You are not logged in.
I got following error
when I do docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: xxx
Password:
Error response from daemon: Get "https://registry-1.docker.io/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers) ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 90:1b:0e:9e:eb:da brd ff:ff:ff:ff:ff:ff
inet xxx peer 138.201.130.65/32 scope global enp0s31f6
valid_lft forever preferred_lft forever
inet6 xxx/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::921b:eff:fe9e:ebda/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
8: docker0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 7e:eb:8c:2c:7e:69 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.0.0.1/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::7ceb:8cff:fe2c:7e69/64 scope link proto kernel_ll
valid_lft forever preferred_lft foreverMy nftables.conf
#!/usr/bin/nft -f
# vim:set ts=2 sw=2 et:
# IPv4/IPv6 Simple & Safe firewall ruleset.
# More examples in /usr/share/nftables/ and /usr/share/doc/nftables/examples/.
flush ruleset
table inet my_table {
set LANv4 {
type ipv4_addr
flags interval
elements = { 10.0.0.0/8, 192.168.0.0/24, 172.18.0.1/16, 138.201.0.0/16 }
}
set LANv6 {
type ipv6_addr
flags interval
elements = { fd00::/8, fe80::/10, 2a01:4f8:172:2d89::/48 }
}
chain my_input_lan {
meta l4proto { tcp, udp } th dport 2049 accept comment "Accept NFS"
udp dport netbios-ns accept comment "Accept NetBIOS Name Service (nmbd)"
udp dport netbios-dgm accept comment "Accept NetBIOS Datagram Service (nmbd)"
tcp dport netbios-ssn accept comment "Accept NetBIOS Session Service (smbd)"
tcp dport microsoft-ds accept comment "Accept Microsoft Directory Service (smbd)"
udp sport { bootpc, 4011 } udp dport { bootps, 4011 } accept comment "Accept PXE"
udp dport tftp accept comment "Accept TFTP"
}
chain my_input {
type filter hook input priority filter; policy drop;
iif lo accept comment "Accept any localhost traffic"
ct state invalid drop comment "Drop invalid connections"
ct state established,related accept comment "Accept traffic originated from us"
meta l4proto ipv6-icmp accept comment "Accept ICMPv6"
meta l4proto icmp accept comment "Accept ICMP"
ip protocol igmp accept comment "Accept IGMP"
udp dport mdns ip6 daddr ff02::fb accept comment "Accept mDNS"
udp dport mdns ip daddr 224.0.0.251 accept comment "Accept mDNS"
ip6 saddr @LANv6 jump my_input_lan comment "Connections from private IP address ranges"
ip saddr @LANv4 jump my_input_lan comment "Connections from private IP address ranges"
tcp dport ssh accept comment "Accept SSH on port 22"
tcp dport ipp accept comment "Accept IPP/IPPS on port 631"
tcp dport 53 accept comment "Accept DNS on port 53"
# tcp dport 111 accept comment "Accept systemd on port 111"
tcp dport 137-139 accept comment "Accept smbd nmbd on port 137-139"
tcp dport 445 accept comment "Accept ?? on port 445"
# tcp dport 1800 accept comment "Accept Duplicati on port 1800"
tcp dport 2049 accept comment "Accept NFS on port 2049"
# tcp dport 3000 accept comment "Accept Grafana on port 3000"
# tcp dport 5353 accept comment "Accept DNS Traffic on port 5353"
# tcp dport 8200 accept comment "Accept Duplicati Traffic on port 8200"
# tcp dport 20048 accept comment "Accept ??? on port 20048"
# tcp dport 34841 accept comment "Accept ??? on port 34841"
# tcp dport 42375 accept comment "Accept ??? on port 42375"
tcp dport { http, https } accept comment "Accept HTTP (ports 80, 443)"
udp sport bootpc udp dport bootps ip saddr 0.0.0.0 ip daddr 255.255.255.255 accept comment "Accept DHCPDISCOVER (for DHCP-Proxy)"
}
chain postrouting {
iifname docker0 oifname enp0s31f6 masquerade
}
chain my_forward {
type filter hook forward priority filter; policy drop;
# Drop everything forwarded to us. We do not forward. That is routers job.
}
chain my_output {
type filter hook output priority filter; policy accept;
# Accept every outbound connection
}
}cat /etc/resolv.conf
nameserver 185.12.64.1
nameserver 185.12.64.2
nameserver 2a01:4ff:ff00::add:1
nameserver 2a01:4ff:ff00::add:2/etc/systemd/system/docker.service.d/netns.conf
[Service]
PrivateNetwork=yes
# cleanup
ExecStartPre=-nsenter -t 1 -n -- ip link delete docker0
# add veth
ExecStartPre=nsenter -t 1 -n -- ip link add docker0 type veth peer name docker0_ns
ExecStartPre=sh -c 'nsenter -t 1 -n -- ip link set docker0_ns netns "$$BASHPID" && true'
ExecStartPre=ip link set docker0_ns name enp0s31f6
# bring host online
ExecStartPre=nsenter -t 1 -n -- ip addr add 10.0.0.1/24 dev docker0
ExecStartPre=nsenter -t 1 -n -- ip link set docker0 up
# bring ns online
ExecStartPre=ip addr add 10.0.0.100/24 dev enp0s31f6
ExecStartPre=ip link set enp0s31f6 up
ExecStartPre=ip route add default via 10.0.0.1 dev enp0s31f6Jul 09 20:50:30 mail systemd[1]: Starting Docker Application Container Engine...
Jul 09 20:50:30 mail nsenter[2807]: Cannot find device "docker0"
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.585678209+02:00" level=info msg="Starting up"
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.682552068+02:00" level=info msg="[graphdriver] using prior storage driver: overlay2"
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.682931737+02:00" level=info msg="Loading containers: start."
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.859470190+02:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.918193418+02:00" level=info msg="Loading containers: done."
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.955956675+02:00" level=warning msg="Not using native diff for overlay2, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled" storage-driver=overlay2
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.956168728+02:00" level=info msg="Docker daemon" commit=659604f9ee graphdriver=overlay2 version=24.0.2
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.956230333+02:00" level=info msg="Daemon has completed initialization"
Jul 09 20:50:30 mail dockerd[2838]: time="2023-07-09T20:50:30.987937040+02:00" level=info msg="API listen on /run/docker.sock"
Jul 09 20:50:31 mail systemd[1]: Started Docker Application Container Engine.[root@mail docker.service.d]# docker network ls
NETWORK ID NAME DRIVER SCOPE
38014bef1a57 bridge bridge local
747a073194a6 host host local
1c47e7d9cd0b none null localWhat is the problem?
Last edited by Morta (2023-07-09 19:03:43)
Offline
Can someone say how to bridge docker0 to enp0s31f6 with systemd-networkd?
My config looks on the other server like this but I don't know how create like this with networkd the br-abac02be342e
[morta@5erver network]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp8s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 04:d9:f5:bc:8f:c6 brd ff:ff:ff:ff:ff:ff
3: enp9s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 04:d9:f5:bc:8f:c7 brd ff:ff:ff:ff:ff:ff
4: enp10s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 04:d9:f5:bc:8f:c8 brd ff:ff:ff:ff:ff:ff
5: enp11s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 04:d9:f5:bc:8f:c9 brd ff:ff:ff:ff:ff:ff
6: enp7s0f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
link/ether 4e:b7:bc:18:c0:bf brd ff:ff:ff:ff:ff:ff permaddr 98:b7:85:89:7e:f8
7: enp7s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master bond0 state UP group default qlen 1000
link/ether 4e:b7:bc:18:c0:bf brd ff:ff:ff:ff:ff:ff permaddr 98:b7:85:89:7e:f9
8: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 4e:b7:bc:18:c0:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global dynamic noprefixroute bond0
valid_lft 6324sec preferred_lft 6324sec
inet6 2a02:168:a774::2222/128 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 2a02:168:a774:0:b64f:674d:3f45:25f/64 scope global dynamic noprefixroute
valid_lft 86148sec preferred_lft 14148sec
inet6 fe80::23ff:3b09:6d1d:1048/64 scope link noprefixroute
valid_lft forever preferred_lft forever
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:64:62:66:7f brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fd00::1/80 scope global tentative
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link tentative
valid_lft forever preferred_lft forever
10: br-abac02be342e: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:4c:74:98:c0 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-abac02be342e
valid_lft forever preferred_lft forever
inet6 fd00:dead:beef::1/48 scope global tentative
valid_lft forever preferred_lft forever
inet6 fe80::1/64 scope link tentative
valid_lft forever preferred_lft foreverOffline