Docker on brand new linode fails at network connections
1, create a new linode using ubuntu 13.10, boot
2, follow the instructions at
3, sudo docker run -i -t ubuntu /bin/bash # this will pull the latest ubuntu image, install & run it
4, in the newly started docker image:
apt-get install wget
Expected result: The wget package is downloaded & installed
Observed result: network connection goes down to 0 byte/sec at roughly 2kb of progress
- When dropping in a full docker of my own, and using nc -l -p 80 ,according to strace, it halts at select()
Ubuntu 13.10, Ubuntu 13.04
Datacenters: Dallas TX, London UK
Bug does not reproduce on local machine. Without any judgement on my part, exact same steps produce a working droplet on Digital Ocean; and also runs my docker image flawlessly.
Pinging works just fine:
PING google.com (22.214.171.124) 56(84) bytes of data. 64 bytes from dfw06s40-in-f7.1e100.net (126.96.36.199): icmp_req=1 ttl=55 time=0.510 ms 64 bytes from dfw06s40-in-f7.1e100.net (188.8.131.52): icmp_req=2 ttl=55 time=0.546 ms 64 bytes from dfw06s40-in-f7.1e100.net (184.108.40.206): icmp_req=3 ttl=55 time=0.578 ms 64 bytes from dfw06s40-in-f7.1e100.net (220.127.116.11): icmp_req=4 ttl=55 time=0.549 ms
But any TCP? traffic (wget/curl) seems to hang or transfer incredible slowly. This thread seemed to describe my issue exactly:
But the fix they mention (setting the MTU to 1460) didn't fix my connectivity issues.
I've also reproduced the same issue with Docker v0.7.6. ipv4 forwarding is enabled and the necessary iptables rules are generated by docker. I'm not running a firewall.
Here's my lxc-checkconfig output:
--- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled Multiple /dev/pts instances: enabled --- Control groups --- Cgroup: enabled Cgroup clone_children flag: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: missing Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig