Expected behavior
I should be able to map one port on different IP addresses from different containers. When not using docker it’s possible on Mac OS X:
$ sudo ifconfig lo0 add 127.10.0.1 netmask 0xffffffff
$ sudo ifconfig lo0 add 127.10.0.2 netmask 0xffffffff
$ nc -l 127.10.0.1 4444 &
[1] 75410
$ nc -l 127.10.0.2 4444 &
[2] 75418
I’ll be able to connect to these listening ports separately using (for example) telnet
From Docker I would expect this similar functionality to work properly:
$ docker run -it --rm -p 127.10.0.1:4444:4444 appropriate/nc -l 4444
# (in another terminal)
$ docker run -it --rm -p 127.10.0.2:4444:4444 appropriate/nc -l 4444
Actual behavior
Docker does not allow me to map the same port on a second IP address:
$ sudo ifconfig lo0 add 127.10.0.1 netmask 0xffffffff
$ sudo ifconfig lo0 add 127.10.0.2 netmask 0xffffffff
$ docker run -it --rm -p 127.10.0.1:4444:4444 appropriate/nc -l 4444
# (in another terminal)
$ docker run -it --rm -p 127.10.0.2:4444:4444 appropriate/nc -l 4444
docker: Error response from daemon: driver failed programming external connectivity on endpoint serene_torvalds (7cc7c5e6ad2ac75f7285a067dae239f567d608c0f96283ac2adc9d32ace2f00d): Error starting userland proxy: failed bind vsock connection to ffffffff.0001115c, returned -1.
Information
$ pinata diagnose -u
OS X: version 10.11.4 (build: 15E65)
Docker.app: version v1.11.1-beta13
Running diagnostic tests:
[OK] Moby booted
[OK] driver.amd64-linux
[OK] vmnetd
[OK] osxfs
[OK] db
[OK] slirp
[OK] menubar
[OK] environment
[OK] Docker
[OK] VT-x
Docker logs are being collected into /tmp/20160527-120209.tar.gz
Most specific failure is: No error was detected
Your unique id is: CF956663-CA82-4531-AE65-5758039FA3FE
Please quote this in all correspondence.
Reproducible case: see “steps to reproduce” or "actual behavior"
Host distribution: OS X El Capitan Version 10.11.4
Steps to reproduce the behavior
- Add two IP addresses to
lo0
interface:
$ sudo ifconfig lo0 add 127.10.0.1 netmask 0xffffffff
$ sudo ifconfig lo0 add 127.10.0.2 netmask 0xffffffff
- Try to run two docker instances attempting to map the same port on these two new IP addresses (in separate terminals):
$ docker run -it --rm -p 127.10.0.1:4444:4444 appropriate/nc -l 4444
# (in another terminal)
$ docker run -it --rm -p 127.10.0.2:4444:4444 appropriate/nc -l 4444
Note the containers do not actually have to listen on the port, it’s also possible to use alpine
image:
$ docker run -it --rm -p 127.10.0.1:4444:4444 alpine sh
$ docker run -it --rm -p 127.10.0.2:4444:4444 alpine sh
- An error will occur on the second terminal similar to the following:
docker: Error response from daemon: driver failed programming external connectivity on endpoint condescending_nobel (545e9683b4ad06088a10019647f66a1ee8aab644a5848ef3676f03d0641a9b9b): Error starting userland proxy: failed bind vsock connection to ffffffff.0001115c, returned -1.
Similar issues
Please note that this issue is different from this one: Bind on loopback different from 127.0.0.1
In the given issue there’s a EADDRNOTAVAIL
error issued because OSX does not allow to allocate another IP address on the interface unless you explicitly add it with ifconfig
. Contrary to the mentioned issue, I am able to map port on non-127.0.0.1 address, but only once per port.