Docker for mac beta not forwarding ports

synic · April 7, 2016, 3:13pm

Expected behavior

When I use “ports” in docker-compose.yml, it should expose the port on my mac.

Actual behavior

It does not forward the port.

Information

OS X: version 10.11.4 (build: 15E65)
Docker.app: version v1.11.0-beta6
Running diagnostic tests:
[OK]      docker-cli
[OK]      Moby booted
[OK]      driver.amd64-linux
[OK]      vmnetd
[OK]      osxfs
[OK]      db
[OK]      slirp
[OK]      menubar
[OK]      environment
[OK]      Docker
[OK]      VT-x
Docker logs are being collected into /tmp/20160407-091146.tar.gz.
Your unique id in bugsnag is: C55DA816-5887-474C-98CD-F3CEFEBFDAAE

Steps to reproduce the behavior

When using “NAT compatibility” mode, it does forward the port, however, my containers are not able to resolve any hostnames (my nginx container can’t connect to amazon’s s3).

If I don’t use “NAT compatibility” mode, the port is not forwarded, even if I do:

pinata set network nat external-bind=true

Here is the output of “pinata list”:

These are advanced configuration settings to customise Docker.app on MacOSX.
You can set them via pinata set <key> <value> <options>.

🐳  hostname = ebdev.io
   Hostname of the virtual machine endpoint, where container ports will be
   exposed if using nat networking. Access it via 'ebdev.io.local'.

🐳  hypervisor = native (memory=3, ncpu=2)
   The Docker.app includes embedded hypervisors that run the virtual machines
   that power the containers. This setting allows you to control which the
   default one used for Linux is.

 ▸  native: a version of the xhyve hypervisor that uses the MacOSX
              Hypervisor.framework to run container VMs. Parameters:
              memory (VM memory in gigabytes), ncpu (vCPUs)


🐳  network = nat (external-bind=true)
   Controls how local containers can access the external network via the
   MacOS X host. This includes outbound traffic as well as publishing ports
   for external access to the local containers.

 ▸     nat: a mode that uses the MacOS X vmnet.framework to route container
              traffic to the host network via a NAT. Parameters:
              external-bind (bind ports to external network interface)
 ▸ hostnet: a mode that helps if you are using a VPN that restricts
              connectivity. Activating this mode will proxy container network
              packets via the Docker.app process as host socket traffic.
              Parameters: docker-ipv4 (docker node), host-ipv4 (host node)

🐳  filesystem = osxfs
   Controls the mode by which files from the MacOS X host and the container
   filesystem are shared with each other.

 ▸   osxfs: a FUSE-based filesystem that bidirectionally forwards OSX
              filesystem events into the container.


🐳  daemon = run 'pinata get daemon' or 'pinata set daemon [@file|-]>
   JSON configuration of the local Docker daemon. Configure any custom
   options you need as documented in:
   https://docs.docker.com/engine/reference/commandline/daemon/. Set it
   directly, or a @file or - for stdin.

codezomb · April 11, 2016, 5:50am

Set your network to hostnet. You can do this by enabling “VPN Compatibility Mode” in the menu.

synic · April 11, 2016, 2:19pm

@codezomb: I would do that, but then my containers are no longer able to resolve any external DNS.

jamshid · April 13, 2016, 12:27am

I guess I have the opposite problem, I can’t reach docker.local if I do select VPN Compatibility Mode. Without VPN, docker-compose publishes ports fine on docker.local.

pinata list:
network = hostnet (docker-ipv4=192.168.64.2, host-ipv4=192.168.64.1)

but I can’t ping either ip and docker.local does not resolve. If I turn off my Tunnelblick OpenVPN and uncheck VPN Compatibility Mode it goes back to nat and docker.local works fine.

network = nat (external-bind=false)
$ ping docker.local
PING docker.local (192.168.64.16): 56 data bytes
64 bytes from 192.168.64.16: icmp_seq=0 ttl=64 time=0.404 ms

flowcomm · April 16, 2016, 9:01pm

I have the same issue, did you ever resolve?

silasrm · April 21, 2016, 12:43am

I’ve similar problem Docker for Mac - IP change to “None” after update

Any solution?

jamshid · April 21, 2016, 3:25pm

Not sure about the original issue in this thread, but FYI 1.11.0 beta8 fixed docker.local to be usable even in VPN Compatibility mode (now the default).

I still can’t access containers by ip directly from OSX, even with “sudo route add”, but that’s a known issue: IP Routing to container.

mickaelbaron · April 21, 2016, 4:48pm

Since the last beta8 you have a new key (native/port-forwarding) for the Pinata tool.

To solve your problem you can do this

$ pinata set native/port-forwarding true

Mickael

juztinwilzon · April 25, 2016, 11:41pm

Thanks @mickaelbaron =)
After a few hypervisor issues I had lost all port forwarding. I restarted Docker a few times, but nothing. This got me back up and working though.

Anyone know why this would just quit working, or why it would need to be turned on?