[Bug 1038329] New: Updating docker-io should probably restart the daemon
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1038329
Bug ID: 1038329
Summary: Updating docker-io should probably restart the daemon
Product: Fedora
Version: 19
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: luto(a)mit.edu
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
vbatts(a)redhat.com
I upgraded docker-io and, after the upgrade, I got errors about missing
dockerinit. systemctl restart docker fixed it.
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years
[Bug 1045173] New: Accessing Docker containers from outside network - adding firewall exceptions problem
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1045173
Bug ID: 1045173
Summary: Accessing Docker containers from outside network -
adding firewall exceptions problem
Product: Fedora EPEL
Version: el6
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: ajinkya(a)ajinkyakulkarni.com
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
skottler(a)redhat.com, vbatts(a)redhat.com
I am using Docker 0.7.0 to create containers on RedHat Enterprise Linux 6.5.
When firewall is turned off containers can talk to outside world, but when
firewall is on, container cannot be accessed from outside.
This is how I am running the docker and mapping a port from host to container
$ docker run -i -t -p 3838:3838 shiny "shiny-server"
Without firewall, I can access Node.js server running inside a container on
port 3838 from outside network as http://servername:3838, but not with firewall
turned on.
These are my default firewall rules –
==============================================
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
==============================================
I have tried opening a port 3838 by adding a rule as below, but it does not
work
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3838 -j ACCEPT
Docker is creating a virtual NAT on the host machine, I am feeling that somehow
firewall is blocking the packet forwarding from eth0 to docker 0
This is the output of $ifconfig (I have masked the server IP)
docker0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:172.17.42.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::87d:8dff:fed0:f16d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:408321 errors:0 dropped:0 overruns:0 frame:0
TX packets:681809 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:126511933 (120.6 MiB) TX bytes:924200959 (881.3 MiB)
eth0 Link encap:Ethernet HWaddr 00:25:64:A8:5B:8F
inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.XXX Mask:255.255.240.0
inet6 addr: XXXX::XXX:XXXX:XXXX:XXXX/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:29786186 errors:0 dropped:0 overruns:0 frame:0
TX packets:1137982 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4209047011 (3.9 GiB) TX bytes:234657696 (223.7 MiB)
Interrupt:17
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8444 errors:0 dropped:0 overruns:0 frame:0
TX packets:8444 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4701771 (4.4 MiB) TX bytes:4701771 (4.4 MiB)
Output of $docker version :
Client version: 0.7.0
Go version (client): go1.1.2
Git commit (client): 0ff9bc1/0.7.0
Server version: 0.7.0
Git commit (server): 0ff9bc1/0.7.0
Go version (server): go1.1.2
Last stable version: 0.7.2, please update docker
Output of $docker info:
Containers: 321
Images: 278
Driver: devicemapper
Pool Name: docker-8:17-13239310-pool
Data file: /var/lib/docker/devicemapper/devicemapper/data
Metadata file: /var/lib/docker/devicemapper/devicemapper/metadata
Data Space Used: 56464.5 Mb
Data Space Total: 102400.0 Mb
Metadata Space Used: 59.5 Mb
Metadata Space Total: 2048.0 Mb
I need help in making docker containers accessible from outside network without
turning off the entire firewall.
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years
[Bug 1041400] New: docker permission denied errors
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1041400
Bug ID: 1041400
Summary: docker permission denied errors
Product: Fedora
Version: rawhide
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: lsm5(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
vbatts(a)redhat.com
Description of problem:
rest api calls seem to fail for docker on rawhide
Version-Release number of selected component (if applicable): 0.7.1 (both rpm
and binary released by upstream)
How reproducible: consistent
Steps to Reproduce:
1. install docker-io (via yum or upstream binary)
2. try 'docker search' / 'docker pull' / 'docker login' or anything else
Actual results:
$ sudo docker search fedora
2013/12/12 09:43:53 Error: Get https://index.docker.io/v1/search?q=fedora: dial
tcp 54.234.135.251:443: permission denied
Expected results:
should show a list of fedora images
Additional info: I didn't find this in f19 or epel (only on rawhide)
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years
[Bug 1046882] New: docker-io: Make it available for EPEL 7
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1046882
Bug ID: 1046882
Summary: docker-io: Make it available for EPEL 7
Product: Fedora EPEL
Version: el7
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: mgoldman(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
skottler(a)redhat.com, vbatts(a)redhat.com
Description of problem:
RHEL 7 beta was released, we need to make docker-io available in EPEL 7.
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years, 3 months
[Bug 1042786] New: Docker can't talk to the API as certificate can't be verfified
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1042786
Bug ID: 1042786
Summary: Docker can't talk to the API as certificate can't be
verfified
Product: Fedora
Version: 19
Component: docker-io
Assignee: lsm5(a)redhat.com
Reporter: peter.meier(a)immerda.ch
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
vbatts(a)redhat.com
Description of problem:
I can't use docker, as it can't talk to the API as api.go is not able to
verifiy the certificate of docker's API.
Version-Release number of selected component (if applicable):
# rpm -qi docker-io
Name : docker-io
Version : 0.7.0
Release : 14.fc19
Architecture: x86_64
Install Date: Tue 10 Dec 2013 07:12:16 PM CET
Group : Unspecified
Size : 12003115
License : ASL 2.0
Signature : RSA/SHA256, Tue 03 Dec 2013 01:17:40 AM CET, Key ID
07477e65fb4b18e6
Source RPM : docker-io-0.7.0-14.fc19.src.rpm
Build Date : Mon 02 Dec 2013 05:06:54 PM CET
Build Host : buildvm-12.phx2.fedoraproject.org
How reproducible:
Install docker-io, try to run a search -> fail
Steps to Reproduce:
1. yum install docker-io
2. systemctl start docker
3. docker search fedora
Actual results:
$ docker search fedora
2013/12/13 12:41:35 Error: Get https://index.docker.io/v1/search?q=fedora:
x509: certificate signed by unknown authority
/var/log/messages
Dec 13 12:51:10 foo docker[14359]: 2013/12/13 12:51:10 GET
/v1.7/images/search?term=fedora
Dec 13 12:51:10 foo docker[14359]: [error] api.go:1034 Error: Get
https://index.docker.io/v1/search?q=fedora: x509: certificate signed by unknown
authority
Dec 13 12:51:10 foo docker[14359]: [error] api.go:82 HTTP Error: statusCode=500
Get https://index.docker.io/v1/search?q=fedora: x509: certificate signed by
unknown authority
Expected results:
Givme the fedora images
Additional info:
The is no problem to query this URL from curl nor from wget:
# curl https://index.docker.io/v1/search?q=fedora
{"query": "fedora", "num_results": 11, "results": [{"name": "mattdm/fedora",
"description": "A basic Fedora image corresponding roughly to a minimal
install, minus some things which don't make sense in a container. Use tag `f19`
for Fedora 19."}, {"name": "alexl/fedora-19", "description": "Minimal base
images based on Fedora 19"}, {"name": "simoncadman/fedora-20", "description":
"Updated fedora 20, based on goldmann/f20 , includes packages for building
rpms"}, {"name": "mattdm/fedora-small", "description": "A small Fedora image on
which to build. Contains just enough that you'll be able to run `yum install`
in your dockerfiles to create something useful. Use tag `f19` for Fedora 19."},
{"name": "philips/fedora", "description": ""}, {"name": "kraman/fedora_cfn",
"description": "mattdm/fedora:f19 + cloud-Init\n(SSH key setting has been
disabled)"}, {"name": "dgarcia/fedora18base", "description": ""}, {"name":
"goldmann/f20", "description": "Fedora 20 repository"}, {"name":
"philips/riak-base", "description": "Base Fedora box with Riak installed."},
{"name": "jumanjiman/eiffelstudio", "description": "EiffelStudio IDE in a
Docker container (fedora at the moment)"}, {"name": "svendowideit/publican",
"description": "Publish DocBook documentation using publican (running in a
fedora container)\n\ndocker run -t -i -v $(pwd):/mnt svendowideit/publican
build"}]}
# wget -O /dev/stdout https://index.docker.io/v1/search?q=fedora
--2013-12-13 12:52:21-- https://index.docker.io/v1/search?q=fedora
Resolving index.docker.io (index.docker.io)... 54.224.119.89, 54.234.135.251
Connecting to index.docker.io (index.docker.io)|54.224.119.89|:443...
connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/json]
Saving to: ‘/dev/stdout’
[<=>
] 0 --.-K/s {"query": "fedora",
"num_results": 11, "results": [{"name": "mattdm/fedora", "description": "A
basic Fedora image corresponding roughly to a minimal install, minus some
things which don't make sense in a container. Use tag `f19` for Fedora 19."},
{"name": "alexl/fedora-19", "description": "Minimal base images based on Fedora
19"}, {"name": "simoncadman/fedora-20", "description": "Updated fedora 20,
based on goldmann/f20 , includes packages for building rpms"}, {"name":
"mattdm/fedora-small", "description": "A small Fedora image on which to build.
Contains just enough that you'll be able to run `yum install` in your
dockerfiles to create something useful. Use tag `f19` for Fedora 19."},
{"name": "philips/fedora", "description": ""}, {"name": "kraman/fedora_cfn",
"description": "mattdm/fedora:f19 + cloud-Init\n(SSH key setting has been
disabled)"}, {"name": "dgarcia/fedora18base", "description": ""}, {"name":
"goldmann/f20", "description": "Fedora 20 repository"}, {"name":
"philips/riak-base", "description": "Base Fedora box with Riak installed."},
{"name": "jumanjiman/eiffelstudio", "description": "EiffelStudio IDE in a
Docker container (fedora at the moment)"}, {"name": "svendowideit/publican",
"description": "Publish DocBook documentation using publican (running in a
fedora container)\n\ndocker run -t -i -v $(pwd):/mnt svendowideit/publican
build"} [ <=>
] 1,373 --.-K/s in 0.001s
2013-12-13 12:52:21 (1.24 MB/s) - ‘/dev/stdout’ saved [1373]
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years, 4 months
[Bug 1034951] New: golang-vim has unsatisfied dependencies on epel6
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1034951
Bug ID: 1034951
Summary: golang-vim has unsatisfied dependencies on epel6
Product: Fedora EPEL
Version: el6
Component: golang
Severity: high
Assignee: admiller(a)redhat.com
Reporter: tis(a)foobar.fi
QA Contact: extras-qa(a)fedoraproject.org
CC: adam(a)spicenitz.org, admiller(a)redhat.com,
golang(a)lists.fedoraproject.org, lsm5(a)redhat.com
package: golang-vim-1.1.2-7.el6.noarch from epel-testing
unresolved deps:
vim-filesystem
vim-filesystem is post rhel6 and is not available so golang-vim is not
installable.
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years, 4 months
[Bug 1045220] New: Pulling the "ubuntu" image from upstream fails
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1045220
Bug ID: 1045220
Summary: Pulling the "ubuntu" image from upstream fails
Product: Fedora EPEL
Version: el6
Component: docker-io
Severity: low
Assignee: lsm5(a)redhat.com
Reporter: dmarti(a)zgp.org
QA Contact: extras-qa(a)fedoraproject.org
CC: golang(a)lists.fedoraproject.org, lsm5(a)redhat.com,
mattdm(a)redhat.com, mgoldman(a)redhat.com,
skottler(a)redhat.com, vbatts(a)redhat.com
Description of problem:
Pulling the "ubuntu" Docker image from a remote repository fails if package
xz-lzma-compat is not installed.
Version-Release number of selected component (if applicable):
0.7.0-14.el6.x86_64
How reproducible:
Steps to Reproduce:
1. Do a "docker run" command with the upstream "ubuntu" image not present
locally.
Actual results:
$ docker run ubuntu echo "hello world"
Unable to find image 'ubuntu' (tag: latest) locally
Pulling repository ubuntu
8dbd9e392a96: Error pulling image (precise) from ubuntu, endpoint:
https://cdn-registry-1.docker.io/v1/, exit status 2: tar (grandchild): xz:
Cannot exec: No such file or directory
tar (grandchild): Error is not recoverable: exiting now
Expected results:
Docker pulls the "ubuntu" image, then "hello world" echoes from within the
container.
Additional info:
This works fine as soon as xz-lzma-compat is installed using Yum.
--
You are receiving this mail because:
You are on the CC list for the bug.
10 years, 5 months