Expected behavior

ping docker.local should work

Actual behavior

does not work as VPN is enabled

Information

Docker commands working but docker.local does not work

VPN compatibility is always enabled and cannot be disabled.

pinata diagnose
OS X: version 10.11.4 (build: 15E65)
Docker.app: version v1.11.0-beta8.2
Running diagnostic tests:
[OK] docker-cli
[OK] Moby booted
[OK] driver.amd64-linux
[OK] vmnetd
[OK] osxfs
[OK] db
[OK] slirp
[OK] menubar
[OK] environment
[OK] Docker
[OK] VT-x

docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.11.0
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 0
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 4.4.6
Operating System: Alpine Linux v3.3
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.956 GiB
Name: docker
ID: R4H5:AUJW:E26V:CRIW:7YE3:OAGX:Q45V:AVLM:32SQ:YJOY:4YWS:IE33
Docker Root Dir: /var/lib/docker
Debug mode (client): false
Debug mode (server): true
File Descriptors: 15
Goroutines: 33
System Time: 2016-04-21T00:19:07.856591592Z
EventsListeners: 1
Registry: https://index.docker.io/v1/

ping docker.local
ping: cannot resolve docker.local: Unknown host

Steps to reproduce the behavior

1. .install latest release and try to ping to local or open as example ngix container on docker.local
2. …

Hey!
Same for me. Can’t access docker.local and can’t turn off the VPN stuff. Any way to downgrade to beta7 ?

In beta 8 there are now independent settings for

• whether you’re in VPN mode i.e. whether the proxy is active
• whether ports are exposed on docker.local or localhost

If you wish ports to be exposed on docker.local, then check

pinata list

and look for the native/port-forwarding setting, and if necessary type

pinata set native/port-forwarding false # disable localhost; enable docker.local

Regarding disabling VPN mode: could you describe what happens when you try to disable VPN mode from the whale menu, “Settings…” panel? Note it requires rebooting the internal VM so it might take ~10s or so to complete. In beta 8 it’s best not to click the checkbox too often – this is something that we’ll hopefully improve in a later version.

To help us understand the problem, could you include the output of:

pinata list
docker run  --net=host --privileged alpine ifconfig
pinata diagnose -u # upload logs to our cloud service

Thanks!
Dave

Hi Dave,

native/port-forwarding = false
Expose container ports on the Mac, rather than the VM

▸ false: Container ports will be exposed on the VM
▸ true: Container ports will be exposed on the Mac

After VPN was disabled
docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.11.0
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 0
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 4.4.6
Operating System: Alpine Linux v3.3
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.956 GiB
Name: docker
ID: FXOV:UXUO:3XLO:A472:SW33:AEAO:73IR:OXE7:FLKE:OTY6:7IAX:S7DY
Docker Root Dir: /var/lib/docker
Debug mode (client): false
Debug mode (server): true
File Descriptors: 15
Goroutines: 33
System Time: 2016-04-21T21:11:30.574355107Z
EventsListeners: 1
Registry: https://index.docker.io/v1/

I uncheck the VPN option and after 1 minute i check again the option and it is enabled again

docker run --net=host --privileged alpine ifconfig
Unable to find image ‘alpine:latest’ locally
latest: Pulling from library/alpine
420890c9e918: Pull complete
Digest: sha256:9cacb71397b640eca97488cf08582ae4e4068513101088e9f96c9814bfda95e0
Status: Downloaded newer image for alpine:latest
docker0 Link encap:Ethernet HWaddr 02:42:0C:8D:86:0D
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

eth0 Link encap:Ethernet HWaddr DE:AD:BE:EF:DE:AD
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:1548 (1.5 KiB)

eth1 Link encap:Ethernet HWaddr C0:FF:EE:C0:FF:EE
inet addr:192.168.65.2 Bcast:0.0.0.0 Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1712 errors:0 dropped:0 overruns:0 frame:0
TX packets:880 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2440846 (2.3 MiB) TX bytes:55383 (54.0 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1%32734/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:49 (49.0 B) TX bytes:49 (49.0 B)

pinata diagnose -u
OS X: version 10.11.4 (build: 15E65)
Docker.app: version v1.11.0-beta8.2
Running diagnostic tests:
[OK] docker-cli
[OK] Moby booted
[OK] driver.amd64-linux
[OK] vmnetd
[OK] osxfs
[OK] db
[OK] slirp
[OK] menubar
[OK] environment
[OK] Docker
[OK] VT-x
Docker logs are being collected into /tmp/20160421-231443.tar.gz
Most specific failure is: No error was detected
Your unique id is: 1D5035AD-205B-4B72-B268-D87010904B68
Please quote this in all correspondence.

ping docker.local
ping: cannot resolve docker.local: Unknown host

I also cannot disable VPN compatibility mode in beta 8. When I uncheck it in the settings UI, close/reopen the UI, it is still set. When I uncheck it and wait 30 seconds, leaving the settings UI open, I still can’t resolve docker.local. When I uncheck it and Quit before closing the settings UI, restart, same problem.

I ran the commands you asked for. The unique id is 9794283A-5605-4340-A6D4-A9CA78FDA90E. (However it said there were no errors.)

Same problem here. VPN compatibility mode returns and I can’t resolve docker.local.

pinata diagnose doesn’t report any errors. pinata doctor complains that Docker is also installed with Homebrew but docker commands seem to work fine (I can start a container but I can’t connect to it).

I’m having the same problem, I use Cloak (getcloak.com) for automatically enabling VPN on unsecure connections, perhaps that has something to do with it?

I have same issue here - cannot disable VPN compatibility mode via the docker app. It seems to reset. Not sure if related - but I’ve never been able to change the memory configuration using the docker app also.

I have the same problem. Enabling port forwarding makes containers accessible on localhost but I would prefer exposing ports on docker.local like in beta 7.

If I disable VPN mode it always gets enabled again after a while. Same thing happens if I use pinata to set network to “nat”, which causes “pinata get network” to return “nat” for a few seconds before it starts returning hostnet again. At the same time, what appears to be error message appears in Console.app:

23/04/16 13:07:01,896 Docker[1936]: Stop 1 children with order 1: com.docker.driver.amd64-linux (pid 3426) 23/04/16 13:07:01,896 Docker[1936]: Stop 2 children with order 2: com.docker.osxfs (pid 3424), com.docker.slirp (pid 3425) 23/04/16 13:07:01,897 Docker[1936]: Signal terminated to com.docker.slirp (pid 3425) 23/04/16 13:07:01,898 Docker[1936]: Reap com.docker.driver.amd64-linux (pid 3425): signal: terminated 23/04/16 13:07:01,998 Docker[1936]: Starting com.docker.osxfs, com.docker.slirp, com.docker.driver.amd64-linux 23/04/16 13:07:02,002 Docker[1936]: Start com.docker.osxfs (pid 3441) 23/04/16 13:07:02,005 Docker[1936]: Start com.docker.slirp (pid 3442) 23/04/16 13:07:02,010 Docker[1936]: Start com.docker.driver.amd64-linux (pid 3443) 23/04/16 13:07:02,012 com.docker.slirp[3442]: Logging to Apple System Log 23/04/16 13:07:02,012 com.docker.slirp[3442]: Setting handler to ignore all SIGPIPE signals 23/04/16 13:07:02,012 com.docker.osxfs[3441]: Logging to Apple System Log 23/04/16 13:07:02,012 com.docker.slirp[3442]: attempting to reconnect to database 23/04/16 13:07:02,013 com.docker.slirp[3442]: reconnected transport layer 23/04/16 13:07:02,014 com.docker.slirp[3442]: allowing binds to any IP addresses 23/04/16 13:07:02,017 com.docker.slirp[3442]: starting in native mode port_control_path:fd:4 vsock_path:/var/tmp/com.docker.vsock/connect 23/04/16 13:07:02,017 com.docker.slirp[3442]: Starting slirp server socket_path:fd:3 port_control_path:fd:4 vsock_path:/var/tmp/com.docker.vsock/connect pcap_settings:disabled peer_ip:192.168.65.2 local_ip:192.168.65.1 23/04/16 13:07:02,017 com.docker.slirp[3442]: Starting slirp network stack on fd:3 23/04/16 13:07:02,031 Docker[3443]: Acquired hypervisor lock 23/04/16 13:07:02,085 Docker[3443]: hypervisor: native 23/04/16 13:07:02,086 Docker[3443]: filesystem: osxfs 23/04/16 13:07:02,087 Docker[3443]: Hypervisor: native; BootProtocol: direct; UefiBootDisk: /Users/johan/UefiBoot.qcow2 23/04/16 13:07:02,090 Docker[3443]: Docker is not responding: waiting 0.5s 23/04/16 13:07:02,103 Docker[3445]: exec: /Applications/Docker.app/Contents/MacOS/com.docker.driver.amd64-linux []string{"-A", "-m", "2G", "-c", "4", "-u", "-s", "0:0,hostbridge", "-s", "31,lpc", "-s", "2:0,virtio-ipc,uuid=db9e3dd9-e7b8-476e-874c-b4b79b2d58d4,path=/var/tmp/com.docker.vmnetd.socket,macfile=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/mac.0,errorfile=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/error.0", "-s", "3,virtio-blk,file:///Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2", "-s", "4,virtio-9p,path=/var/tmp/com.docker.db.socket,tag=db", "-s", "5,virtio-rnd", "-s", "6,virtio-9p,path=/var/tmp/com.docker.port.socket,tag=port", "-s", "7,virtio-sock,guest_cid=3,path=/var/tmp/com.docker.vsock,guest_forwards=2376;1525", "-l", "com1,pty=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty,log=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/console-ring", "-f", "kexec,/Applications/Docker.app/Contents/Resources/moby/vmlinuz64,/Applications/Docker.app/Contents/Resources/moby/initrd.img,earlyprintk=serial console=ttyS0 com.docker.driverDir=\"/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux\", com.docker.database=\"com.docker.driver.amd64-linux\""} 23/04/16 13:07:02,106 Docker[3447]: Client reports version 12, commit 3c1bfeb0e86a9403f82302edfea4c4987cc2cb32 23/04/16 13:07:02,108 InternetSharing[3332]: mac address conflict with given uuid 23/04/16 13:07:02,108 InternetSharing[3332]: unable to get MAC address 23/04/16 13:07:02,108 Docker[3447]: com.docker.vmnetd: interface_param = NULL 23/04/16 13:07:02,108 Docker[3447]: Failed to initialise com.docker.vmnetd: status = VMNET_FAILURE 23/04/16 13:07:02,109 Docker[3445]: aslInit should be called before aslLog 23/04/16 13:07:02,109 Docker[3445]: aslInit should be called before aslLog 23/04/16 13:07:02,111 Docker[3443]: Hypervisor subprocess has exitted with code 1 23/04/16 13:07:02,111 Docker[3443]: A NIC failed, so switching to hybrid networking mode 23/04/16 13:07:02,125 Docker[1936]: Reap com.docker.driver.amd64-linux (pid 3443): exit status 0 23/04/16 13:07:03,125 Docker[1936]: Stop 1 children with order 1: com.docker.driver.amd64-linux (pid 3443) 23/04/16 13:07:03,125 Docker[1936]: Starting com.docker.driver.amd64-linux 23/04/16 13:07:03,130 Docker[1936]: Start com.docker.driver.amd64-linux (pid 3448) 23/04/16 13:07:03,154 Docker[3448]: Acquired hypervisor lock 23/04/16 13:07:03,221 Docker[3448]: hypervisor: native 23/04/16 13:07:03,221 Docker[3448]: filesystem: osxfs 23/04/16 13:07:03,222 Docker[3448]: Hypervisor: native; BootProtocol: direct; UefiBootDisk: /Users/johan/UefiBoot.qcow2 23/04/16 13:07:03,226 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:03,242 Docker[3450]: exec: /Applications/Docker.app/Contents/MacOS/com.docker.driver.amd64-linux []string{"-A", "-m", "2G", "-c", "4", "-u", "-s", "0:0,hostbridge", "-s", "31,lpc", "-s", "2:0,virtio-ipc,uuid=db9e3dd9-e7b8-476e-874c-b4b79b2d58d4,path=/var/tmp/com.docker.vmnetd.socket,macfile=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/mac.0", "-s", "3:0,virtio-ipc,uuid=be2cc3a1-0774-42f6-8b04-4c15a2ec1e3e,path=/var/tmp/com.docker.slirp.socket,macfile=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/mac.1", "-s", "4,virtio-blk,file:///Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2", "-s", "5,virtio-9p,path=/var/tmp/com.docker.db.socket,tag=db", "-s", "6,virtio-rnd", "-s", "7,virtio-9p,path=/var/tmp/com.docker.port.socket,tag=port", "-s", "8,virtio-sock,guest_cid=3,path=/var/tmp/com.docker.vsock,guest_forwards=2376;1525", "-l", "com1,pty=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty,log=/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/console-ring", "-f", "kexec,/Applications/Docker.app/Contents/Resources/moby/vmlinuz64,/Applications/Docker.app/Contents/Resources/moby/initrd.img,earlyprintk=serial console=ttyS0 com.docker.driverDir=\"/Users/johan/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux\", com.docker.database=\"com.docker.driver.amd64-linux\""} 23/04/16 13:07:03,245 Docker[3452]: Client reports version 12, commit 3c1bfeb0e86a9403f82302edfea4c4987cc2cb32 23/04/16 13:07:03,247 InternetSharing[3332]: mac address conflict with given uuid 23/04/16 13:07:03,247 InternetSharing[3332]: unable to get MAC address 23/04/16 13:07:03,247 Docker[3452]: com.docker.vmnetd: interface_param = NULL 23/04/16 13:07:03,247 Docker[3452]: Failed to initialise com.docker.vmnetd: status = VMNET_FAILURE 23/04/16 13:07:03,248 Docker[3450]: aslInit should be called before aslLog 23/04/16 13:07:03,248 Docker[3450]: aslInit should be called before aslLog 23/04/16 13:07:03,249 com.docker.slirp[3442]: PPP.negotiate: received ((magic VMN3T)(version 12)(commit 3c1bfeb0e86a9403f82302edfea4c4987cc2cb32)) 23/04/16 13:07:03,249 com.docker.slirp[3442]: PPP.negotiate: received (Ethernet be2cc3a1-0774-42f6-8b04-4c15a2ec1e3e) 23/04/16 13:07:03,249 com.docker.slirp[3442]: PPP.negotiate: sending ((mtu 1500)(max_packet_size 1550)(client_macaddr c0:ff:ee:c0:ff:ee)) 23/04/16 13:07:03,250 com.docker.slirp[3442]: PPP.listen: called a second time: doing nothing 23/04/16 13:07:03,250 com.docker.slirp[3442]: TCP/IP ready 23/04/16 13:07:05,635 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:06,137 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:06,641 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:07,142 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:07,643 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:08,149 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:08,653 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:09,158 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:09,661 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:10,162 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:10,667 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:11,172 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:11,674 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:12,176 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:12,678 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:13,183 Docker[3448]: Docker is not responding: waiting 0.5s 23/04/16 13:07:13,445 com.docker.osxfs[3441]: transfused: mount 23/04/16 13:07:13,446 com.docker.osxfs[3441]: transfused: /bin/fusermount 23/04/16 13:07:13,446 com.docker.osxfs[3441]: transfused: -o 23/04/16 13:07:13,446 com.docker.osxfs[3441]: transfused: allow_other,max_read=1048576,subtype=osxfs 23/04/16 13:07:13,446 com.docker.osxfs[3441]: transfused: /Mac 23/04/16 13:07:13,446 com.docker.osxfs[3441]: transfused: 23/04/16 13:07:13,447 com.docker.osxfs[3441]: osxfs tracing: OFF 23/04/16 13:07:14,999 Docker[3448]: Docker is responding

Same issue with beta8…

• Failed to ping docker.local
• Cannot disable VPN compatibility mode.

Uploaded pinata diagnose report although it says there is no issue.

Solved my problem by setting native/port-forwarding to true and adding an entry to the hosts file for docker.local.

Same problem here, VPN is always enabled, but I want to disable it

Uploaded logs to 96263B02-2A8A-4B0A-835B-17FE89C96500

This solution resolved my ability to access containers.

Some people are creating a /etc/hosts entry for docker.local but you can also use localhost. (ie. http://localhost:8080/)

this is a workaround, I would like to have the ports on OS X used for other stuff and have a separate IP for the docker containers like it was in Beta 7

I hope this will be fixed in the next Beta

This would seem to be the relevant bit.

I tried:

pinata set network nat
network -> nat

And it seemed to work:

pinata get network
nat

But a few seconds later:

pinata get network
hostnet

+1. Installed Docker for Mac yesterday and it was fine; turned off the computer and turned it back on today and now I can’t disable the VPN setting.

OS X: version 10.11.4 (build: 15E65)
Docker.app: version v1.11.0-beta8.2
Running diagnostic tests:
[OK]      docker-cli
[OK]      Moby booted
[OK]      driver.amd64-linux
[OK]      vmnetd
[OK]      osxfs
[OK]      db
[OK]      slirp
[OK]      menubar
[OK]      environment
[OK]      Docker
[OK]      VT-x
Docker logs are being collected into /tmp/20160428-140737.tar.gz
Most specific failure is: No error was detected
Your unique id is: 8AB3CD44-FDD7-4ABB-8F39-0831D1416973
Please quote this in all correspondence.

I have the same issue, and pinata command is not included in Version 1.12.0-beta21 (build: 11019). How do I diagnose this?