Been running many services via docker on Ubuntu for several years but recently I’ve run into a strange problem I’m having difficulty diagnosing.
It seems that if I start up more than X containers I lose networking on the host machine. Services become unavailable, my SSH session disconnects, and I cannot ping the host anymore. Haven’t counted how many yet but probably in the neighbourhood of 15-20, so nothing crazy.
If I physically go to the host and stop the last container that was started (via docker compose) the networking is restored. It doesn’t seem to matter which container is the last one started up just that once I get beyond a certain number of containers. I’ve tried it with different containers right around the limit of where the issue happens and tried bringing up a different compose file each time and the same issue occurred no matter which container came up.
Looking for some guidance on how to start troubleshooting this. What info can I provide, where to look for networking conflicts, etc…
Or if a new container means a new compsoe project, you can check its network using
docker network inspect NETWORKNAME
If starting a new container affects host networks, I assume the container gets an IP address (or a project a subnet) which is not compatible with your LAN network. Docker generates new docker networks each time you create a new compose project. It starts with 172.18.0.0/16, but eventually it will use all and use 192.168.0.0 ip addresses. I don’t remember the netmask. I think it could alos use 10.0.0.0 addresses too when there is nothing else left.
One question: Are you using Docker CE on Linux, or Docker Desktop for Linux?
Are you using Docker CE on Linux, or Docker Desktop for Linux?
Sorry, meant to include those details but could not find the post after I submitted it. It was awaiting approval and did not show up under my profile.
Ubuntu Server 22.04.5 LTS and Docker CE 27.3.1
Did some more digging and found a solution, though not sure if it’s the best one or why this was breaking host networking. I had more containers than I thought.
After making that config change and restarting the daemon I was able to happily start several compose stacks and their assosciated containers / networks without issue.
This confirms my idea. Changing the pools and pool sizes allows you to have more docker networks so the incompatible IP ranges will come later if ever.
I’ve been having other problems since implementing the fix that might be related. I now periodically get the following on the host.
ping: yahoo.com: Temporary failure in name resolution
Everything runs smoothly for a while and then I get that after a certain period. Restarting the docker daemon fixes the issue so it definitely seems docker related.
You should really check your local network and the created containers’ IP addresses. Solving a network issue often difficult especially remotely. But I guess “temporary failure i name resolution” could alos mean that the DNS server is not available. Try nslookup for name resolution testing. Try different DNS servers if you can, but if restarting Docker solves DNS or any network issue on the host, not in a container, I can’t think of anything except that you still have problems with the IP addresses.
But I guess “temporary failure i name resolution” could alos mean that the DNS server is not available. Try nslookup for name resolution testing. Try different DNS servers if you can, but if restarting Docker solves DNS or any network issue on the host, not in a container, I can’t think of anything except that you still have problems with the IP addresses.