networking - Network issues with docker containers having specific IP -
problem
i have problem 1 ip address (172.17.0.11) in docker network. whenever container gets ip, outbound connections container stop working. when kill container:
- i still can ping ip despite no 1 using it
- there no rules in iptables associated ip
- i see lot of established connections docker-proxy in netstat ip @ same time, other ips list dangling connections don't have issues
it looks ip conflict me – curl doesn't work, wget , ping work because re-establish connection every time. not dns issue, curl ip doesn't work well, docker image used makes no difference.
infrastructure
it's single server setup on debian 8 (4.9 kernel) kubernetes 1.6.4 , docker-ce 17.06.1 (overlay2). issue happened after upgraded 1.12.6 17.06.1
please me debug issue.
docker version:
client: version: 17.06.1-ce api version: 1.30 go version: go1.8.3 git commit: 874a737 built: thu aug 17 22:53:31 2017 os/arch: linux/amd64 server: version: 17.06.1-ce api version: 1.30 (minimum version 1.12) go version: go1.8.3 git commit: 874a737 built: thu aug 17 22:51:25 2017 os/arch: linux/amd64 experimental: false docker info:
containers: 336 running: 336 paused: 0 stopped: 0 images: 52 server version: 17.06.1-ce storage driver: overlay2 backing filesystem: extfs supports d_type: true native overlay diff: true logging driver: json-file cgroup driver: cgroupfs plugins: volume: local network: bridge host macvlan null overlay log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog swarm: inactive runtimes: runc default runtime: runc init binary: docker-init containerd version: 6e23458c129b551d5c9871e5174f6b1b7f6d1170 runc version: 810190ceaa507aa2727d7ae6f4790c76ec150bd2 init version: 949e6fa kernel version: 4.9.0-0.bpo.3-amd64 operating system: debian gnu/linux 8 (jessie) ostype: linux architecture: x86_64 cpus: 8 total memory: 28.76gib name: host id: qy6i:ji2s:bopg:fiqp:yebb:3uyf:n3g2:cocq:px7z:qrcv:gien:fgqc docker root dir: /var/lib/docker debug mode (client): false debug mode (server): false registry: https://index.docker.io/v1/ experimental: false insecure registries: 127.0.0.0/8 live restore enabled: false
did try rebooting faulty node ? looks namespace/bridge configuration might have gotten stuck.
Comments
Post a Comment