I have some virtual development machines on my lan that i use for testing out openvidu developments, the main server in question sits on 192.168.1.0/24 with ip 192.168.1.150.
I want my local docker development environment via docker compose to be able to access this ip address, so i've setup a bridge network:
networks:
my-net:
name: my-net
my-lan-access:
name: my-lan-access
driver: bridge
ipam:
driver: default
config:
- subnet: "192.168.1.0/24"
- gateway: "192.168.1.254"
Then i allow the specific containers access to this network:
networks:
my-net:
my-lan-access:
ipv4_address: "192.168.1.149"
I logged into one of the containers and attempted to ping 192.168.1.150 and i get:
From 192.168.1.149 icmp_seq=160 Destination Host Unreachable
It's clearly added the correct network as it's got 192.168.1.149 ip address yet it's unable to see the virtual machine.
Note: From outside the container on my mac i can ping 192.168.1.150 no problem and access via ssh.
UPDATE
After some reading i get why this doesn't work, it's because the bridge adapter doesn't exist on my host machine.
The idea isn't to spend time creating a bridge adapter, if the compose file needs to be sent to another developer we want to just be able to fire it all up without any hassle.
So i started to look at "macvlan" which seems like a much better option where by i can connect my specific containers directly to the lan from the host adapter:
networks:
my-net:
name: my-net
my-lan-access:
name: my-lan-access
driver: macvlan
driver_opts:
parent: en0
ipam:
config:
- subnet: "192.168.1.0/24"
gateway: "192.168.1.254"
This now brings up a new error though:
ERROR: invalid subinterface vlan name en0, example formatting is eth0.10
This doesn't make any sense, i can clearly see the en0 interface (my wifi adapter) on my mac with ifconfig:
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6463<RXCSUM,TXCSUM,TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether b0:f1:d8:21:22:dd
inet6 fe80::1400:ad93:eea1:2818%en0 prefixlen 64 secured scopeid 0xe
inet 192.168.1.124 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fdaa:bbcc:ddee:0:10a5:3e52:179e:aa31 prefixlen 64 autoconf secured
inet6 2a00:23c5:ef15:1101:45d:dabb:8af:43a3 prefixlen 64 autoconf secured
inet6 2a00:23c5:ef15:1101:419:9097:a2b3:5cf7 prefixlen 64 deprecated autoconf temporary
inet6 2a00:23c5:ef15:1101:edd5:a0e0:baa1:b3ae prefixlen 64 autoconf temporary
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
So instead i tried en0.0 hoping it would understand i don't have a sub adapter which causes this error:
ERROR: -o parent interface does was not found on the host: en0
It appears like this might be a bug in docker or docker compose?
So maybe the only option i have is to create my own bridge adapter attached to my hardware interface?
I've moved my Mongodb from a container to a local service (it was really flaky when containerised). Problem is I cannot connect from a Node api into the locally running MongoDB service. I can get this working on my Mac, but not on Ubuntu. I've tried:
- DB_HOST=mongodb://172.17.0.1:27017/proto?authSource=admin
- DB_HOST=mongodb://localhost:27017/proto?authSource=admin
// this works locally, but not on my Ubuntu server
- DB_HOST=mongodb://host.docker.internal:27017/proto?authSource=admin
Tried adding this to my docker file:
ip -4 route list match 0/0 | awk '{print $3 "host.docker.internal"}' >> /etc/hosts && \
Also tried network bridge to no avail. Example docker compose
version: '3.3'
services:
search-api:
build: ../search-api
environment:
- PORT=3333
- DB_HOST=mongodb://host.docker.internal:27017/search?authSource=admin
- DB_USER=dbuser
- DB_PASS=password
ports:
- 3333:3333
restart: always
Problem can be caused by MongoDb not listening on the correct ip address and therefore blocking your access.
Either make sure you're listening to a specific ip or listening to all: 0.0.0.0
On linux the config file is per default installed here: /etc/mongod.conf
Configuration specific Ip address:
net:
bindIp: 172.17.0.1 #being your host's ip address
port: 27017
Configuration open to all connections:
net:
bindIp: 0.0.0.0
port: 27017
To get your hosts ip address (from within a container)
On docker-for-mac and docker-for-windows you can use host.docker.internal
While on linux you need to run ip route show in the container.
When running Docker natively on Linux, you can access host services using the IP address of the docker0 interface. From inside the container, this will be your default route.
For example, on my system:
$ ip addr show docker0
7: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::f4d2:49ff:fedd:28a0/64 scope link
valid_lft forever preferred_lft forever
And inside a container:
# ip route show
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 src 172.17.0.4
(copied from here: How to access host port from docker container)
I have an issue with the docker daemon installed on an Ubuntu 14.04 VM. The logs reveal that ipv6 is enabled hence the docker seems to be listening on this ip address. Essentially, this effects Clair. I have made sure that ipv6 is disabled on the following recommendation here. I also disabled ipv6 in daemon.json as specified in Docker documentation. My docker version is Docker version 17.06.1-ce, build 874a737.
Docker daemon logs :
time="2018-02-20T20:33:17.736203462+01:00" level=info msg="IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 20 01:4860:4860::8844]"
Clair logs:
2018/02/20 20:43:51 grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: Error while dialing dial tcp [::]:6060: connect: cannot assign requested address"; Reconnecting to {[::]:6060 <nil>}
2018/02/20 20:46:14 grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: Error while dialing dial tcp [::]:6060: connect: cannot assign requested address"; Reconnecting to {[::]:6060 <nil>}
It's trying to make an IPv6 connection, but the address is wrong. [::] is IN6ADDR_ANY, not an actual address you can connect to. Provide the correct address in your config.yaml.
Did you mean to connect to localhost?
api:
# v3 grpc/RESTful API server address
addr: "[::1]:6060"
I'm learing Docker machine while encount some problems.
My computer is mac and use Docker for mac. I create 2 vm,vm1& vm2 by docker-machine,and try to init a swarm who has nodes-vm1,vm2 and my mac.My steps are below:
1. create an image called "sprinla/cms:latest" and a docker-compose.yml
version: "3"
services:
web:
image: sprinla/cms:latest
deploy:
replicas: 1
ports:
- "80:80"
networks:
- webnet
command: /data/start.sh
networks:
webnet:
2.create 2 vms.Here is vm info:
yuxrdeMBP:~ yuxr$ docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
vm1 - virtualbox Running tcp://192.168.99.100:2376 v17.12.0-ce
vm2 - virtualbox Running tcp://192.168.99.101:2376 v17.12.0-ce
init swarm on my mac host:
yuxrdeMBP:~ yuxr$ docker swarm init
Swarm initialized: current node (uf6rg1v91exlwntlskyj8iim7) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-3qb32l84n0s8vl74rj9d6psm7bzdany3piw55ohtrq0q7ly814-c5km5zg3kj9d6vn6vrtt6xxtg 192.168.65.2:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
4 join vm1 to swarm,then comes the problem
yuxrdeMBP:~ yuxr$ docker-machine ssh vm1 "docker swarm join --token SWMTKN-1-3qb32l84n0s8vl74rj9d6psm7bzdany3piw55ohtrq0q7ly814-c5km5zg3kj9d6vn6vrtt6xxtg 192.168.65.2:2377"
Error response from daemon: Timeout was reached before node joined. The attempt to join the swarm will continue in the background. Use the "docker info" command to see the current swarm status of your node.
exit status 1
5.cat the docker log :
time="2018-01-03T17:13:50.387854642Z" level=debug msg="Calling GET /_ping"
time="2018-01-03T17:13:50.388228524Z" level=debug msg="Calling GET /_ping"
time="2018-01-03T17:13:50.388521374Z" level=debug msg="Calling POST /v1.35/swarm/join"
time="2018-01-03T17:13:50.388583426Z" level=debug msg="form data: {\"AdvertiseAddr\":\"\",\"Availability\":\"\",\"DataPathAddr\":\"\",\"JoinToken\":\"*****\",\"ListenAddr\":\"0.0.0.0:2377\",\"RemoteAddrs\":[\"192.168.65.2:2377\"]}"
time="2018-01-03T17:13:55.392578452Z" level=error msg="failed to retrieve remote root CA certificate" error="rpc error: code = DeadlineExceeded desc = context deadline exceeded" module=node
time="2018-01-03T17:14:02.394608777Z" level=error msg="failed to retrieve remote root CA certificate" error="rpc error: code = DeadlineExceeded desc = context deadline exceeded" module=node
time="2018-01-03T17:14:09.395720474Z" level=error msg="failed to retrieve remote root CA certificate" error="rpc error: code = DeadlineExceeded desc = context deadline exceeded" module=node
time="2018-01-03T17:14:10.393743738Z" level=error msg="Handler for POST /v1.35/swarm/join returned error: Timeout was reached before node joined. The attempt to join the swarm will continue in the background. Use the \"docker info\" command to see the current swarm status of your node."
time="2018-01-03T17:14:16.398095265Z" level=error msg="failed to retrieve remote root CA certificate" error="rpc error: code = DeadlineExceeded desc = context deadline exceeded" module=node
time="2018-01-03T17:14:23.399587783Z" level=error msg="failed to retrieve remote root CA certificate" error="rpc error: code = DeadlineExceeded desc = context deadline exceeded" module=node
time="2018-01-03T17:14:25.399943337Z" level=error msg="cluster exited with error: rpc error: code = DeadlineExceeded desc = context deadline exceeded"
below is my mac ifconfig info:
yuxrdeMBP:~ yuxr$ ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
XHC20: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether ac:bc:32:81:97:37
inet6 fe80::4d8:6b2:718a:5d3b%en0 prefixlen 64 secured scopeid 0x5
inet 192.168.199.169 netmask 0xffffff00 broadcast 192.168.199.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0e:bc:32:81:97:37
media: autoselect
status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
ether 36:9f:65:fd:34:c3
inet6 fe80::349f:65ff:fefd:34c3%awdl0 prefixlen 64 scopeid 0x7
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 6a:00:00:e3:4c:30
media: autoselect <full-duplex>
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether 6a:00:00:e3:4c:31
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether 6a:00:00:e3:4c:30
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en1 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 8 priority 0 path cost 0
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
inet6 fe80::441e:c0e3:5429:2abb%utun0 prefixlen 64 scopeid 0xb
nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
inet6 fe80::7820:5bac:4735:7f82%utun1 prefixlen 64 scopeid 0xc
inet6 fd44:5cb3:4ab4:5d08:7820:5bac:4735:7f82 prefixlen 64
nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
inet6 fe80::26f2:e964:8dfb:e884%utun2 prefixlen 64 scopeid 0xd
nd6 options=201<PERFORMNUD,DAD>
gpd0: flags=8862<BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1400
ether 02:50:41:00:01:01
vboxnet0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
ether 0a:00:27:00:00:00
inet 192.168.99.1 netmask 0xffffff00 broadcast 192.168.99.255
Why????
mac host has ip, 192.168.99.1 ,vm1 has ip 192.168.99.100,vm2 has ip 192.168.99.101,they are in the same network,why can't vm1 nor vm2
join the mac host's swarm?
ANOTHER QUESTION:if i use vm1 as swarm manager,run "docker swarm join" commad on the mac host,when join as worker,it can join but can't use;when join as manager will has error:
yuxrdeMBP:~ yuxr$ docker swarm join --token SWMTKN-1-49w1hd28hs1mtj3sgmd0o3q7n59zgppvd18vs0iwhcnjemzmwb-7mk35zdnaslt1p41gninvwlud 192.168.99.100:2377
Error response from daemon: manager stopped: can't initialize raft node: rpc error: code = Unknown desc = could not connect to prospective new cluster member using its advertised address: rpc error: code = Unavailable desc = grpc: the connection is unavailable
THANK YOU FOR HELP ME !!!
There is no routing between the Mac host and Docker for Mac. So on a Mac you can only setup multi-node swarms between VMs, and the standard Docker for Mac cannot participate in a multi-node swam. This is a limitation on how networking is implemented on OSX.
See the documentation, where this is explained.
Also see this issue for more background.
For Me, this error got resolved by making the Security groups to Inbound Rules to All traffic in AWS.
I got the same error when trying to join a swarm cluster as a worker Used 2 VMs from Google cloud for this..
Manager node was working fine ..docker info--> swarm did not give any errors. but when i try to join the worker nodes with the token .. i got this error "Error response from daemon: Timeout was reached before node joined. The attempt to join the swarm will continue in the background. Use the "docker info" command to see the current swarm status of your node. " while docker info showed me
"rpc error: code = DeadlineExceeded desc = context deadline exceeded in swarm error"
tried a lot of different things finally below solution worked.
solution. -->. i used "docker swarm init --force-new-cluster". in one of the vms i tried to join the as a worker.. and then i used "docker swarm leave --force" on the existing manager node .. and the joined that one as a worker to the newly created cluster. Other vm also also worked when tried to join as workers for the new cluster..
ubuntu - 18.04
docker version -20.10.17
OS: window7
virtualization tool: virtualbox
virtual hypervisor: centos7
linux core as below
[root#localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-693.5.2.el7.x86_64 #1 SMP Fri Oct 20 20:32:50 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Two host IPs:
192.168.100.101
192.168.100.102
The steps:
curl -L git.io/weave -o /usr/local/bin/weave
chmod a+x /usr/local/bin/weave
[root#localhost ~]# weave launch 192.168.100.102
WARNING: existing iptables rule
'-A FORWARD -j REJECT --reject-with icmp-host-prohibited'
will block name resolution via weaveDNS - please reconfigure your firewall.
cannot locate running docker daemon
Warning: unable to detect proxy TLS configuration. To enable TLS, launch the proxy with ‘weave launch’ and supply TLS options. To suppress this warning, supply the ‘–no-detect-tls’ option.
3227932d5be77917c4e0b780cafe1171287c1029637f2360ece580fe6239cb4f
[root#localhost ~]# weave status
Version: 2.1.1 (failed to check latest version - see logs; next check at 2017/11/28 19:18:07)
Service: router
Protocol: weave 1..2
Name: 06:e0:c4:68:0c:ae(localhost.localdomain)
Encryption: disabled
PeerDiscovery: enabled
Targets: 1
Connections: 1 (1 failed)
Peers: 1
TrustedSubnets: none
Service: ipam
Status: ready
Range: 10.32.0.0/12
DefaultSubnet: 10.32.0.0/12
Service: dns
Domain: weave.local.
Upstream: 135.251.4.190, 135.251.38.218, 192.168.1.1
TTL: 1
Entries: 0
Service: proxy
Address: unix:///var/run/weave/weave.sock
Service: plugin (legacy)
DriverName: weave
[root#localhost ~]# weave version
weave script 2.1.1
weave 2.1.1
As above , the Connections: 1 (1 failed) , the docker run on these two hosts can’t ping each other.
And when I type weave version, it only showed weave script 2.1.1 and weave 2.1.1, not like other articles said it will show weaveexec and plugin or weavedns and so on. Is this the difference between versions or some mistakes I have made ?
Please help , thank you very much!
my docker log as below
[root#localhost ~]# docker logs weave
INFO: 2017/11/29 01:08:07.807752 Command line options: map[dns-effective-listen-address:172.17.0.1 nickname:localhost.localdomain dns-listen-address:172.17.0.1:53 ipalloc-range:10.32.0.0/12 status-addr:127.0.0.1:6782 weave-bridge:weave H:[unix:///var/run/weave/weave.sock] host-root:/host http-addr:127.0.0.1:6784 port:6783 proxy:true resolv-conf:/var/run/weave/etc/resolv.conf datapath:datapath docker-bridge:docker0 plugin:true]
INFO: 2017/11/29 01:08:07.807841 weave 2.1.1
INFO: 2017/11/29 01:08:07.859209 Docker API on unix:///var/run/docker.sock: &[ApiVersion=1.24 GoVersion=go1.8.3 Os=linux BuildTime=2017-10-24T15:40:21.112972404+00:00 PkgVersion=docker-1.12.6-61.git85d7426.el7.centos.x86_64 Version=1.12.6 Arch=amd64 KernelVersion=3.10.0-693.5.2.el7.x86_64 GitCommit=85d7426/1.12.6]
INFO: 2017/11/29 01:08:07.859520 Using docker bridge IP for DNS: 172.17.0.1
INFO: 2017/11/29 01:08:07.863781 proxy listening on unix:///var/run/weave/weave.sock
INFO: 2017/11/29 01:08:08.940871 Bridge type is bridged_fastdp
INFO: 2017/11/29 01:08:08.940885 Communication between peers is unencrypted.
INFO: 2017/11/29 01:08:08.961891 Our name is 06:e0:c4:68:0c:ae(localhost.localdomain)
INFO: 2017/11/29 01:08:08.962058 Restart/resume detected - using persisted peer list: [192.168.100.102]
INFO: 2017/11/29 01:08:08.972210 Docker API on unix:///var/run/docker.sock: &[KernelVersion=3.10.0-693.5.2.el7.x86_64 PkgVersion=docker-1.12.6-61.git85d7426.el7.centos.x86_64 GoVersion=go1.8.3 Os=linux Arch=amd64 BuildTime=2017-10-24T15:40:21.112972404+00:00 Version=1.12.6 ApiVersion=1.24 GitCommit=85d7426/1.12.6]
INFO: 2017/11/29 01:08:08.974990 Checking for pre-existing addresses on weave bridge
INFO: 2017/11/29 01:08:09.009949 [allocator 06:e0:c4:68:0c:ae] Initialising with persisted data
INFO: 2017/11/29 01:08:09.034491 Listening for DNS queries on 172.17.0.1
INFO: 2017/11/29 01:08:09.086102 Sniffing traffic on datapath (via ODP)
INFO: 2017/11/29 01:08:09.114882 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:09.116392 Listening for HTTP control messages on 127.0.0.1:6784
INFO: 2017/11/29 01:08:09.116576 Listening for metrics requests on 127.0.0.1:6782
INFO: 2017/11/29 01:08:09.125917 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:08:09.151109 Waiting for Weave API Server...
INFO: 2017/11/29 01:08:09.159548 Finished waiting for Weave API Server
INFO: 2017/11/29 01:08:09.159706 Listening on /run/docker/plugins/weave.sock for global scope
INFO: 2017/11/29 01:08:09.159811 Listening on /run/docker/plugins/weavemesh.sock for local scope
INFO: 2017/11/29 01:08:09.159822 Creating default "weave" network
INFO: 2017/11/29 01:08:09.462160 Discovered local MAC 06:e0:c4:68:0c:ae
INFO: 2017/11/29 01:08:09.547179 Discovered local MAC 46:2b:0d:08:12:be
INFO: 2017/11/29 01:08:09.554830 Discovered local MAC 0e:46:f3:dd:57:96
INFO: 2017/11/29 01:08:11.612424 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:11.614477 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:08:13.980824 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:13.982289 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:08:18.124543 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:18.125556 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:08:23.294574 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:23.322022 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:08:37.070537 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:37.073928 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:08:39.222651 Error checking version: Get https://checkpoint-api.weave.works/v1/check/weave-net?arch=amd64&flag_docker-version=1.12.6&flag_kernel-version=3.10.0-693.5.2.el7.x86_64&os=linux&signature=fvXv9SDD9r8gjV6d2HrXkVdBv5U72%2BeXQ6NT2u0JkKc%3D&version=2.1.1: dial tcp: lookup checkpoint-api.weave.works on 135.252.166.21:53: read udp 192.168.100.101:34840->135.252.166.21:53: i/o timeout
INFO: 2017/11/29 01:08:46.009136 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:08:46.011168 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:09:16.169210 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:09:16.171278 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:09:42.294136 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:09:42.296081 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:10:28.752091 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:10:28.756481 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:12:03.755330 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:12:03.760374 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:14:30.481453 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:14:30.486632 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:17:41.166716 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:17:41.168341 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:22:38.820826 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:22:38.829815 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
INFO: 2017/11/29 01:23:08.968136 Expired MAC 06:e0:c4:68:0c:ae at 06:e0:c4:68:0c:ae(localhost.localdomain)
INFO: 2017/11/29 01:23:08.968199 Expired MAC 46:2b:0d:08:12:be at 06:e0:c4:68:0c:ae(localhost.localdomain)
INFO: 2017/11/29 01:23:08.968219 Expired MAC 0e:46:f3:dd:57:96 at 06:e0:c4:68:0c:ae(localhost.localdomain)
INFO: 2017/11/29 01:30:27.085406 ->[192.168.100.102:6783] attempting connection
INFO: 2017/11/29 01:30:27.089200 ->[192.168.100.102:6783] error during connection attempt: dial tcp4 :0->192.168.100.102:6783: getsockopt: no route to host
but on 192.168.100.101 , I can ping 192.168.100.102
[root#localhost ~]# ping 192.168.100.102
PING 192.168.100.102 (192.168.100.102) 56(84) bytes of data.
64 bytes from 192.168.100.102: icmp_seq=1 ttl=64 time=1.19 ms
64 bytes from 192.168.100.102: icmp_seq=2 ttl=64 time=1.05 ms
64 bytes from 192.168.100.102: icmp_seq=3 ttl=64 time=0.906 ms
^C
--- 192.168.100.102 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 0.906/1.051/1.195/0.120 ms
The issue has been resolved and shared my experience here.
As I described in my question
[root#localhost ~]# weave launch 192.168.100.102
WARNING: existing iptables rule
'-A FORWARD -j REJECT --reject-with icmp-host-prohibited'
will block name resolution via weaveDNS - please reconfigure your firewall.
cannot locate running docker daemon
Warning: unable to detect proxy TLS configuration. To enable TLS, launch the proxy with ‘weave launch’ and supply TLS options. To suppress this warning, supply the ‘–no-detect-tls’ option.
3227932d5be77917c4e0b780cafe1171287c1029637f2360ece580fe6239cb4f
Then on both hosts ,I run command
[root#localhost ~]# iptables -F
And then stop and rm all docker container and stop weave and then restart docker daemon and then on host 192.168.100.101 ,run command
[root#localhost ~]# weave launch
[root#localhost ~]# eval $(weave env)
[root#localhost ~]# docker run --name bbox1 -itd busybox
[root#localhost ~]# docker run --name bbox2 -itd busybox
and on host 192.168.100.102 , run command
[root#localhost ~]# weave launch 192.168.100.101
[root#localhost ~]# eval $(weave env)
[root#localhost ~]# docker run --name bbox3 -itd busybox
And then test
[root#localhost ~]# docker exec bbox3 ping -c2 bbox1
PING bbox1 (10.32.0.1): 56 data bytes
64 bytes from 10.32.0.1: seq=0 ttl=64 time=0.940 ms
64 bytes from 10.32.0.1: seq=1 ttl=64 time=2.362 ms
--- bbox1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.940/1.651/2.362 ms
Done!
so it seemed that the iptables rule is the root cause. I will learn more iptables rules later so that avoid merely using "iptables -F".
Thanks for #Marc Carré very much.
it only showed weave script 2.1.1 and weave 2.1.1, not like other articles said it will show weaveexec and plugin or weavedns and so on
This is expected with your version of Weave Net.
In prior versions, Weave Net started different containers, but starting Weave Net 2.0, these have been merged together.
See also:
https://github.com/weaveworks/weave/blob/master/CHANGELOG.md#release-200
All of Weave Net now runs in one container
Previously we had three separate containers for routing, Docker API proxy and Docker plugin. Running everything in one simplifies start-up and removes the need to detect various error conditions. #1642,#2897,#2936,#2945,#2946,#2951,#2960
https://www.weave.works/blog/weave-net-2-released
In Weave Net 2.0, the various processes forming Weave Net were merged into a single process.
and what follows.
Would you mind pointing to the docs which caused the confusion, so that we could improve these?