I can’t make a container to get a working network:
$ sudo docker run --rm -it ubuntu apt-get update
Err http://archive.ubuntu.com trusty InRelease
Err http://archive.ubuntu.com trusty-updates InRelease
Err http://archive.ubuntu.com trusty-security InRelease
Err http://archive.ubuntu.com trusty Release.gpg
Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80]
Err http://archive.ubuntu.com trusty-updates Release.gpg
Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80]
Err http://archive.ubuntu.com trusty-security Release.gpg
Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80]
Reading package lists... Done
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/InRelease
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/InRelease
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-security/InRelease
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/Release.gpg Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/Release.gpg Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-security/Release.gpg Cannot initiate the connection to archive.ubuntu.com:80 (2001:67c:1360:8c01::18). - connect (101: Network is unreachable) [IP: 2001:67c:1360:8c01::18 80]
W: Some index files failed to download. They have been ignored, or old ones used instead.
My current iptables:
$ sudo iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
DOCKER all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
Syslog when I run the container:
Aug 13 19:47:38 t15 kernel: [90691.591670] aufs au_opts_verify:1570:docker[21583]: dirperm1 breaks the protection by the permission bits on the lower branch
Aug 13 19:47:38 t15 kernel: [90691.659231] aufs au_opts_verify:1570:docker[21583]: dirperm1 breaks the protection by the permission bits on the lower branch
Aug 13 19:47:38 t15 kernel: [90691.728129] aufs au_opts_verify:1570:docker[21409]: dirperm1 breaks the protection by the permission bits on the lower branch
Aug 13 19:47:38 t15 kernel: [90691.729209] device vethe8065e8 entered promiscuous mode
Aug 13 19:47:38 t15 kernel: [90691.729414] IPv6: ADDRCONF(NETDEV_UP): veth849e184: link is not ready
Aug 13 19:47:38 t15 kernel: [90691.729553] IPv6: ADDRCONF(NETDEV_CHANGE): veth849e184: link becomes ready
Aug 13 19:47:39 t15 kernel: [90692.728640] docker0: port 1(vethe8065e8) entered forwarding state
Aug 13 19:47:39 t15 kernel: [90692.728658] docker0: port 1(vethe8065e8) entered forwarding state
Aug 13 19:47:40 t15 kernel: [90693.525054] IN=docker0 OUT=eth0 PHYSIN=vethe8065e8 MAC=02:42:8c:99:a7:c3:02:42:ac:11:00:12:08:00 SRC=172.17.0.18 DST=213.186.33.99 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=14671 DF PROTO=UDP SPT=40326 DPT=53 LEN=44
Aug 13 19:47:40 t15 kernel: [90693.525088] IN=docker0 OUT=eth0 PHYSIN=vethe8065e8 MAC=02:42:8c:99:a7:c3:02:42:ac:11:00:12:08:00 SRC=172.17.0.18 DST=213.186.33.99 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=14672 DF PROTO=UDP SPT=40326 DPT=53 LEN=44
Aug 13 19:47:40 t15 kernel: [90693.528417] IN=eth0 OUT=docker0 MAC=e8:40:f2:3b:b6:59:6c:9c:ed:ba:eb:40:08:00 SRC=213.186.33.99 DST=172.17.0.18 LEN=326 TOS=0x00 PREC=0x00 TTL=60 ID=36671 PROTO=UDP SPT=53 DPT=40326 LEN=306
Aug 13 19:47:40 t15 kernel: [90693.528441] IN=eth0 OUT=docker0 MAC=e8:40:f2:3b:b6:59:6c:9c:ed:ba:eb:40:08:00 SRC=213.186.33.99 DST=172.17.0.18 LEN=270 TOS=0x00 PREC=0x00 TTL=60 ID=36672 PROTO=UDP SPT=53 DPT=40326 LEN=250
Aug 13 19:47:41 t15 kernel: [90694.237556] docker0: port 1(vethe8065e8) entered disabled state
Aug 13 19:47:41 t15 kernel: [90694.238491] device vethe8065e8 left promiscuous mode
Aug 13 19:47:41 t15 kernel: [90694.238508] docker0: port 1(vethe8065e8) entered disabled state
Docker info & version:
$ docker info
Containers: 2
Images: 43
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 47
Dirperm1 Supported: true
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 3.16.0-0.bpo.4-amd64
Operating System: Debian GNU/Linux 7 (wheezy)
CPUs: 4
Total Memory: 7.725 GiB
Name: XXX
ID: GNTZ:ZBN5:FXTF:FRAV:4JLC:Q65C:BY6T:WH3Y:WLPT:SGCJ:PIQW:I4JK
WARNING: No memory limit support
WARNING: No swap limit support
$ docker version
Client:
Version: 1.8.0
API version: 1.20
Go version: go1.4.2
Git commit: 0d03096
Built: Tue Aug 11 16:46:10 UTC 2015
OS/Arch: linux/amd64
Server:
Version: 1.8.0
API version: 1.20
Go version: go1.4.2
Git commit: 0d03096
Built: Tue Aug 11 16:46:10 UTC 2015
OS/Arch: linux/amd64