Can't access container in bridge networking

  • Latest OMV7 on arm64 on Debian bookworm
    Docker version is 27.3.1


    I'm spinning up a very simple container running gunicorn and I'm unable to connect with the default bridge mode. On my linux desktop there are no issues so my guess is that it's some local network issue with OMV but I can't locate it. Note this is prior to using the compose plugin. I just want to start with a known good state before adding another layer on top.


    Docker command: docker run -p 5000:5000 --name sensors --mount source=sensorsVolume,destination=/db xxxx/sensors:latest


    Any connections to port 5000 fail. I know that gunicorn is listening to port 5000 as per the container logs


    Code
    [2024-10-10 02:10:58 +0000] [1] [INFO] Starting gunicorn 23.0.0
    [2024-10-10 02:10:58 +0000] [1] [INFO] Listening at: http://0.0.0.0:5000 (1)


    On a different host to the server


    Request also fails on localhost on the server



    If I switch to host mode then everything works but it's a big hammer I'd rather not use and I'd like to get to the bottom of this issue.


    I've also quickly spun up a simple python server (python3 -m http.server 5000) and it accepts connection so appears to be a Docker networking issue.


    I looked at the logs from 'journalctl docker.service' but nothing shows up. There are some messages about DNS (No non-localhost DNS nameservers are left in resolv.conf. Using default external servers) but doubt this is relevant.

    There's also nothing in /etc/docker




    Any pointers appreciated


  • chente

    Approved the thread.
  • I am not sure your docker run command is correct or working properly.


    I would start by getting the container to work as a compose file first.


    Once you have it working in compose then we can try to help you more

  • Sure!



    The same log output occurs and the same issue occurs. As far as I can tell nothing is getting to the running container.

  • Sorry I should have specified it's just to remove a docker hub ID for privacy is all. As you'll see, the container is running, just not connecting.


    xxxx is indeed a famous and terrible beer from the 80's. It's up there with VB and Fosters :)

  • Then I’m not sure. Are you certain the container is listening on port 5000?


    Can you ‘docker exec’ to the container to see what’s going on?


    I still don’t really understand what the container does and where it is pulled from to be honest.


    Maybe post the docker container logs when you up it?

  • The container just runs a gunicorn instance which is a python server. The server is certainly running and listening on port 5000 as expected.


    When bringing up the container I can see gunicorn run and listening on port 5000



    I'm assuming here gunicorn is correctly attaching to the correct interface in the container.


    Using curl either on an external host or even on localhost always times out


    If I attach to the container and do the same it's definitely alive


    Quote

    # docker exec -it root-backend-1 bash

    root@eb336e86cfa7:/etc# curl http://localhost:5000/

    <p>Hello, World!</p


    I can at least connect to the external interface inside the running container which is something

    Quote

    root@eb336e86cfa7:/etc# hostname -I

    172.19.0.2

    root@eb336e86cfa7:/etc# curl http://172.19.0.2:5000/

    <p>Hello, World!</p>



    I tried altering the compose to specifically find to the external IP in the ports section but it didn't help.

    I've also changed the base image to one with some more utilties for testing.

  • I'm also facing the same issue. Recently, I upgraded my OMV5 setup which was running docker for home assistant and related containers. I upgraded to the latest version of OMV7 along with latest version of Armbian OS (Debian 12 based) and tried to restore the docker containers from my docker compose files. Home assistant and other containers which are directly connected to host are working but the containers where only a few ports are exposed through bridge network are not working (Containers can't access host, local network and internet. Similarly, user can't access containers through exposed ports from host or local network). I'm searching for a fix with no success since past 2 days.

    I found similar issue reported here: https://forums.docker.com/t/ca…-only-host-mode/142577/11

    It looks like the issue is related to this but not sure: https://github.com/moby/moby/i…7#issuecomment-1662733064


  • It looks like the issue is related to this but not sure: https://github.com/moby/moby/i…7#issuecomment-1662733064


    Figured it out at last. It's related to DNS. I stumbled over it when attempting to install some packages as part of the Dockerfile and apt was failing with DNS issues.


    There are various clues in the docker daemon log file which are obvious in hindsight specifically relating to interface status when running a container. In addition when restarting the daemon there's a message about the resolv.conf file which isn't really a clue specifically as it's informational but that's what help me find the fix.

    I should not that the server runs just fine DNS-wise so it's some interaction between networking in OMV7 and Docker.


    Fix that didn't work was to update /etc/docker/daemon.json with specific DNS servers.


    Fix that did work was to use the OMV UI to specifically add DNS servers and then restart docker. Presto!

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!