New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error using private repo - dial tcp port 53 i/o timeout #1569
Comments
Thanks for the report and the diagnostics upload. Comparing the DNS results in the logs from the VM versus the host I think there are 2 problems:
|
Cool, thanks for the explanation. Is this something happening in the docker/VM/OSX stack or is this something the registry provider can alleviate by changing order of their DNS entries and therefore I should report it to them? (JFrog in this case). |
I think I have a fix for this. If you have the time to experiment, could you try the following:
This binary hasn't been signed so you may be prompted to confirm whether it should be allowed to listen on network ports. The binary has not been thoroughly tested -- it's only suitable for testing. When I query a DNS name from within a container which maps to a chain of
If you have the time to try it, let me know the results. If it still fails, please upload a fresh diagnostic. Thanks! |
@ernestm it looks like a bug in the Docker for Mac's DNS forwarder. Many DNS client resolvers are actually pretty tolerant and would cope with this, but I think the |
Issues go stale after 90d of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
Closed issues are locked after 30 days of inactivity. If you have found a problem that seems similar to this, please open a new issue. Send feedback to Docker Community Slack channels #docker-for-mac or #docker-for-windows. |
Expected behavior
docker login and pull work as normal
Actual behavior
Error on docker login:
Error response from daemon: Get https://.jfrog.io/v1/users/: dial tcp: lookup .jfrog.io on 192.168.65.1:53: read udp 192.168.65.2:51225->192.168.65.1:53: i/o timeout
(then after putting the creds into config.json by hand since login doesn't work)
Error on docker pull: Error response from daemon: Get https://.jfrog.io/v1/_ping: dial tcp: lookup .jfrog.io on 192.168.65.1:53: read udp 192.168.65.2:48725->192.168.65.1:53: i/o timeout
Information
Diagnostic ID:
420E5E97-6084-4DAB-837F-D0D168FB72C4
I'm running Version 17.05.0-ce-rc1-mac8 (16582) edge on OSX 10.11.6 (15G1421). I have restarted docker, restarted my laptop, and tried using a different network. This started happening to me today, but I haven't tried to pull from this repo since before Dockercon (and at least 2 docker version upgrades on my laptop). I am using straight Docker for Mac, no docker-machine.
Having read the various similar bugs on this issue (docker/kitematic#718, moby/moby#24344, moby/moby#13337) I have tried using both Google DNS and OpenDNS as resolvers to no avail. I can resolve the hostname:
I can pull alpine, and can pull from dockerhub and Amazon ECR. One of my colleagues can pull from this private repo using the same credentials.
The only workaround I could get to work was to hardcode one of those IPs in my /etc/hosts file - when I do that, I can login and pull. But of course doing that to a CNAME that's to an ELB with multiple IPs makes baby Jesus cry in the long term.
Steps to reproduce the behavior
The text was updated successfully, but these errors were encountered: