Docker | docker0 has IP (is accessable from external) only at first run

Question

When I start a simple docker container (e.g. Portainer) with

docker run -d --name portainer -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer

the container is accessable from the internet as expected.

When I stop (docker stop portainer) and start (docker start portainer) the container, the port 9000 is open again (verified with nmap), but the web interface of portainer loads forever.

# first run
networkctl

 IDX LINK            TYPE     OPERATIONAL SETUP      
   1 lo              loopback carrier     configured 
   2 enp35s0         ether    routable    configured 
   3 enp36s0         ether    no-carrier  configuring
   5 br-1815f2210327 bridge   no-carrier  configuring
   6 br-7f9b2f2637a1 bridge   no-carrier  configuring
   7 br-a9ae27884558 bridge   no-carrier  configuring
6552 br-39aac8ad8ef3 bridge   routable    configuring
6559 docker0         bridge   no-carrier  configuring

# next run
networkctl

 IDX LINK            TYPE     OPERATIONAL SETUP      
   1 lo              loopback carrier     configured 
   2 enp35s0         ether    routable    configured 
   3 enp36s0         ether    no-carrier  configuring
   5 br-1815f2210327 bridge   no-carrier  configuring
   6 br-7f9b2f2637a1 bridge   no-carrier  configuring
   7 br-a9ae27884558 bridge   no-carrier  configuring
6552 br-39aac8ad8ef3 bridge   no-carrier  configuring
6559 docker0         bridge   no-carrier  configuring

I already tried different workarounds that I found on the internet, like

nano /etc/docker/daemon.json

{ "debug": true, "bip": "172.20.0.1/16" }

and this config file in various configurations

nano /etc/systemd/network/docker0.network

#[Match] #Name=docker0

#[Network]
#IPForward=yes

#[Network]
#Address=172.17.0.1/16

#[Link]
#Unmanaged=yes

(Currently everythings is commented out.)

When I restart the docker daemon with

systemctl restart docker

and then start the docker container

docker start portainer

it's working fine again.

My system is a linux root server hosted by strato.de:

docker -v
Docker version 20.10.6, build 370c289

cat /etc/issue
Ubuntu 20.04.2 LTS

uname -r
5.4.0-73-generic

The problem occurs with all of my docker containers on that server.

I would be very grateful for any further tips.

UPDATE

Docker on Ubuntu doesn't connect to localhost The mentioned solution seems not work on my server with Ubuntu 20.04.

Yesterday I installed the same OS and docker version in a VM. Everything is working fine there.

Kind regards, K1LLUM1N471

Answer 1

My problem was that i could ping google only once in a container (docker run --rm alpine ping google.com), after exit it would not ping the next time i ran the same command. In ifconfig docker0 the inet address was gone after exiting the container the inet6 was still there after running the command once.

when running networkctl status the docker0 link is at configuring.

This might do the trick:
the default Netplan config (/etc/netplan/01-netcfg.yaml)in my Ubuntu 22.04 server from Strato (dedicated server) is:

network:
    version: 2
    ethernets:
      mainif:
        match:
          name: '*'
        dhcp4: yes

replace it with something like this:

network:
    version: 2
    ethernets:
      enp3s0:
        dhcp4: yes
        dhcp6: no
      enp2s0:
        dhcp4: yes
        dhcp6: no

apply netplan config sudo netplan try or sudo netplan apply

restart Docker sudo systemctl restart docker

when now running networkctl the docker0 link should be unmanaged

Answer 2

For your interrest: I know that is not the best answer, but in my case I solved the problem by downgrading the OS on the root server :(

cat /etc/issue
Ubuntu 18.04.4 LTS

docker -v
Docker version 20.10.7, build f0df350