DOCKER_HOST have a weird tcp #392

Closed
Freyskeyd opened this Issue Jun 11, 2014 · 77 comments

Comments

Projects
None yet
@Freyskeyd

Hey,

i don't know why, when i use boot2docker up to boot the VM, i get this:

▶ boot2docker up
2014/06/11 22:49:00 Waiting for VM to be started...
...........2014/06/11 22:49:22 exit status 255

2014/06/11 22:49:22 Started.
2014/06/11 22:49:22 Auto detection of the VM's IP address.
2014/06/11 22:49:22 To connect the Docker client to the Docker daemon, please set:
2014/06/11 22:49:22     export DOCKER_HOST=tcp://:41960

I'm on OSX Mavericks with :

▶ boot2docker version
Client version: v0.12.0
Git commit: 16abe29
@luebken

This comment has been minimized.

Show comment
Hide comment
@luebken

luebken Jun 11, 2014

+1
The IP is missing.

Also try:

boot2docker ip
2014/06/11 22:56:01 exit status 255
Failed to get VM Host only IP address.
    Was the VM initilized using boot2docker?

And ssh doesn't work anymore

boot2docker ssh
ssh_exchange_identification: Connection closed by remote host
2014/06/11 22:56:12 exit status 255

The only workaround that works for so far is boot2docker delete and boot2docker init

luebken commented Jun 11, 2014

+1
The IP is missing.

Also try:

boot2docker ip
2014/06/11 22:56:01 exit status 255
Failed to get VM Host only IP address.
    Was the VM initilized using boot2docker?

And ssh doesn't work anymore

boot2docker ssh
ssh_exchange_identification: Connection closed by remote host
2014/06/11 22:56:12 exit status 255

The only workaround that works for so far is boot2docker delete and boot2docker init

@Freyskeyd

This comment has been minimized.

Show comment
Hide comment
@Freyskeyd

Freyskeyd Jun 12, 2014

i agree the only solution is to delete and init the VM again.

i agree the only solution is to delete and init the VM again.

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Jun 12, 2014

Contributor

@Freyskeyd your issue looks different to @luebken 's

you probably don't need to delete the vm - run boot2docker ip, or even boot2docker up again, and the link should work - there is a small timing window that I haven't fully tracked down where the IP address isn't gotten correctly.

whereas @luebken looks very much like the vm was created pre-1.0.0 - which can work, but may be from before 0.9 - when I added the host only network.

Contributor

SvenDowideit commented Jun 12, 2014

@Freyskeyd your issue looks different to @luebken 's

you probably don't need to delete the vm - run boot2docker ip, or even boot2docker up again, and the link should work - there is a small timing window that I haven't fully tracked down where the IP address isn't gotten correctly.

whereas @luebken looks very much like the vm was created pre-1.0.0 - which can work, but may be from before 0.9 - when I added the host only network.

@Freyskeyd

This comment has been minimized.

Show comment
Hide comment
@Freyskeyd

Freyskeyd Jun 12, 2014

I've tried to up, ip, down -> up -> ip. Nothing changed. The only solution for my problem is to:

delete -> download -> init

I've tried to up, ip, down -> up -> ip. Nothing changed. The only solution for my problem is to:

delete -> download -> init

@tjrivera

This comment has been minimized.

Show comment
Hide comment
@tjrivera

tjrivera Jun 16, 2014

I'm also seeing this problem. I ended up completely removing boot2docker. Not just running boot2docker delete but also removing ~/.boot2docker and making sure the machine was gone from Virtualbox. The issue seems to be related to my use of a VPN. Trying to use boot2docker while connected to my VPN tends to screw everything up ( would have to change DOCKER_HOST to tcp://:2375 -- even then unable to communicate with the daemon). pre-1.0 I would usually have to restart the boot2docker vm to make sure it was binding to the VPN instead of my regular network interface and everything remained generally usable. I don't know enough about the network stack to provide any kind of helpful information as to whats going on behind the scenes on my system, but would be happy to provide info if pointed in the right direction.

I'm also seeing this problem. I ended up completely removing boot2docker. Not just running boot2docker delete but also removing ~/.boot2docker and making sure the machine was gone from Virtualbox. The issue seems to be related to my use of a VPN. Trying to use boot2docker while connected to my VPN tends to screw everything up ( would have to change DOCKER_HOST to tcp://:2375 -- even then unable to communicate with the daemon). pre-1.0 I would usually have to restart the boot2docker vm to make sure it was binding to the VPN instead of my regular network interface and everything remained generally usable. I don't know enough about the network stack to provide any kind of helpful information as to whats going on behind the scenes on my system, but would be happy to provide info if pointed in the right direction.

@Freyskeyd

This comment has been minimized.

Show comment
Hide comment
@Freyskeyd

Freyskeyd Jun 16, 2014

I think it's a problem with vagrant, i get this when i specify forwarded port i think.

I think it's a problem with vagrant, i get this when i specify forwarded port i think.

@Freyskeyd

This comment has been minimized.

Show comment
Hide comment
@Freyskeyd

Freyskeyd Jun 17, 2014

I confirm:

$ boot2docker delete
$ boot2docker download
$ boot2docker init
2014/06/17 16:19:58 Creating VM boot2docker-vm...
2014/06/17 16:19:58 Apply interim patch to VM boot2docker-vm (https://www.virtualbox.org/ticket/12748)
2014/06/17 16:19:58 Setting NIC #1 to use NAT network...
2014/06/17 16:19:58 Port forwarding [ssh] tcp://127.0.0.1:2022 --> :22
2014/06/17 16:19:58 Port forwarding [docker] tcp://127.0.0.1:2375 --> :2375
2014/06/17 16:19:59 Setting NIC #2 to use host-only network "vboxnet5"...
2014/06/17 16:19:59 Setting VM storage...
2014/06/17 16:20:05 Done. Type `boot2docker up` to start the VM.

$ boot2docker up
2014/06/17 16:20:11 Waiting for VM to be started...
............
2014/06/17 16:20:36 Started.
2014/06/17 16:20:36 Auto detection of the VM's IP address.
2014/06/17 16:20:36 To connect the Docker client to the Docker daemon, please set:
2014/06/17 16:20:36     export DOCKER_HOST=tcp://:2375

$ boot2docker ip
The VM's Host only interface IP address is: 192.168.59.104

$ VBoxManage controlvm boot2docker-vm natpf1 "fskdTwitterRuby,tcp,127.0.0.1,3000,,3000"
$ boot2docker ip
2014/06/17 16:20:51 exit status 255

Failed to get VM Host only IP address.
    Was the VM initilized using boot2docker?

When i use VBoxManage to open port, boot2docker fire an error.

I confirm:

$ boot2docker delete
$ boot2docker download
$ boot2docker init
2014/06/17 16:19:58 Creating VM boot2docker-vm...
2014/06/17 16:19:58 Apply interim patch to VM boot2docker-vm (https://www.virtualbox.org/ticket/12748)
2014/06/17 16:19:58 Setting NIC #1 to use NAT network...
2014/06/17 16:19:58 Port forwarding [ssh] tcp://127.0.0.1:2022 --> :22
2014/06/17 16:19:58 Port forwarding [docker] tcp://127.0.0.1:2375 --> :2375
2014/06/17 16:19:59 Setting NIC #2 to use host-only network "vboxnet5"...
2014/06/17 16:19:59 Setting VM storage...
2014/06/17 16:20:05 Done. Type `boot2docker up` to start the VM.

$ boot2docker up
2014/06/17 16:20:11 Waiting for VM to be started...
............
2014/06/17 16:20:36 Started.
2014/06/17 16:20:36 Auto detection of the VM's IP address.
2014/06/17 16:20:36 To connect the Docker client to the Docker daemon, please set:
2014/06/17 16:20:36     export DOCKER_HOST=tcp://:2375

$ boot2docker ip
The VM's Host only interface IP address is: 192.168.59.104

$ VBoxManage controlvm boot2docker-vm natpf1 "fskdTwitterRuby,tcp,127.0.0.1,3000,,3000"
$ boot2docker ip
2014/06/17 16:20:51 exit status 255

Failed to get VM Host only IP address.
    Was the VM initilized using boot2docker?

When i use VBoxManage to open port, boot2docker fire an error.

@dmlond

This comment has been minimized.

Show comment
Hide comment
@dmlond

dmlond Jun 18, 2014

I am on Mavericks (10.9.3).
$ boot2docker version
Client version: v1.0.0
Git commit: 2fef7b2

I am using the Cisco Anyconnect VPN to connect to the my work VPN.
$ boot2docker down
$ boot2docker delete
$ boot2docker init
2014/06/18 08:36:52 Creating VM boot2docker-vm...
2014/06/18 08:36:52 Apply interim patch to VM boot2docker-vm (https://www.virtualbox.org/ticket/12748)
2014/06/18 08:36:52 Setting NIC #1 to use NAT network...
2014/06/18 08:36:52 Port forwarding [ssh] tcp://127.0.0.1:2022 --> :22
2014/06/18 08:36:52 Port forwarding [docker] tcp://127.0.0.1:2375 --> :2375
2014/06/18 08:36:53 Setting NIC #2 to use host-only network "vboxnet0"...
2014/06/18 08:36:53 Setting VM storage...
2014/06/18 08:36:59 Done. Type boot2docker up to start the VM.
$ boot2docker up
2014/06/18 08:37:04 Waiting for VM to be started...
............
2014/06/18 08:37:28 Started.
2014/06/18 08:37:28 To connect the Docker client to the Docker daemon, please set:
2014/06/18 08:37:28 export DOCKER_HOST=tcp://192.168.59.105:2375
$ export DOCKER_HOST=tcp://192.168.59.105:2375
$ boot2docker ip

The VM's Host only interface IP address is: 192.168.59.105

$ docker images
2014/06/18 08:39:46 Get http://192.168.59.105:2375/v1.12/images/json: dial tcp 192.168.59.105:2375: operation timed out

dmlond commented Jun 18, 2014

I am on Mavericks (10.9.3).
$ boot2docker version
Client version: v1.0.0
Git commit: 2fef7b2

I am using the Cisco Anyconnect VPN to connect to the my work VPN.
$ boot2docker down
$ boot2docker delete
$ boot2docker init
2014/06/18 08:36:52 Creating VM boot2docker-vm...
2014/06/18 08:36:52 Apply interim patch to VM boot2docker-vm (https://www.virtualbox.org/ticket/12748)
2014/06/18 08:36:52 Setting NIC #1 to use NAT network...
2014/06/18 08:36:52 Port forwarding [ssh] tcp://127.0.0.1:2022 --> :22
2014/06/18 08:36:52 Port forwarding [docker] tcp://127.0.0.1:2375 --> :2375
2014/06/18 08:36:53 Setting NIC #2 to use host-only network "vboxnet0"...
2014/06/18 08:36:53 Setting VM storage...
2014/06/18 08:36:59 Done. Type boot2docker up to start the VM.
$ boot2docker up
2014/06/18 08:37:04 Waiting for VM to be started...
............
2014/06/18 08:37:28 Started.
2014/06/18 08:37:28 To connect the Docker client to the Docker daemon, please set:
2014/06/18 08:37:28 export DOCKER_HOST=tcp://192.168.59.105:2375
$ export DOCKER_HOST=tcp://192.168.59.105:2375
$ boot2docker ip

The VM's Host only interface IP address is: 192.168.59.105

$ docker images
2014/06/18 08:39:46 Get http://192.168.59.105:2375/v1.12/images/json: dial tcp 192.168.59.105:2375: operation timed out

@dmlond

This comment has been minimized.

Show comment
Hide comment
@dmlond

dmlond Jun 18, 2014

ok. For me, it all works, with or without vpn, if I export DOCKER_HOST=tcp://127.0.0.1:2375. I am not sure if this is the intended way to do things?

dmlond commented Jun 18, 2014

ok. For me, it all works, with or without vpn, if I export DOCKER_HOST=tcp://127.0.0.1:2375. I am not sure if this is the intended way to do things?

@Freyskeyd

This comment has been minimized.

Show comment
Hide comment
@Freyskeyd

Freyskeyd Jun 18, 2014

Currently i'm trying to use Host-only with some tricks.

I think problem is VBoxManage forwarded port modification

Currently i'm trying to use Host-only with some tricks.

I think problem is VBoxManage forwarded port modification

@dmlond

This comment has been minimized.

Show comment
Hide comment
@dmlond

dmlond Jun 18, 2014

I was able to get it working today :) I have to export DOCKER_HOST=tcp://
127.0.0.1:2375 I am not sure if this is the intended way to do things, but
it works.

On Wed, Jun 18, 2014 at 10:43 AM, Simon Paitrault notifications@github.com
wrote:

Currently i'm trying to use Host-only with some tricks.

I think problem is VBoxManage forwarded port modification


Reply to this email directly or view it on GitHub
#392 (comment)
.

dmlond commented Jun 18, 2014

I was able to get it working today :) I have to export DOCKER_HOST=tcp://
127.0.0.1:2375 I am not sure if this is the intended way to do things, but
it works.

On Wed, Jun 18, 2014 at 10:43 AM, Simon Paitrault notifications@github.com
wrote:

Currently i'm trying to use Host-only with some tricks.

I think problem is VBoxManage forwarded port modification


Reply to this email directly or view it on GitHub
#392 (comment)
.

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Jun 19, 2014

Contributor

very very odd - @dmlond if you boot2docker ssh to the vm, can you please paste the output of ip addr here?

Contributor

SvenDowideit commented Jun 19, 2014

very very odd - @dmlond if you boot2docker ssh to the vm, can you please paste the output of ip addr here?

@dmlond

This comment has been minimized.

Show comment
Hide comment
@dmlond

dmlond Jun 19, 2014

Here is the output from boot2docker running in the absence of VPN.

docker@boot2docker:~$ ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN

    link/ether be:6a:df:66:df:4f brd ff:ff:ff:ff:ff:ff

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:4c:77:a2 brd ff:ff:ff:ff:ff:ff

    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:fe4c:77a2/64 scope link

       valid_lft forever preferred_lft forever

4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:b6:c7:df brd ff:ff:ff:ff:ff:ff

    inet 192.168.59.103/24 brd 192.168.59.255 scope global eth1

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:feb6:c7df/64 scope link

       valid_lft forever preferred_lft forever

5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN

    link/ether 56:84:7a:fe:97:99 brd ff:ff:ff:ff:ff:ff

    inet 172.17.42.1/16 scope global docker0

       valid_lft forever preferred_lft forever

    inet6 fe80::5484:7aff:fefe:9799/64 scope link

       valid_lft forever preferred_lft forever

Here is the output after I ran boot2docker stop; boot2docker delete;
(ATTACH TO VPN); boot2docker init; boot2docker up; boot2docker ssh

docker@boot2docker:~$ ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN

    link/ether 26:70:4c:11:39:bb brd ff:ff:ff:ff:ff:ff

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:79:ea:88 brd ff:ff:ff:ff:ff:ff

    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:fe79:ea88/64 scope link

       valid_lft forever preferred_lft forever

4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:c2:76:af brd ff:ff:ff:ff:ff:ff

    inet 192.168.59.103/24 brd 192.168.59.255 scope global eth1

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:fec2:76af/64 scope link

       valid_lft forever preferred_lft forever

5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN

    link/ether 56:84:7a:fe:97:99 brd ff:ff:ff:ff:ff:ff

    inet 172.17.42.1/16 scope global docker0

       valid_lft forever preferred_lft forever

On Wed, Jun 18, 2014 at 10:25 PM, Sven Dowideit notifications@github.com
wrote:

very very odd - @dmlond https://github.com/dmlond if you boot2docker ssh
to the vm, can you please paste the output of ip addr here?


Reply to this email directly or view it on GitHub
#392 (comment)
.

dmlond commented Jun 19, 2014

Here is the output from boot2docker running in the absence of VPN.

docker@boot2docker:~$ ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN

    link/ether be:6a:df:66:df:4f brd ff:ff:ff:ff:ff:ff

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:4c:77:a2 brd ff:ff:ff:ff:ff:ff

    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:fe4c:77a2/64 scope link

       valid_lft forever preferred_lft forever

4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:b6:c7:df brd ff:ff:ff:ff:ff:ff

    inet 192.168.59.103/24 brd 192.168.59.255 scope global eth1

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:feb6:c7df/64 scope link

       valid_lft forever preferred_lft forever

5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN

    link/ether 56:84:7a:fe:97:99 brd ff:ff:ff:ff:ff:ff

    inet 172.17.42.1/16 scope global docker0

       valid_lft forever preferred_lft forever

    inet6 fe80::5484:7aff:fefe:9799/64 scope link

       valid_lft forever preferred_lft forever

Here is the output after I ran boot2docker stop; boot2docker delete;
(ATTACH TO VPN); boot2docker init; boot2docker up; boot2docker ssh

docker@boot2docker:~$ ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN

    link/ether 26:70:4c:11:39:bb brd ff:ff:ff:ff:ff:ff

3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:79:ea:88 brd ff:ff:ff:ff:ff:ff

    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:fe79:ea88/64 scope link

       valid_lft forever preferred_lft forever

4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000

    link/ether 08:00:27:c2:76:af brd ff:ff:ff:ff:ff:ff

    inet 192.168.59.103/24 brd 192.168.59.255 scope global eth1

       valid_lft forever preferred_lft forever

    inet6 fe80::a00:27ff:fec2:76af/64 scope link

       valid_lft forever preferred_lft forever

5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN

    link/ether 56:84:7a:fe:97:99 brd ff:ff:ff:ff:ff:ff

    inet 172.17.42.1/16 scope global docker0

       valid_lft forever preferred_lft forever

On Wed, Jun 18, 2014 at 10:25 PM, Sven Dowideit notifications@github.com
wrote:

very very odd - @dmlond https://github.com/dmlond if you boot2docker ssh
to the vm, can you please paste the output of ip addr here?


Reply to this email directly or view it on GitHub
#392 (comment)
.

@jchauncey

This comment has been minimized.

Show comment
Hide comment
@jchauncey

jchauncey Jun 22, 2014

I had to go in to virtual box preference and remove the host-only networks to delete the old vbox interfaces.

I had to go in to virtual box preference and remove the host-only networks to delete the old vbox interfaces.

@garthk

This comment has been minimized.

Show comment
Hide comment
@garthk

garthk Jun 23, 2014

I'm also running a VPN, and newly experiencing this problem after upgrading. and dismayed that the only quick fix is to destroy everything and start over.

To preserve your images and containers:

  • Locate boot2docker-vm.vmdk in either $HOME/.boot2docker or $HOME/VirtualBox VMs/boot2docker-vm
  • Move it out of the way
  • Touch the original filename so boot2docker delete doesn't stuff up
  • boot2docker delete
  • boot2docker init
  • Move boot2docker-vm.vmdk back
  • boot2docker up

garthk commented Jun 23, 2014

I'm also running a VPN, and newly experiencing this problem after upgrading. and dismayed that the only quick fix is to destroy everything and start over.

To preserve your images and containers:

  • Locate boot2docker-vm.vmdk in either $HOME/.boot2docker or $HOME/VirtualBox VMs/boot2docker-vm
  • Move it out of the way
  • Touch the original filename so boot2docker delete doesn't stuff up
  • boot2docker delete
  • boot2docker init
  • Move boot2docker-vm.vmdk back
  • boot2docker up
@fikriauliya

This comment has been minimized.

Show comment
Hide comment
@fikriauliya

fikriauliya Jun 23, 2014

I also encounter this problem on Windows when new port forwarding in VBox is added under Adapter 1, NAT. The problem resolved when that port forwarding is deleted.

I also encounter this problem on Windows when new port forwarding in VBox is added under Adapter 1, NAT. The problem resolved when that port forwarding is deleted.

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Jun 24, 2014

Contributor

@garthk awesome - wanna make a PR?

Contributor

SvenDowideit commented Jun 24, 2014

@garthk awesome - wanna make a PR?

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Jun 24, 2014

Contributor

ok, so we need to add some code to https://github.com/boot2docker/boot2docker-cli to check and clean up the old port forwards - anyone want to have a go?

Contributor

SvenDowideit commented Jun 24, 2014

ok, so we need to add some code to https://github.com/boot2docker/boot2docker-cli to check and clean up the old port forwards - anyone want to have a go?

@frankamp

This comment has been minimized.

Show comment
Hide comment
@frankamp

frankamp Aug 1, 2014

Echo @dmlond a workaround is that with the VPN shutoff everything works great. In my case it was also Cisco Anyconnect VPN. With it on, I get exactly his results. This issue looks a little muddy however, and maybe the vpn specific problem deserves its own new issue "Cisco Anyconnect VPN and boot2docker don't play nicely".

frankamp commented Aug 1, 2014

Echo @dmlond a workaround is that with the VPN shutoff everything works great. In my case it was also Cisco Anyconnect VPN. With it on, I get exactly his results. This issue looks a little muddy however, and maybe the vpn specific problem deserves its own new issue "Cisco Anyconnect VPN and boot2docker don't play nicely".

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Aug 5, 2014

Contributor

https://forums.virtualbox.org/viewtopic.php?f=8&t=55066 has some interesting details that may help some users

Contributor

SvenDowideit commented Aug 5, 2014

https://forums.virtualbox.org/viewtopic.php?f=8&t=55066 has some interesting details that may help some users

@tauren

This comment has been minimized.

Show comment
Hide comment
@tauren

tauren Aug 30, 2014

👍 experiencing same problem with Cisco Anyconnect VPN.

tauren commented Aug 30, 2014

👍 experiencing same problem with Cisco Anyconnect VPN.

@tardyp

This comment has been minimized.

Show comment
Hide comment
@tardyp

tardyp Sep 3, 2014

The above method did not work for me (Anyconnect 3.1)

anyconnect maintains a route to my docker network but redirects it to tun0.
I did manage to resolve the situation with the command:

sudo route -nv change -net 192.168.59 -interface vboxnet0
sudo ipfw list |grep 'deny ip'
# copy paste rule number
sudo ipfw delete 00035

tardyp commented Sep 3, 2014

The above method did not work for me (Anyconnect 3.1)

anyconnect maintains a route to my docker network but redirects it to tun0.
I did manage to resolve the situation with the command:

sudo route -nv change -net 192.168.59 -interface vboxnet0
sudo ipfw list |grep 'deny ip'
# copy paste rule number
sudo ipfw delete 00035
@auxesis

This comment has been minimized.

Show comment
Hide comment
@auxesis

auxesis Sep 5, 2014

These are the steps I used to work around this AnyConnect problem:

# Quit AnyConnect. 
boot2docker down # Shut down boot2docker VirtualBox bits
sudo route -nv add -net 192.168.56 -interface vboxnet0 # Add a static route
boot2docker up # Start up boot2docker, bring VirtualBox bits back up
export DOCKER_HOST=tcp://$(boot2docker ip 2>/dev/null):2375 # Dynamically determine how to connect to the Docker daemon in the VirtualBox VM
docker images # List images. This should just work.

auxesis commented Sep 5, 2014

These are the steps I used to work around this AnyConnect problem:

# Quit AnyConnect. 
boot2docker down # Shut down boot2docker VirtualBox bits
sudo route -nv add -net 192.168.56 -interface vboxnet0 # Add a static route
boot2docker up # Start up boot2docker, bring VirtualBox bits back up
export DOCKER_HOST=tcp://$(boot2docker ip 2>/dev/null):2375 # Dynamically determine how to connect to the Docker daemon in the VirtualBox VM
docker images # List images. This should just work.
@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Sep 5, 2014

Contributor

excellent :)

one thing - please replace your export DOCKER_HOST... line with $(boot2docker shellinit) - that will detect the docker port, and will also add any future env vars

it already will add the DOCKER_CERT_PATH var if you configure the iso to run using TLS.

Contributor

SvenDowideit commented Sep 5, 2014

excellent :)

one thing - please replace your export DOCKER_HOST... line with $(boot2docker shellinit) - that will detect the docker port, and will also add any future env vars

it already will add the DOCKER_CERT_PATH var if you configure the iso to run using TLS.

@hangtwenty hangtwenty referenced this issue in boot2docker/osx-installer Sep 18, 2014

Closed

shouldn't the docs use `boot2docker shellinit`? #68

@btaz

This comment has been minimized.

Show comment
Hide comment

btaz commented Sep 18, 2014

Using this script https://raw.githubusercontent.com/frosenberg/docker-dns-scripts/master/vpn-fix.sh made it possible for me to use boot2docker with AnyConnect 3.1
I found this script from this page: http://www.devopslife.com/2014/08/08/docker-boot2docker-and-dns-resolution-of-containers.html

@hangtwenty

This comment has been minimized.

Show comment
Hide comment
@hangtwenty

hangtwenty Sep 18, 2014

@auxesis can you please adjust line 3 in your code snippet? it's a helpful tip, but you typed 192.168.56 instead of 192.168.59.103 and it could screw up a copy-and-paster 👅

@auxesis can you please adjust line 3 in your code snippet? it's a helpful tip, but you typed 192.168.56 instead of 192.168.59.103 and it could screw up a copy-and-paster 👅

@auxesis

This comment has been minimized.

Show comment
Hide comment
@auxesis

auxesis Sep 19, 2014

@hangtwenty ¯\_(ツ)_/¯ not much I can do about copy-and-pasters running commands verbatim from random comments on GitHub issues.

Also, that's exactly what I typed to make it work.

auxesis commented Sep 19, 2014

@hangtwenty ¯\_(ツ)_/¯ not much I can do about copy-and-pasters running commands verbatim from random comments on GitHub issues.

Also, that's exactly what I typed to make it work.

@sindhus

This comment has been minimized.

Show comment
Hide comment
@sindhus

sindhus Oct 23, 2014

@garthk Thank you for that solution!! that totally worked :)

sindhus commented Oct 23, 2014

@garthk Thank you for that solution!! that totally worked :)

@darethas

This comment has been minimized.

Show comment
Hide comment
@darethas

darethas Nov 6, 2014

@auxesis solution worked for me, however had to change to vboxnet1, not vboxnet0

darethas commented Nov 6, 2014

@auxesis solution worked for me, however had to change to vboxnet1, not vboxnet0

@Kris-Law

This comment has been minimized.

Show comment
Hide comment
@Kris-Law

Kris-Law Nov 9, 2014

@jchauncey Your solution of removing the VirtualBox host only networks worked for me. I am running Docker / boot2docker on OS X Yosemite. Here's what I did in detail:

  • boot2docker delete
  • In Virtualbox, go to VirtualBox (menu) => Preferences => Network => Host Only Networks
    • Delete the host only networks, then I re-added them
  • boot2docker init
  • boot2docker up

Now Docker works from the OS X command line via iTerm2 for me.

Kris-Law commented Nov 9, 2014

@jchauncey Your solution of removing the VirtualBox host only networks worked for me. I am running Docker / boot2docker on OS X Yosemite. Here's what I did in detail:

  • boot2docker delete
  • In Virtualbox, go to VirtualBox (menu) => Preferences => Network => Host Only Networks
    • Delete the host only networks, then I re-added them
  • boot2docker init
  • boot2docker up

Now Docker works from the OS X command line via iTerm2 for me.

@ksylvan

This comment has been minimized.

Show comment
Hide comment
@ksylvan

ksylvan Nov 13, 2014

@jchauncey and @Kris-Law

That solution also worked for me.

$ docker info
Containers: 0
Images: 0
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Dirs: 0
Execution Driver: native-0.2
Kernel Version: 3.16.4-tinycore64
Operating System: Boot2Docker 1.3.1 (TCL 5.4); master : 9a31a68 - Fri Oct 31 03:14:34 UTC 2014
Debug mode (server): true
Debug mode (client): false
Fds: 10
Goroutines: 11
EventsListeners: 0
Init Path: /usr/local/bin/docker
Username: kayvan
Registry: [https://index.docker.io/v1/]

Running on a MacBook Pro with OSX 10.9.5

ksylvan commented Nov 13, 2014

@jchauncey and @Kris-Law

That solution also worked for me.

$ docker info
Containers: 0
Images: 0
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Dirs: 0
Execution Driver: native-0.2
Kernel Version: 3.16.4-tinycore64
Operating System: Boot2Docker 1.3.1 (TCL 5.4); master : 9a31a68 - Fri Oct 31 03:14:34 UTC 2014
Debug mode (server): true
Debug mode (client): false
Fds: 10
Goroutines: 11
EventsListeners: 0
Init Path: /usr/local/bin/docker
Username: kayvan
Registry: [https://index.docker.io/v1/]

Running on a MacBook Pro with OSX 10.9.5

@acaird

This comment has been minimized.

Show comment
Hide comment
@acaird

acaird Nov 15, 2014

@jchauncey and @Kris-Law and @ksylvan

That also worked for me; I didn't re-add the host-only networks, I just deleted them and vboxnet0 was re-added.

bash-3.2$ docker info
Containers: 0
Images: 0
Storage Driver: aufs
 Root Dir: /mnt/sda1/var/lib/docker/aufs
 Dirs: 0
Execution Driver: native-0.2
Kernel Version: 3.16.4-tinycore64
Operating System: Boot2Docker 1.3.1 (TCL 5.4); master : 9a31a68 - Fri Oct 31 03:14:34 UTC 2014
Debug mode (server): true
Debug mode (client): false
Fds: 10
Goroutines: 11
EventsListeners: 0
Init Path: /usr/local/bin/docker


bash-3.2$ docker version
Client version: 1.3.1
Client API version: 1.15
Go version (client): go1.3.3
Git commit (client): 4e9bbfa
OS/Arch (client): darwin/amd64
Server version: 1.3.1
Server API version: 1.15
Go version (server): go1.3.3
Git commit (server): 4e9bbfa

acaird commented Nov 15, 2014

@jchauncey and @Kris-Law and @ksylvan

That also worked for me; I didn't re-add the host-only networks, I just deleted them and vboxnet0 was re-added.

bash-3.2$ docker info
Containers: 0
Images: 0
Storage Driver: aufs
 Root Dir: /mnt/sda1/var/lib/docker/aufs
 Dirs: 0
Execution Driver: native-0.2
Kernel Version: 3.16.4-tinycore64
Operating System: Boot2Docker 1.3.1 (TCL 5.4); master : 9a31a68 - Fri Oct 31 03:14:34 UTC 2014
Debug mode (server): true
Debug mode (client): false
Fds: 10
Goroutines: 11
EventsListeners: 0
Init Path: /usr/local/bin/docker


bash-3.2$ docker version
Client version: 1.3.1
Client API version: 1.15
Go version (client): go1.3.3
Git commit (client): 4e9bbfa
OS/Arch (client): darwin/amd64
Server version: 1.3.1
Server API version: 1.15
Go version (server): go1.3.3
Git commit (server): 4e9bbfa
@eelcocramer

This comment has been minimized.

Show comment
Hide comment
@eelcocramer

eelcocramer Nov 20, 2014

@Kris-Law's solution worked for me.

@Kris-Law's solution worked for me.

@datajerk

This comment has been minimized.

Show comment
Hide comment
@datajerk

datajerk Nov 21, 2014

Solution only worked for me after removing all VirtualBox VMs manually.

Solution only worked for me after removing all VirtualBox VMs manually.

@eelcocramer

This comment has been minimized.

Show comment
Hide comment
@eelcocramer

eelcocramer Nov 21, 2014

When I create a vpn connection (cisco anyconnect) the issue gets back.

When I create a vpn connection (cisco anyconnect) the issue gets back.

@datajerk

This comment has been minimized.

Show comment
Hide comment
@datajerk

datajerk Nov 21, 2014

Yep, same here. I updated anyconnect to version: anyconnect-macosx-i386-3.1.05187-k9.dmg. Problem appears to be solved for me.

Yep, same here. I updated anyconnect to version: anyconnect-macosx-i386-3.1.05187-k9.dmg. Problem appears to be solved for me.

@Freyskeyd

This comment has been minimized.

Show comment
Hide comment
@Freyskeyd

Freyskeyd Dec 19, 2014

I think this issue can be close now?

I think this issue can be close now?

@eelcocramer

This comment has been minimized.

Show comment
Hide comment
@eelcocramer

eelcocramer Dec 19, 2014

A fix that would not require manual configuration every time a new boot2docker vm is created would be apreciated but i can live with this.

Can the port forwarding from localhost be automated?

A fix that would not require manual configuration every time a new boot2docker vm is created would be apreciated but i can live with this.

Can the port forwarding from localhost be automated?

@shivawu

This comment has been minimized.

Show comment
Hide comment
@shivawu

shivawu Dec 21, 2014

@nickmarden This is so cool, works like a charm!!

shivawu commented Dec 21, 2014

@nickmarden This is so cool, works like a charm!!

@eelcocramer

This comment has been minimized.

Show comment
Hide comment
@eelcocramer

eelcocramer Dec 22, 2014

If you want the fix of @nickmarden to be more permanent then you can make boot2docker add the NAT rule by itself by changing the value of the DockerPort variable in the boot2docker profile to the appropriate value:

DockerPort = 2376

The default value of DockerPort is 0 which does not create the NAT rule.

The boot2docker profile can be found in ~/.boot2docker/profile but in my setup I did not have one and created a default profile using boot2docker config > ~/.boot2docker/profile. After that I changed the value of DockerPort. boot2docker init will now create a VM that already forwards the docker port to localhost.

If you want the fix of @nickmarden to be more permanent then you can make boot2docker add the NAT rule by itself by changing the value of the DockerPort variable in the boot2docker profile to the appropriate value:

DockerPort = 2376

The default value of DockerPort is 0 which does not create the NAT rule.

The boot2docker profile can be found in ~/.boot2docker/profile but in my setup I did not have one and created a default profile using boot2docker config > ~/.boot2docker/profile. After that I changed the value of DockerPort. boot2docker init will now create a VM that already forwards the docker port to localhost.

@tjrivera

This comment has been minimized.

Show comment
Hide comment
@tjrivera

tjrivera Dec 30, 2014

This workaround is a step in the right direction, but communicating with services in the boot2docker vm is still a pain. Unless I'm misunderstanding something, I'd have to create a port forwarding rule for each service running in the VM to my host box?

This workaround is a step in the right direction, but communicating with services in the boot2docker vm is still a pain. Unless I'm misunderstanding something, I'd have to create a port forwarding rule for each service running in the VM to my host box?

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Jan 2, 2015

Contributor

yes, you are hopefully misunderstanding. The only reason you might need to set up a port forward, is if you want to access the container from a machine that is not your host box.

From your host box, you should be able to access all docker port mapped container ports by using the host-only network address (run boot2docker ip).

This issue is specific to a very narrow set of users - for whom something in the network setup we do isn't working, so the host-only network doesn't seem to work. Everyone else won't need the DocekrPort=2375 setting, or to go through any of this pain.

Contributor

SvenDowideit commented Jan 2, 2015

yes, you are hopefully misunderstanding. The only reason you might need to set up a port forward, is if you want to access the container from a machine that is not your host box.

From your host box, you should be able to access all docker port mapped container ports by using the host-only network address (run boot2docker ip).

This issue is specific to a very narrow set of users - for whom something in the network setup we do isn't working, so the host-only network doesn't seem to work. Everyone else won't need the DocekrPort=2375 setting, or to go through any of this pain.

@tjrivera

This comment has been minimized.

Show comment
Hide comment
@tjrivera

tjrivera Jan 2, 2015

In most cases setting up port forwarding to facilitate access from a machine that is not my host box to a container on on my host box makes sense.

In this particular case I'm referring specifically to this workaround (the port-forward rule) that punches a hole through the network rules that Cisco AnyConnect clobbers my machine with during a VPN connection. My understanding is that setting this rule would allow my docker client to communicate to the daemon running in the b2d vm (by forwarding 2376). If I were to run a container in my b2d that exposes a service on port 8000, for example, then I'd also have to punch a hole through Cisco's blanket rules to communicate from my host machine to the b2d vm on port 8000 (in addition to 2376) and any subsequent services I decide to run in the vm.

In any case, I understand this effects a very small slice of users, so I'm already thankful for the amount of attention this issue has received, I'm also unsure how to consistently set host <-> b2d <-> vpn network settings in a sane, usable way.

tjrivera commented Jan 2, 2015

In most cases setting up port forwarding to facilitate access from a machine that is not my host box to a container on on my host box makes sense.

In this particular case I'm referring specifically to this workaround (the port-forward rule) that punches a hole through the network rules that Cisco AnyConnect clobbers my machine with during a VPN connection. My understanding is that setting this rule would allow my docker client to communicate to the daemon running in the b2d vm (by forwarding 2376). If I were to run a container in my b2d that exposes a service on port 8000, for example, then I'd also have to punch a hole through Cisco's blanket rules to communicate from my host machine to the b2d vm on port 8000 (in addition to 2376) and any subsequent services I decide to run in the vm.

In any case, I understand this effects a very small slice of users, so I'm already thankful for the amount of attention this issue has received, I'm also unsure how to consistently set host <-> b2d <-> vpn network settings in a sane, usable way.

@bortels

This comment has been minimized.

Show comment
Hide comment
@bortels

bortels Jan 2, 2015

There may be some confusion in the comments just prior to this one - let me clarify, and mention what works for me.

Apparently boot2docker + OS X 10.10 + Cisco Anyconnect are a witches brew of ugly. Routing-based solutions seem to fail entirely (where they worked on 10.9) - as soon as Anyconnect wakes up, you basically can't talk to the docker vm at all, or at least I couldn't.

The workaround (hopefully temporary!) is to use port forwarding, then connect to 127.0.0.1, which will bypass Anyconnect and let you thru. Here's what I did that seemed to work:

➜  ~  boot2docker init  
Latest release for boot2docker/boot2docker is v1.4.1
Downloading boot2docker ISO image...
Success: downloaded https://github.com/boot2docker/boot2docker/releases/download/v1.4.1/boot2docker.iso
to /Users/tbortels/.boot2docker/boot2docker.iso
➜  ~  vboxmanage modifyvm "boot2docker-vm" --natpf1 "docker,tcp,127.0.0.1,2376,,2376"
➜  ~  boot2docker up 
Waiting for VM and Docker daemon to start..........................oooooooooooooooooooo
Started.
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/ca.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/cert.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/key.pem

To connect the Docker client to the Docker daemon, please set:
    export DOCKER_HOST=tcp://192.168.59.104:2376
    export DOCKER_CERT_PATH=/Users/tbortels/.boot2docker/certs/boot2docker-vm
    export DOCKER_TLS_VERIFY=1

➜  ~  $(boot2docker shellinit)
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/ca.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/cert.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/key.pem
➜  ~  export DOCKER_HOST=tcp://127.0.0.1:2376
➜  ~  docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
➜  ~

(Here's hoping that formats nicely)

The TL;DR there is "install docker, add the port forward, start it up, then modify your environment to point to 127.0.0.1 rather than the VM IP".

Note that the docker containers are all still stuck behind port forwarding, so if you run one you want to connect to "from the outside", you'd need to add more port forwards, so this isn't a great solution. (I suspect, but have not tried yet, that within the VM the IP will work fine). But at least now I can hopefully do some docker builds and so on.

bortels commented Jan 2, 2015

There may be some confusion in the comments just prior to this one - let me clarify, and mention what works for me.

Apparently boot2docker + OS X 10.10 + Cisco Anyconnect are a witches brew of ugly. Routing-based solutions seem to fail entirely (where they worked on 10.9) - as soon as Anyconnect wakes up, you basically can't talk to the docker vm at all, or at least I couldn't.

The workaround (hopefully temporary!) is to use port forwarding, then connect to 127.0.0.1, which will bypass Anyconnect and let you thru. Here's what I did that seemed to work:

➜  ~  boot2docker init  
Latest release for boot2docker/boot2docker is v1.4.1
Downloading boot2docker ISO image...
Success: downloaded https://github.com/boot2docker/boot2docker/releases/download/v1.4.1/boot2docker.iso
to /Users/tbortels/.boot2docker/boot2docker.iso
➜  ~  vboxmanage modifyvm "boot2docker-vm" --natpf1 "docker,tcp,127.0.0.1,2376,,2376"
➜  ~  boot2docker up 
Waiting for VM and Docker daemon to start..........................oooooooooooooooooooo
Started.
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/ca.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/cert.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/key.pem

To connect the Docker client to the Docker daemon, please set:
    export DOCKER_HOST=tcp://192.168.59.104:2376
    export DOCKER_CERT_PATH=/Users/tbortels/.boot2docker/certs/boot2docker-vm
    export DOCKER_TLS_VERIFY=1

➜  ~  $(boot2docker shellinit)
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/ca.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/cert.pem
Writing /Users/tbortels/.boot2docker/certs/boot2docker-vm/key.pem
➜  ~  export DOCKER_HOST=tcp://127.0.0.1:2376
➜  ~  docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
➜  ~

(Here's hoping that formats nicely)

The TL;DR there is "install docker, add the port forward, start it up, then modify your environment to point to 127.0.0.1 rather than the VM IP".

Note that the docker containers are all still stuck behind port forwarding, so if you run one you want to connect to "from the outside", you'd need to add more port forwards, so this isn't a great solution. (I suspect, but have not tried yet, that within the VM the IP will work fine). But at least now I can hopefully do some docker builds and so on.

@SvenDowideit

This comment has been minimized.

Show comment
Hide comment
@SvenDowideit

SvenDowideit Jan 5, 2015

Contributor

excellent summaries both of you - that leaves me thinking that adding a boot2docker forward --add/--remove [PORT:PORT] is still worthwhile - for both the AnyConnect VPN case, and those users that will want to give other computers access to their containers.

anyone want to take it on?

Contributor

SvenDowideit commented Jan 5, 2015

excellent summaries both of you - that leaves me thinking that adding a boot2docker forward --add/--remove [PORT:PORT] is still worthwhile - for both the AnyConnect VPN case, and those users that will want to give other computers access to their containers.

anyone want to take it on?

@christian-blades-cb

This comment has been minimized.

Show comment
Hide comment
@christian-blades-cb

christian-blades-cb Jan 21, 2015

Until there's a better solution, I industrialized a hack to get it to work.

There are 2 stages:

  1. Delete the firewall rule (lifted that code from devopslife.com)
  2. Modify the routes

You can run this script after connecting or disconnecting from the AnyConnect tunnel and connection to the boot2docker vm will be restored.

Every so often, it will appear to hose all of my network connections, but a quick Turn Off Wifi/Turn On Wifi does the trick.

Hope some of you find this useful!

Until there's a better solution, I industrialized a hack to get it to work.

There are 2 stages:

  1. Delete the firewall rule (lifted that code from devopslife.com)
  2. Modify the routes

You can run this script after connecting or disconnecting from the AnyConnect tunnel and connection to the boot2docker vm will be restored.

Every so often, it will appear to hose all of my network connections, but a quick Turn Off Wifi/Turn On Wifi does the trick.

Hope some of you find this useful!

@vitan

This comment has been minimized.

Show comment
Hide comment
@vitan

vitan Jan 21, 2015

I also met the similar VPN failed my boot2docker up problem, which is ssh issue also. And seem VPN app is removing the 127.0.0.1 localhost away from /etc/hosts/. Causing ssh docker@localhost -p .... can not loop to *ssh docker@127.0.0.1 -p *.

text it here in case some guys getting the same problem.

vitan commented Jan 21, 2015

I also met the similar VPN failed my boot2docker up problem, which is ssh issue also. And seem VPN app is removing the 127.0.0.1 localhost away from /etc/hosts/. Causing ssh docker@localhost -p .... can not loop to *ssh docker@127.0.0.1 -p *.

text it here in case some guys getting the same problem.

@kylepragerattensity

This comment has been minimized.

Show comment
Hide comment
@kylepragerattensity

kylepragerattensity Feb 13, 2015

On Mac OSX with Boot2Docker using Virtualbox, I changed Adapter 2 on my VM from "Host-only Adapter" to "Bridged Adapter". That gave my VM a 10.x.x.x address on my home network (NAT'd of course behind a router), and it works now when I'm connected to my VPN for work. HTH.

On Mac OSX with Boot2Docker using Virtualbox, I changed Adapter 2 on my VM from "Host-only Adapter" to "Bridged Adapter". That gave my VM a 10.x.x.x address on my home network (NAT'd of course behind a router), and it works now when I'm connected to my VPN for work. HTH.

@ryanwalls

This comment has been minimized.

Show comment
Hide comment
@ryanwalls

ryanwalls Feb 26, 2015

@christian-blades-cb Thanks! You're script helped us a lot!

@christian-blades-cb Thanks! You're script helped us a lot!

@willbuck

This comment has been minimized.

Show comment
Hide comment
@willbuck

willbuck Feb 26, 2015

I've been plauged with this issue for a couple days, thanks to everyone that's posted in this thread for the suggestions.

I compiled the simplest, fewest number of steps I could that repeatably works, here it is (maybe it will help others!)

boot2docker delete
boot2docker download
boot2docker init
vboxmanage modifyvm "boot2docker-vm" --natpf1 "docker,tcp,127.0.0.1,2376,,2376"
boot2docker up
$(boot2docker shellinit)
export DOCKER_HOST=tcp://127.0.0.1:2376

I've been plauged with this issue for a couple days, thanks to everyone that's posted in this thread for the suggestions.

I compiled the simplest, fewest number of steps I could that repeatably works, here it is (maybe it will help others!)

boot2docker delete
boot2docker download
boot2docker init
vboxmanage modifyvm "boot2docker-vm" --natpf1 "docker,tcp,127.0.0.1,2376,,2376"
boot2docker up
$(boot2docker shellinit)
export DOCKER_HOST=tcp://127.0.0.1:2376

@connaryscott

This comment has been minimized.

Show comment
Hide comment
@connaryscott

connaryscott Mar 1, 2015

I find it strange that my boot2docker is completely unusable AFTER I bring my cisco anyconnect down. At least my vmware does not do this. I do undertand a bit why local vms are inaccessible DURING the vpn connection. boot2docker usability should be restored AUTOMATICALLY after anyconnect is brought down.

I find it strange that my boot2docker is completely unusable AFTER I bring my cisco anyconnect down. At least my vmware does not do this. I do undertand a bit why local vms are inaccessible DURING the vpn connection. boot2docker usability should be restored AUTOMATICALLY after anyconnect is brought down.

@zeroorone13

This comment has been minimized.

Show comment
Hide comment
@zeroorone13

zeroorone13 Mar 19, 2015

@willbuck Thanks for the simplified steps! After that, this works while I am on the VPN or after I disconnect.

@willbuck Thanks for the simplified steps! After that, this works while I am on the VPN or after I disconnect.

@willbuck

This comment has been minimized.

Show comment
Hide comment

Glad it helped @zeroorone13!

@dmlond

This comment has been minimized.

Show comment
Hide comment
@dmlond

dmlond Mar 22, 2015

The problem is that cisco anyconnect reroutes every network interface through its utun0 interface. If you can create the boot2docker or docker-machine interface before you connect to the vpn, you can 'fix' the connection after you connect to vpn by restoring just the network segment that should go to the b2d interface. You may also have to 'fix' the connection after you disconnect from anyconnect, since I think it tries to be too smart with the way it restores your original network interface connections (in the absence of knowledge about b2d).

For boot2docker, you can use this script to 'fix' the boot2docker connection. If you are using docker-machine, I forked and modified the script to work with docker-machine. The idea is the same.

To connect to cisco vpn and still use docker, do the following:

  • start boot2docker or docker-machine
$ boot2docker up
$ docker-machine start dev
  • 'fix' the b2d or d-m network interface to make sure there is an interface in the machine routes for it (if you dont do this, and you run fix after connecting to vpn, you will be able to use docker, but your internet will not work). The d-m version takes an argument for the specific machine you need to fix (you can fix every machine you are running by running this script for each machine). Also, this requires you to have sudo rights on your mac:
# b2d
$ vpn-fix.sh
# d-m
$ vpn-fix.sh dev
  • connect to vpn
  • fix your b2d or d-m again by rerunning the above script

After you disconnect from the vpn, you may need to run the script again to restore the connection to the interface.

Also, if your internet connection experiences an ephemeral hiccup and causes your anyconnect to reconnect, it will likely reconfigure the network and hose your connection to the b2d. Just disconnect from vpn, run the fix script, reconnect to vpn, and run the fix script. Yes, its a pain, but it does work.

dmlond commented Mar 22, 2015

The problem is that cisco anyconnect reroutes every network interface through its utun0 interface. If you can create the boot2docker or docker-machine interface before you connect to the vpn, you can 'fix' the connection after you connect to vpn by restoring just the network segment that should go to the b2d interface. You may also have to 'fix' the connection after you disconnect from anyconnect, since I think it tries to be too smart with the way it restores your original network interface connections (in the absence of knowledge about b2d).

For boot2docker, you can use this script to 'fix' the boot2docker connection. If you are using docker-machine, I forked and modified the script to work with docker-machine. The idea is the same.

To connect to cisco vpn and still use docker, do the following:

  • start boot2docker or docker-machine
$ boot2docker up
$ docker-machine start dev
  • 'fix' the b2d or d-m network interface to make sure there is an interface in the machine routes for it (if you dont do this, and you run fix after connecting to vpn, you will be able to use docker, but your internet will not work). The d-m version takes an argument for the specific machine you need to fix (you can fix every machine you are running by running this script for each machine). Also, this requires you to have sudo rights on your mac:
# b2d
$ vpn-fix.sh
# d-m
$ vpn-fix.sh dev
  • connect to vpn
  • fix your b2d or d-m again by rerunning the above script

After you disconnect from the vpn, you may need to run the script again to restore the connection to the interface.

Also, if your internet connection experiences an ephemeral hiccup and causes your anyconnect to reconnect, it will likely reconfigure the network and hose your connection to the b2d. Just disconnect from vpn, run the fix script, reconnect to vpn, and run the fix script. Yes, its a pain, but it does work.

@connaryscott

This comment has been minimized.

Show comment
Hide comment
@connaryscott

connaryscott Mar 22, 2015

Thank you for this simple and easy to understand fix. Verified that it works with my anyconnect setup, v3.1.00495 on OSX 10.9.5

Thank you for this simple and easy to understand fix. Verified that it works with my anyconnect setup, v3.1.00495 on OSX 10.9.5

@Shaun1

This comment has been minimized.

Show comment
Hide comment
@Shaun1

Shaun1 Mar 27, 2015

I recently had that problem with a fresh boot2docker install on Windows. Upgrading VirtualBox & VirtualBox Extension Pack solved the problem for me. In VirtualBox Manager go to Help-->Check for updates...

Shaun1 commented Mar 27, 2015

I recently had that problem with a fresh boot2docker install on Windows. Upgrading VirtualBox & VirtualBox Extension Pack solved the problem for me. In VirtualBox Manager go to Help-->Check for updates...

@xiangzhuyuan

This comment has been minimized.

Show comment
Hide comment
@xiangzhuyuan

xiangzhuyuan Apr 1, 2015

when I run docker info, I got this:

FATA[0000] An error occurred trying to connect: Get https://192.168.59.103:2376/v1.17/info: Forbidden

when I run docker info, I got this:

FATA[0000] An error occurred trying to connect: Get https://192.168.59.103:2376/v1.17/info: Forbidden
@lahirug

This comment has been minimized.

Show comment
Hide comment
@lahirug

lahirug Jun 2, 2015

Boot2docker is piece of shit,don't' use it.

lahirug commented Jun 2, 2015

Boot2docker is piece of shit,don't' use it.

@wanghaisheng

This comment has been minimized.

Show comment
Hide comment
@wanghaisheng

wanghaisheng Jun 2, 2015

@lahirug what do you suggest instead of boot2docker

@lahirug what do you suggest instead of boot2docker

@lahirug

This comment has been minimized.

Show comment
Hide comment
@lahirug

lahirug Jun 2, 2015

Creating your own VM. I have been incredibly having issues with boot2docker when I try to mount my local file system and decided to move ahead with my own vm. Boot2docker is just a wasting of time of everyone.

lahirug commented Jun 2, 2015

Creating your own VM. I have been incredibly having issues with boot2docker when I try to mount my local file system and decided to move ahead with my own vm. Boot2docker is just a wasting of time of everyone.

@vitan

This comment has been minimized.

Show comment
Hide comment
@vitan

vitan Jun 3, 2015

@lahirug , I am using boot2docker as my development env, and easy-to-use with my terminal. So what's your issues? You'd better to list them.

vitan commented Jun 3, 2015

@lahirug , I am using boot2docker as my development env, and easy-to-use with my terminal. So what's your issues? You'd better to list them.

@dmlond

This comment has been minimized.

Show comment
Hide comment
@dmlond

dmlond Jun 5, 2015

I am using docker-machine + virtualbox, which uses the standard boot2docker virtualbox vm under the hood. it works fine for me if I use fix_vpn.sh. Note, if you are using Yosemite, it ships without /sbin/ipfw, yet cisco anyconnect seems to be able to create a "deny ip from any to any" firewall rule. Without ipfw, fix_vpn.sh cannot find and remove it. You can find a OSX mavericks machine with /sbin/ipfw and copy the ipfw binary to your Yosemite machine, and this script will work again. If anyone has suggestions for how to use the new apple pf firewall manager to fix this, that would be great.

dmlond commented Jun 5, 2015

I am using docker-machine + virtualbox, which uses the standard boot2docker virtualbox vm under the hood. it works fine for me if I use fix_vpn.sh. Note, if you are using Yosemite, it ships without /sbin/ipfw, yet cisco anyconnect seems to be able to create a "deny ip from any to any" firewall rule. Without ipfw, fix_vpn.sh cannot find and remove it. You can find a OSX mavericks machine with /sbin/ipfw and copy the ipfw binary to your Yosemite machine, and this script will work again. If anyone has suggestions for how to use the new apple pf firewall manager to fix this, that would be great.

@kevin-king

This comment has been minimized.

Show comment
Hide comment
@kevin-king

kevin-king Jul 27, 2015

@jchauncey That worked for me. Thanks! I installed using homebrew on Any Connect VPN, which seems to have messed things up. My exact steps were:

Uninstall:
Disconnect from VPN
Virtual Box -> Preferences -> Network -> Host-only Networks -> Delete
boot2docker down
brew uninstall boot2docker
brew uninstall docker
rm -Rf ~/.boot2docker
rm -Rf ~/VirtualBox\ VMs/boot2docker-vm

Reinstall:
brew install boot2docker
boot2docker init
boot2docker up
$(boot2docker shellinit)
docker version

@jchauncey That worked for me. Thanks! I installed using homebrew on Any Connect VPN, which seems to have messed things up. My exact steps were:

Uninstall:
Disconnect from VPN
Virtual Box -> Preferences -> Network -> Host-only Networks -> Delete
boot2docker down
brew uninstall boot2docker
brew uninstall docker
rm -Rf ~/.boot2docker
rm -Rf ~/VirtualBox\ VMs/boot2docker-vm

Reinstall:
brew install boot2docker
boot2docker init
boot2docker up
$(boot2docker shellinit)
docker version

@sk29110

This comment has been minimized.

Show comment
Hide comment
@sk29110

sk29110 Jul 31, 2015

@kevin-king so I shouldn't install docker?

sk29110 commented Jul 31, 2015

@kevin-king so I shouldn't install docker?

@sk29110

This comment has been minimized.

Show comment
Hide comment
@sk29110

sk29110 Jul 31, 2015

I still have the socket issue after setting Docker 23776 for port forwarding.
After boot2docker up

Trying to get Docker socket one more time
Error requesting socket: exit status 255
Auto detection of the VM's Docker socket failed.
Please run boot2docker -v up to diagnose.

tried uninstall reinstall a couple of times. However on my macbook which comes with El Capitain I didn't have the same problem. Is this java problem?

sk29110 commented Jul 31, 2015

I still have the socket issue after setting Docker 23776 for port forwarding.
After boot2docker up

Trying to get Docker socket one more time
Error requesting socket: exit status 255
Auto detection of the VM's Docker socket failed.
Please run boot2docker -v up to diagnose.

tried uninstall reinstall a couple of times. However on my macbook which comes with El Capitain I didn't have the same problem. Is this java problem?

@Elijen

This comment has been minimized.

Show comment
Hide comment
@Elijen

Elijen Aug 8, 2015

@nickmarden This solution works and I think it's better then fiddling with routes set by AnyConnect (I need both Docker and my VPN working).

Elijen commented Aug 8, 2015

@nickmarden This solution works and I think it's better then fiddling with routes set by AnyConnect (I need both Docker and my VPN working).

@connaryscott

This comment has been minimized.

Show comment
Hide comment
@connaryscott

connaryscott Aug 8, 2015

I use my mac for reading e-mails like this or dealing with other apps that corporations force you to use..
I do not use my mac for much of anything else.
Instead, I create a NAT’d vm that is agnostic to the network that my mac may use such as whether my stupid cisco vpn is in use or not…..

I just use docker on my CentOS vm (or whatever O/S you like)
On Jun 2, 2015, at 9:51 AM, lahirug notifications@github.com wrote:

Creating your own VM. I have been incredibly having issues with boot2docker when I try to mount my local file system and decided to move ahead with my own vm. Boot2docker is just a wasting of time of everyone.


Reply to this email directly or view it on GitHub.

I use my mac for reading e-mails like this or dealing with other apps that corporations force you to use..
I do not use my mac for much of anything else.
Instead, I create a NAT’d vm that is agnostic to the network that my mac may use such as whether my stupid cisco vpn is in use or not…..

I just use docker on my CentOS vm (or whatever O/S you like)
On Jun 2, 2015, at 9:51 AM, lahirug notifications@github.com wrote:

Creating your own VM. I have been incredibly having issues with boot2docker when I try to mount my local file system and decided to move ahead with my own vm. Boot2docker is just a wasting of time of everyone.


Reply to this email directly or view it on GitHub.

@eelcocramer

This comment has been minimized.

Show comment
Hide comment
@eelcocramer

eelcocramer Aug 18, 2015

So last week I installed the new Docker toolbox including docker-machine . I also installed a new version of Cisco AnyConnect (4.1.00028). Things are working without any problems for me at the moment. Before, after and while on the VPN connection.

So last week I installed the new Docker toolbox including docker-machine . I also installed a new version of Cisco AnyConnect (4.1.00028). Things are working without any problems for me at the moment. Before, after and while on the VPN connection.

@pencilcheck pencilcheck referenced this issue in brikis98/docker-osx-dev Sep 1, 2015

Closed

Host is down #92

@lutaoact

This comment has been minimized.

Show comment
Hide comment
@lutaoact

lutaoact Dec 1, 2015

worked for me. Thanks.

sudo route -nv add -net 192.168.99 -interface vboxnet0

lutaoact commented Dec 1, 2015

worked for me. Thanks.

sudo route -nv add -net 192.168.99 -interface vboxnet0

@Freyskeyd Freyskeyd closed this Apr 6, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment