I’m not able to run a simple Dockerimage with contents like:
FROM debian:buster
RUN apt-get update
I keep getting these error messages:
#0 20.18 Err:1 http://security.debian.org/debian-security bullseye-security InRelease
#0 20.18 Temporary failure resolving 'security.debian.org'
#0 20.18 Err:2 http://deb.debian.org/debian bullseye InRelease
#0 20.18 Temporary failure resolving 'deb.debian.org'
#0 40.20 Err:3 http://deb.debian.org/debian bullseye-updates InRelease
#0 40.20 Temporary failure resolving 'deb.debian.org'
I’ve tried a dozen of possible solutions mentioned on the internet like:
- add
{"dns": ["192.168.1.1", "8.8.8.8"]}
to/etc/docker/daemon.json
- run
sudo systemctl restart docker.service
- run
docker system prune
- reboot my operating system (Arch Linux)
- tried different images, even an ubuntu one, but same issue
But none of them did the trick. Anyone who can possibly help me out?
EDIT 1:
I completely re-installed docker on my system, without any luck. Still no connection to the internet. At this moment, I’ve no idea what to do to fix this problem.
EDIT 2:
Results Philippe asked for.
$ docker run busybox ip a
latest: Pulling from library/busybox
19d511225f94: Pull complete
Digest: sha256:3614ca5eacf0a3a1bcc361c939202a974b4902b9334ff36eb29ffe9011aaad83
Status: Downloaded newer image for busybox:latest
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
10: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
and
$ docker run busybox ip r
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 scope link src 172.17.0.2
And just in case, my iptables:
$ sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
2
Answers
Solved! Seemed I had some nft rules set which were conflicting with the iptables. Just a simple command as flushing the nft ruleset, fixed the issue:
This is possibly your local docker setup. Can you network from other containers? If so, we need to look into
debian:buster
; if not it is likely your host / docker setting.For what it is worth I have no issues here (using
testing
as I do not havebuster
locally):My host operating system in Ubuntu 22.04 but that should be immaterial.