Rootless docker: i/o timeout with docker pull

tilfischer · September 29, 2023, 10:04am

Dear all,

the wireshark-cli package does exist but I did a zypper in wireshark. The command provided gave :

someuser@somehost:~> nsenter --all -t $(pidof rootlesskit | awk '{print $1}') sh
nsenter: reassociate to namespace 'ns/cgroup' failed: Operation not permitted

Hence, I did a sudo on that, did docker pull hello-world in the rootless docker in another terminal which gave:

root:/ # nsenter -n -t $(pidof rootlesskit | awk '{print $1}') tshark -i tap0
Running as user "root" and group "root". This could be dangerous.
Capturing on 'tap0'
 ** (tshark:30785) 11:57:04.367108 [Main MESSAGE] -- Capture started.
 ** (tshark:30785) 11:57:04.367160 [Main MESSAGE] -- File: "/tmp/wireshark_tap01WZVB2.pcapng"
    1 0.000000000   10.0.2.100 → 10.0.2.3     DNS 80 Standard query 0x2677 AAAA docker.io OPT
    2 0.000035190   10.0.2.100 → 10.0.2.3     DNS 80 Standard query 0x379d A docker.io OPT
    3 0.000088373     10.0.2.2 → 10.0.2.100   ICMP 108 Destination unreachable (Network unreachable)
    4 0.000105361     10.0.2.2 → 10.0.2.100   ICMP 108 Destination unreachable (Network unreachable)
    5 5.000204366   10.0.2.100 → 10.0.2.3     DNS 80 Standard query 0xff16 AAAA docker.io OPT
    6 5.000249245   10.0.2.100 → 10.0.2.3     DNS 80 Standard query 0xdbec A docker.io OPT
    7 5.000313829     10.0.2.2 → 10.0.2.100   ICMP 108 Destination unreachable (Network unreachable)
    8 5.000332154     10.0.2.2 → 10.0.2.100   ICMP 108 Destination unreachable (Network unreachable)
    9 5.189607761 06:fe:54:70:9c:47 → 52:55:0a:00:02:03 ARP 42 Who has 10.0.2.3? Tell 10.0.2.100
   10 5.189687759 52:55:0a:00:02:03 → 06:fe:54:70:9c:47 ARP 64 10.0.2.3 is at 52:55:0a:00:02:03
   11 10.003753439   10.0.2.100 → 10.0.2.3     DNS 91 Standard query 0x3fb7 AAAA registry-1.docker.io OPT
   12 10.003803592   10.0.2.100 → 10.0.2.3     DNS 91 Standard query 0x8b03 A registry-1.docker.io OPT
   13 10.003806775     10.0.2.2 → 10.0.2.100   ICMP 119 Destination unreachable (Network unreachable)
   14 10.003825573     10.0.2.2 → 10.0.2.100   ICMP 119 Destination unreachable (Network unreachable)
   15 15.003904272   10.0.2.100 → 10.0.2.3     DNS 91 Standard query 0xc66d A registry-1.docker.io OPT
   16 15.003911381   10.0.2.100 → 10.0.2.3     DNS 91 Standard query 0xce68 AAAA registry-1.docker.io OPT
   17 15.003958934     10.0.2.2 → 10.0.2.100   ICMP 119 Destination unreachable (Network unreachable)
   18 15.003978369     10.0.2.2 → 10.0.2.100   ICMP 119 Destination unreachable (Network unreachable)

Hope that helps.

Best,

Topic		Replies	Views
Pulling Docker images: i/o timeout Open Source Registry API	27	174821	May 30, 2021
Docker for Windows - Linux Container mode DOES NOT PULL images.. gives time out error Docker Desktop	0	1118	June 6, 2018
Docker pull i/o timeout and connection reset by peer - Linux Ubuntu 22.04 General docker	0	1015	July 9, 2024
Error pulling image configuration: dial tcp 104.18.124.25:443: i/o timeout Docker Hub	0	7067	June 3, 2020
docker does not download General	0	770	November 28, 2018

Rootless docker: i/o timeout with docker pull

Related topics