Destination Host Unreachable ubuntu 14.04 on aws #1148

Open
OferE opened this Issue May 2, 2016 · 2 comments

Projects

None yet

2 participants

@OferE
OferE commented May 2, 2016 edited

Hi I am running docker swarm together with docker-compose on AWS.

I added the following lines to my docker-compose to prevent the addresses colliding:

networks:
   default:
     ipam:
       config:
         - subnet: 10.10.10.0/24

docker info returns the following information:

ubuntu@ip-10-0-0-7:~/prems$ docker info
Containers: 26
 Running: 3
 Paused: 0
 Stopped: 23
Images: 19
Server Version: swarm/1.2.0
Role: replica
Primary: 10.0.0.101:4000
Strategy: spread
Filters: health, port, dependency, affinity, constraint
Nodes: 3
 ip-10-0-0-164: 10.0.0.164:2375
  └ Status: Healthy
  └ Containers: 8
  └ Reserved CPUs: 0 / 2
  └ Reserved Memory: 0 B / 4.052 GiB
  └ Labels: executiondriver=, kernelversion=3.13.0-74-generic, operatingsystem=Ubuntu 14.04.3 LTS, storagedriver=devicemapper
  └ Error: (none)
  └ UpdatedAt: 2016-05-02T10:41:16Z
  └ ServerVersion: 1.11.0
 ip-10-0-0-165: 10.0.0.165:2375
  └ Status: Healthy
  └ Containers: 9
  └ Reserved CPUs: 0 / 2
  └ Reserved Memory: 0 B / 4.052 GiB
  └ Labels: executiondriver=, kernelversion=3.13.0-74-generic, operatingsystem=Ubuntu 14.04.3 LTS, storagedriver=devicemapper
  └ Error: (none)
  └ UpdatedAt: 2016-05-02T10:41:17Z
  └ ServerVersion: 1.11.0
 ip-10-0-0-166: 10.0.0.166:2375
  └ Status: Healthy
  └ Containers: 9
  └ Reserved CPUs: 0 / 2
  └ Reserved Memory: 0 B / 4.052 GiB
  └ Labels: executiondriver=, kernelversion=3.13.0-74-generic, operatingsystem=Ubuntu 14.04.3 LTS, storagedriver=devicemapper
  └ Error: (none)
  └ UpdatedAt: 2016-05-02T10:40:57Z
  └ ServerVersion: 1.11.0
Plugins: 
 Volume: 
 Network: 
Kernel Version: 3.13.0-74-generic
Operating System: linux
Architecture: amd64
CPUs: 6
Total Memory: 12.16 GiB
Name: 238051dcadf4
Docker Root Dir: 
Debug mode (client): false
Debug mode (server): false
WARNING: No kernel memory limit support

My problem is that the created network works only for some of the machines and not for all.
when i enter a container in a machine that fails and I try to curl an address in the network range i get:

curl 10.10.10.5:5672
curl: (7) Failed to connect to 10.10.10.5 port 5672: No route to host

ping returns:
PING 10.10.10.5 (10.10.10.5): 56 data bytes
92 bytes from 427914c370a9 (10.10.10.3): Destination Host Unreachable
92 bytes from 427914c370a9 (10.10.10.3): Destination Host Unreachable
92 bytes from 427914c370a9 (10.10.10.3): Destination Host Unreachable
92 bytes from 427914c370a9 (10.10.10.3): Destination Host Unreachable
92 bytes from 427914c370a9 (10.10.10.3): Destination Host Unreachable

I thought that these issues were gone by now,

Thanks,
Ofer

@daviddyball

Just to add a note here... I also get Destination Host Unreachable responses from ping until I enable the "All Traffic" rule on my AWS VPC security-group.

e.g. even with specific rules 2377/TCP, 7946/TCP/7946/UDP and 4789/TCP/4789/UDP setup in the security-group overlay networking fails.

@daviddyball
daviddyball commented Sep 2, 2016 edited

UPDATE: Just to update on my previous note, it seems to be something in AWS Security Groups that isn't working. If I add an "All Traffic" rule for the subnet my swarm lives on then suddenly things start working. I don't like blanket "Allow All" rules (even if only from a know private subnet) but at least it's a workaround.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment