Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docker-machine create should check for the existence of netstat #2481

Open
johnjelinek opened this Issue Dec 3, 2015 · 16 comments

Comments

Projects
None yet
6 participants
@johnjelinek
Copy link

johnjelinek commented Dec 3, 2015

The error message is not very clear when you don't have netstat installed.

@johnjelinek

This comment has been minimized.

Copy link
Author

johnjelinek commented Dec 3, 2015

This was first discovered in #2480

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Dec 3, 2015

cc @docker/machine-maintainers

@treyhyde

This comment has been minimized.

Copy link

treyhyde commented Dec 12, 2015

It would be additionally helpful if the official apt-packages listed net-tools as a dependency.

@ghost

This comment has been minimized.

Copy link

ghost commented Mar 7, 2016

Any reason why netstat is used in favor of ss? netstat is flagged obsolete anyway:

From man netstat:

NOTES
       This program is obsolete.  Replacement for netstat is ss.  Replacement for netstat -r is ip route.  Replacement for netstat -i is ip -s link.  Replacement for netstat -g is ip maddr.
@dayreiner

This comment has been minimized.

Copy link

dayreiner commented Mar 24, 2016

Just a note that this also breaks node creation with the softlayer driver -- at least with CentOS. The softlayer CentOS 7 images (and perhaps others) don't include the net-tools package when provisioned.

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Mar 24, 2016

Any reason why netstat is used in favor of ss? netstat is flagged obsolete anyway:

Didn't know, good callout. It seems ss is available even in Tiny Core Linux (boot2docker).

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Mar 24, 2016

@dayreiner @johnjelinek @treyhyde Is ss present on your systems which lack netstat?

@dayreiner

This comment has been minimized.

Copy link

dayreiner commented Mar 24, 2016

@nathanleclaire Yes, ss looks to be included by default in IBM Softlayer's minimal CentOS image (as part of the iproute package). I expect this would be true for other distro images as well at SL.

cc @underscorephil

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Mar 25, 2016

Will take a look into using ss instead

@underscorephil

This comment has been minimized.

Copy link

underscorephil commented Apr 6, 2016

Apologies for the slow response. It should be included in the other distros. If you run into any that dont have it, please reach out to me and I'll see about getting it added.

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Apr 6, 2016

I'm not sure if using ss will work. In the shell it is fine but I cannot invoke docker-machine ssh name ss, it returns error 127. (We go over SSH to do this provisioning step, so any solution has to work over SSH) I'm not entirely sure why.

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Apr 6, 2016

Invoking dm ssh default /usr/local/sbin/ss works on boot2docker, but I'm not sure that will be in the same location on every distro.

EDIT: Yup, on Debian it's in /bin/ss.

@nathanleclaire

This comment has been minimized.

Copy link
Contributor

nathanleclaire commented Apr 6, 2016

What distro(s) is netstat missing on? Maybe we could make sure that package is installed as well before going ahead with provisioning.

@dayreiner

This comment has been minimized.

Copy link

dayreiner commented Apr 6, 2016

@nathanleclaire Looking at #2480, that also appears to have been CentOS (I'm guessing 7), so it may just be a Centos (and possible RHEL) thing. If I run ssh $host ss I get the expected output going to a Centos7 box though -- looks like on Centos its in /usr/sbin, doesn't seem to be consistent between distros.

Passing yum -y install net-tools on the first connection should be enough to ensure netstat is available though.

@ghost

This comment has been minimized.

Copy link

ghost commented Apr 7, 2016

Guys, installing a deprecated package is not the solution. I don't know how dm parses its command line arguments, ... In any normal *nix it's like ssh remote-host -- ss -lt. I'll verify this for dm with CentOS today and get back to this.

@ghost

This comment has been minimized.

Copy link

ghost commented Apr 7, 2016

The issue with dm ssh machine ss is not ss being somewhere, the issue is $PATH being limited to /usr/local/bin and /usr/bin (at least with dm using ssh binary (default) in favor of Go native implementation.

dm -s environments/local/.docker/machine/ ssh node1
[vagrant@node1 ~]$ echo $PATH
/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/vagrant/.local/bin:/home/vagrant/bin
dm -s environments/local/.docker/machine/ ssh node1 -- 'echo $PATH'
/usr/local/bin:/usr/bin

If setting PATH is in dm control I do not see any reason why to limit the PATH to these two folders and use the common defaults for non-privileged users:

/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.