Univention Bugzilla – Bug 43607
Docker containers cannot reach network
Last modified: 2017-04-04 18:29:47 CEST
As discussed. There is no problem in the firewall script 20_docker.sh. Instead, right after an update, something seems to be not running. Suspect: kdbus. Instead of fixing the firewall script, we will enforce a restart before the App Center may be called. +++ This bug was initially created as a clone of Bug #43471 +++ The firewall seems to block outgoing or incoming traffic. We need to adjust the Firewall settings for Docker.
Checking for kernel 4.9 in univention-appcenter 6.0.1-33A~4.2.0.201702221712 This means that the user rebooted the system once. This should get services in order.
There is a problem with 20_docker.sh /etc/init.d/docker status in /etc/security/packetfilter.d/20_docker.sh always returns != 0 and therefor all nat rules are missing and apps can't get a network connection. Changing this test to "systemctl status docker" works for me. The rest is ok. I couldn't test it in UMC (Bug #43653) but at least the command line installation failed correctly -> univention-app install owncloud82 Going to install ownCloud (9.1.1-20170120) (must_have_fitting_kernel_version) Unable to install owncloud82. Aborting... reboot -> univention-app install etherpad-lite ...
(In reply to Felix Botner from comment #2) > There is a problem with 20_docker.sh > > /etc/init.d/docker status in /etc/security/packetfilter.d/20_docker.sh > always returns != 0 and therefor all nat rules are missing and apps can't > get a network connection. > > Changing this test to "systemctl status docker" works for me. systemctl -q is-active docker.service
Fixed in univention-firewall 9.0.0-8A~4.2.0.201703010231
OK
UCS 4.2 has been released: https://docs.software-univention.de/release-notes-4.2-0-en.html https://docs.software-univention.de/release-notes-4.2-0-de.html If this error occurs again, please use "Clone This Bug".