Ubuntu16.04: docker-ce installation fails

I recently re-installed docker-ce. To test installation, the pull request for “Hello-world” fails.

Steps to reproduce the issue:

  1. This issue is occurring on Ubuntu 16.04 native OS
  2. Uninstalled previous docker version
  3. Removed contents in /var/lib/docker
  4. Uninstalled virtual box
  5. Upgraded nvidia driver from 375 to 381.22
  6. Installed docker-ce
  7. Now, tesing pull request for “Hello-world” fails.

Describe the results you received:

Get an error:
$ sudo docker run hello-world

Describe the results you expected:

  • Should have downloaded hello-world image

Additional information you deem important (e.g. issue happens only occasionally):

  • I was able to pull images 3 days back with previous installation

Output of docker version:

$ sudo docker version

Version: 17.06.2-ce
API version: 1.30
Go version: go1.8.3
Git commit: cec0b72
Built: Tue Sep 5 20:00:17 2017
OS/Arch: linux/amd64

Version: 17.06.2-ce
API version: 1.30 (minimum version 1.12)
Go version: go1.8.3
Git commit: cec0b72
Built: Tue Sep 5 19:59:11 2017
OS/Arch: linux/amd64
Experimental: false

Output of docker info:

$ sudo docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 17.06.2-ce
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 0
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 6e23458c129b551d5c9871e5174f6b1b7f6d1170
runc version: 810190ceaa507aa2727d7ae6f4790c76ec150bd2
init version: 949e6fa
Security Options:
Profile: default
Kernel Version: 4.4.0-93-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.765GiB
Name: raghu-Inspiron-3542
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Username: ra9hur
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
Live Restore Enabled: false

WARNING: No swap limit support

Output of dig:

$ dig dseasb33srnrn.cloudfront.net

; <<>> DiG 9.10.3-P4-Ubuntu <<>> dseasb33srnrn.cloudfront.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7038
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0

;dseasb33srnrn.cloudfront.net. IN A

dseasb33srnrn.cloudfront.net. 3600 IN CNAME bsnlrpz.
bsnlrpz. 3600 IN A

rpz.blist.org. 3600 IN SOA bangalorerdns1.bsnl.co.in.rpz.blist.org. hostmaster.bangalorerdns1.bsnl.co.in.rpz.blist.org. 2017090106 10800 3600 604800 86400

;; Query time: 26 msec
;; WHEN: Tue Sep 12 05:41:01 IST 2017
;; MSG SIZE rcvd: 169

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38385
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 1280
; IN A


;; Query time: 0 msec
;; WHEN: Tue Sep 12 05:41:01 IST 2017
;; MSG SIZE rcvd: 52

Additional environment details (AWS, VirtualBox, physical, etc.):

  1. VirtualBox-5.1 is uninstalled

  2. This is a home laptop and it is not behind proxy. Assume exporting http proxy, https proxy are not relevant

  3. Checked ip link. MTU values are 1500 by default

  4. Have set mtu probing to 1. $ sudo sysctl -w net.ipv4.tcp_mtu_probing=1

  5. Updated /etc/resolv.conf to have “nameserver” in first line

  6. https link from error output does not work from the browser

  7. Tried accessing the above link from Windows 8.1 on the same laptop from a browser and it does not get through.

  8. Referred https://github.com/moby/moby/issues/32257. Have sent a mail to docker hub support team, but no response

I am stuck with this, for the last 3 days. Need your help to resolve this.

On the internet, all suggestions are leading to DNS fix. But, nslookup to docker auth server works.

$ nslookup auth.docker.io

Non-authoritative answer:
Name: auth.docker.io
Name: auth.docker.io
Name: auth.docker.io
Name: auth.docker.io
Name: auth.docker.io
Name: auth.docker.io

So, it is able to reach out to docker-hub, but times out. MTU value is by default 1500. Have tried setting this to 1000.

Have even tried -stop-timeout set to 120 seconds.

None of these helps.

If I do a curl from cmd prompt, get this error:
$ curl -v https://dseasb33srnrn.cloudfront.net:443

However, curl requests to docker.io works fine.
curl -v https://index.docker.io:443

I am assuming that the download site is down. Is there a secondary site that I can use?
If yes, how to initiate the pull request? OR while doing the build?