docker

No Image

Debian 11 and Podman: fixing ping inside the containers

28/09/2021 juliogonzalez 0

After updating one of my servers to from Debian 10 to Debian 11 I decided to get start getting rid of Docker and use Podman instead.

One of the containers is running checkmk, and after switching to Podman, everything was working except that the ping command failed to ping any IP or hostname at all. Same for the check_icmp and check_ping commands that were working just fine at Docker.

First stop: containers do not have NET_RAW capability by default. But even specifying it, or even using –cap-add=ALL, the container could still not ping anything.

It seems that enabling net.ipv4.ping_group_range is required, and despite systemd 243 should have it according to the link, systemd 247 on Debian 11 does not configure it.

So while that is sorted out, I ran:

sysctl net.ipv4.ping_group_range="0 2147483647"

And then created a file /etc/sysctl.d/ping_group_range.conf with the following content (for persistance):

net.ipv4.ping_group_range = 0 2147483647

And ping, as well as check_icmp and check_ping started to work again

No Image

Debian 10: some docker containers are not starting

31/08/2019 juliogonzalez 1

I just updated several of my boxes to Debian 10 Buster, including one virtual server I have to build and update Docker images for CI purposes.

Suddenly the containers for CentOS6 using centos:centos6 image refused to start for no reason. It didn’t matter if I tried to run sh or bash (for example with docker run -ti -u root --rm centos:centos6 /bin/bash). No error from the command docker at all. Just the prompt again.

The exact same Docker image worked fine on my openSUSE Leap 15.1.

(more…)