Issue
I used docker-machine to setup a docker host on our openstack private cloud. Everything went as expected. But when I try to build a Dockerfile with a ubuntu:14.04, and simply do a RUN apt-get update
I get this:
Ign http://archive.ubuntu.com trusty InRelease
Ign http://archive.ubuntu.com trusty-updates InRelease
...
Takes forever, and times out.
Then I remove the RUN apt-get update
and run docker build -t test .
and docker run -it test /bin/bash
Inside the container I can ping archive.ubuntu.com and any other domain fine. I see in my resolve.conf
that the nameserver 8.8.8.8
is there. But when I try to run apt-get update
again, I get the same results.
I have tried to run the container with the --dns 8.8.8.8
flag, with no difference. But since my resolve.conf file has the DNS entry, and I can ping the domains, that shouldn't be the issue.
If I run the container with the --net=host
flag, I am able to apt-get update. But this flag doesn't work with the docker build
command.
I have also tried this suggested answer I found here.
sudo apt-get install bridge-utils
pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
sudo service docker start
But it hasn't helped.
If I start up pre-build images and services that requires no package update or installation. Everything is working as expected. I have tried numerous re-installs and different cloud images for the docker host. There is no firewall software running on the host.
Experiencing this with other images as well, example centos yum update
http://centos.uib.no/7.2.1511/os/x86_64/repodata/repomd.xml:
[Errno 12] Timeout on http://centos.uib.no/7.2.1511/os/x86_64/repodata/repomd.xml:
(28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
I'm completely lost, and any help would be much appreciated!
Solution
I am guessing you are running this on an instance on Openstack? This issue most probably would be because of MTU. To give some background, typical openstack deployments use VXLAN or GRE and due to the overhead added by them, the default MTU for instances is reduced (by configurations in openstack's components/something similar). Check the MTU within your instance and see if its 1500 or less than that.
Now, if you are running docker within the instance, docker will set the default MTU to be 1500. If you launch a container and login to it, you will see the default MTU as 1500. You can decrease it to say 1450 or 1420 and see if it works. I had faced the same issue and it worked for me after reducing the MTU.
ExecStart=/usr/bin/docker daemon -H fd:// --mtu=1450
Here are the detailed steps on how to change the MTU for containers in docker:-
https://rahulait.wordpress.com/2016/02/28/modifying-default-mtu-for-docker-containers/
Answered By - Rahul Answer Checked By - Marie Seifert (WPSolving Admin)