docker Application Container Engine.
lines 1-20/20 (END)

Related to my machine

Client:
 Version:      18.03.1-ce
 API version:  1.37
 Go version:   go1.9.5
 Git commit:   9ee9f40
 Built:        Wed Jun 20 21:43:51 2018
 OS/Arch:      linux/amd64
 Experimental: false
 Orchestrator: swarm

Server:
 Engine:
  Version:      18.03.1-ce
  API version:  1.37 (minimum version 1.12)
  Go version:   go1.9.5
  Git commit:   9ee9f40
  Built:        Wed Jun 20 21:42:00 2018
  OS/Arch:      linux/amd64
  Experimental: false

docker info:

docker info
Containers: 1
 Running: 0
 Paused: 0
 Stopped: 1
Images: 1
Server Version: 18.03.1-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.15.0-23-generic
Operating System: Ubuntu 18.04 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 31.38GiB
Name: bluesmonk-ubuntu
ID: FRUH:57KI:POWV:EAHH:CY6Y:J3UH:OWBH:AIYF:BONF:DH4Q:5Y2P:RZ6T
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

about the distro

$ cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04 LTS"
NAME="Ubuntu"
VERSION="18.04 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

Thanks!

PS: I’ve posted this very same question in SO at https://stackoverflow.com/questions/51105875/internet-connection-not-working-networkmanager-not-working-after-installing-dock

It has more links and info, that I had to remove here since I can only post a max of two links as a new user.

1 Like

Hi there,

I had a similar problem a while ago.
It might be that you docker network is interfering with the original network on your host. What helped me is editing /etc/systemd/system/docker.service.d/docker.conf.
Add an option
–bip=192.168.3.1/24 (for example)

After this you need to restart the daemon with systemctl restart docker

Cheers

it seems that the file you are referring to is located in /lib/systemd/system/docker.service in Ubuntu 18.04

dockerd --help

Options:
–add-runtime runtime Register an additional OCI compatible runtime (default [])
–api-cors-header string Set CORS headers in the Engine API
–authorization-plugin list Authorization plugins to load
–bip string Specify network bridge IP
-b, --bridge string Attach containers to a network bridge

You can set the IP for the docker network bridge. The default is “172.26.0.1/16” I believe, which is why you connectivity is broken.

See also https://success.docker.com/article/how-do-i-configure-the-default-bridge-docker0-network-for-docker-engine-to-a-different-subnet

Good luck.

So I’m back at this problem. Adding “bip” to my daemon.json did not solve it, but I wonder if you can dumb down a bit your solution:

-1. When you say you edited /etc/systemd/system/docker.service.d/docker.conf (or /lib/systemd/system/docker.service), what did you add to the file?

-2. What should I add to my daemon.json? I wonder about this bit “The default is “172.26.0.1/16” I believe, which is why you connectivity is broken.” Can you explain why is my connectivity broken? the bridge network’s default IP and the DNS address are two different things as far as I understand. Would you mind expanding on this part?

Thanks for your help

I added the following option in /etc/systemd/system/docker.service.d/docker.conf
ExecStart=/usr/bin/docker daemon
–bip=192.168.3.1/24
–otheroptions…

After this restart your docker daemon.

This way the docker bridge network will start with a different ip from the default, which might conflict with the ip of your host (it did in my case).

I don’t know about the file daemon.json.

I have the same problem. None of the mentioned solutions worked. I tried editing the file /lib/systemd/system/docker.service . The line with “ExecStart” looked like this:

ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_OPTS

So I added bip parameter:

ExecStart=/usr/bin/dockerd -bip=192.168.3.1/24 -H fd:// $DOCKER_OPTS

When I restart the docker service, I get the following error:

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

When I check the details, I get: “Error starting daemon: Error initializing network controller: Error creating default “bridge” network: failed to check bridge interface existence: numerical result out of range”.

What can I do to solve this problem?

So I was not understanding your answer, and I’m sorry about that. I fixed my problem with the answer in Stackoverflow, which is the same you suggest but with a different approach.

Thanks!

Good to hear to figured it out. Sorry I could not be of more assistence. All the best!

Could you please post the link to your fix?