Network error? Or something else...?

Hi there

My Docker installation has startede acting up lately.
And to be frank I’m not certain where to start, but here goes.

I’ve multiple containers exposing web applications, e.g. Home Assistant, Plex, Portainer and Pihole.
Some times I can access these containers when I’m on the same network as my Docker installation (which runs on a Raspberry Pi 4 4GB), some times a cannot and get an “ERR_CONNECTION_REFUSED” in my Edge browser when trying to access the containers.
Note: I’ve got LetsEncrypt certificates in the containers for url1.domain.com.

The error does not make much sense as:

  1. If I access through my standard url (url1(.domain.com)) it does not work from time to time - it can stop working in the middle of a session where I’m browsing the site. At other times it just works.
  2. If I access the containers in a standard browser when the error happens, I can go to an InPrivate Edge session and then it works.
  3. If I access the container through the IP address it works - BUT of course I get SSL errors
  4. If I access the container through url2(.domain.com) it works but again the same as the above point, SSL error
  5. When inaccessible through url1(.domain.com) (in std browser, not InPrivate), I can access the container from my phone IF the phone is not on my network directly, but connected through VPN.

I’m having a hard time grasping, if the error is related to docker or my network setup.
It used to work - I’m not aware of any changes in my network.

My own takes:

  1. It can be dockers networking
  2. It could be my DNS (running on the RPi in one of the containers - PiHole)
  3. It could be my own network (Unifi) configuration
  4. It could be related to http(s) support in my installation? (See note 2)
  5. It could be my RPi that’s getting old or overloaded, but I do think that’s the issue (see note 3)

Note: some containers are on the host network, some on the OotB bridge network - no fancyness there, the error happens for all the containers.
Note 2: One container is running MQTT, this seems to work no matter what
Note 3: My RPi is in no way maxed out - it consumes approx 30% of the memory and approx 10% of the CPU.

Any hints for troubleshooting?

Thanks

Docker info:

User@raspberrypi:~ $ sudo docker version
Client: Docker Engine - Community
 Version:           27.4.0
 API version:       1.47
 Go version:        go1.22.10
 Git commit:        bde2b89
 Built:             Sat Dec  7 10:38:32 2024
 OS/Arch:           linux/arm64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          27.4.0
  API version:      1.47 (minimum version 1.24)
  Go version:       go1.22.10
  Git commit:       92a8393
  Built:            Sat Dec  7 10:38:32 2024
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.7.24
  GitCommit:        88bf19b2105c8b17560993bee28a01ddc2f97182
 runc:
  Version:          1.2.2
  GitCommit:        v1.2.2-0-g7cb3632
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Lately we have seen quite a few cases, where Portainer created containers with identical mac addresses.

You might want to check, if it’s case for you: Random, high response times on containers across identical Linux hosts - #13 by rimelek

Furthermore:

Please, format your post according to the following guide: How to format your forum posts
In short: please, use </> button to share codes, terminal outputs, error messages or anything that can contain special characters which would be interpreted by the MarkDown filter. Use the preview feature to make sure your text is formatted as you would expect it and check your post after you have sent it so you can still fix it.

Example code block:

```
echo "I am a code."
echo "An athletic one, and I wanna run."
```

After fixing your post, please send a new comment so people are notified about the fixed content.


Hi @meyay
I’ve tried the script from the post you linked - it does not produce an output. Also, I do not use portainer to deploy containers - that’s done from the command line.

Furthermore:
I cannot seem to edit my post anymore. Which part of the post would you like me to edit using the code snippets?

You can edit only for 24 hours as a new user. I edited it for you this time. The guide linked by @meyay explains formatting that helps you decide when it is necessary, but any time when the output has special characters or indentation that makes it hard to read without formatting that is used on every technical forum on the internet. I made your link a code.

That would have been my first guess so if it is not about resources, and based on the fact that the error depends on sessions and domains, I would guess that it is an aplication issue above Docker, not in it. Docker would not care about from which domain you are using or what browser or session you are in.