I am unable to get networking in any docker container on Bluefin gts (F39). Podman containers get networking just fine but docker does not. It is a bit maddening!
I’ve been testing this command:
docker run --rm nicolaka/netshoot ping -c4 1.1.1.1
If I do the same with podman it works great! I want to get setup with using the supported docker+devcontainer environments. Any tips on where to start with this? Is firewalld blocking everything? How do I check that?
I’m going to try rebasing to F40.
Not sure I can help, as everything worked out of the box for me.
The first question, as it always is, is have you rebooted?
This Stack Overflow thread has a lot of discussion about docker networking.
On the host OS on my machine, this is the info for the docker0 bridge:
❯ ip addr show docker0
6: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:1f:a3:b0:cd brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:1fff:fea3:b0cd/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
And this is the iptables setup:
❯ sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:ms-wbt-server
ACCEPT udp -- anywhere 172.18.0.2 udp dpt:ms-wbt-server
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:wpl-analytics
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere ```I did a completely fresh reinstall and I can confirm docker has networking. @JohnAtl thanks for taking the time to respond 
I will try to keep track of different config changes.
I’m trying out the Microsoft VSCODE-REMOTE-TRY-PYTHON devcontainer now. This tech is really cool! I like how the developer environment is based on how we ship applications in the cloud.
Cool!
I don’t deploy containers, so will take your word on that.
This is the basis for my Dockerfile
nvcr.io/nvidia/tensorflow:24.05-tf2-py3
Then I add Python 3.11 from deadsnakes , some command line stuff and vs code extensions, also code to run as my user in the container and not root.
It was challenging to learn and get set up, but now it’s pretty much bullet proof. If I should lose the container for some reason, I can just rebuild it.
For our next project, I’ll use a newer version of Tensorflow and Python, and build a new container. No problems with versions, venvs, etc. if I need to switch between projects.
Is tensorflow for machine learning and AI applications?
I was starting to use nix for developer environments but I like this method better so far. The devcontainer method is mainstream and there are a lot more knowledge resources for docker and containers.
Yes, Tensorflow is for ML/AI.
I’ve tried nix several times, but there’s just too much overhead. Maybe if I were deploying a fleet of machines it would be worthwhile. Homemanager was equally painful.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.