Docker bridge network does not work since I installed LXD / UFW (from snap) on Ubuntu 22.
Docker worked for a long time. Then, I wanted to use LXD. On ubuntu, it is a snap package. Once I installed it and created a container, the container had no internet access.
I found some commands on another stackoverflow post:
sudo ufw disable
sudo apt remove ufw
sudo apt purge ufw
sudo snap install ufw
sudo ufw enable
sudo ufw allow in on lxdbr0
sudo ufw route allow in on lxdbr0
sudo nft flush ruleset
sudo systemctl reload snap.lxd.daemon
This solved the LXD issue but now docker won't access internet
docker run -it ubuntu apt update
This command will timeout for each repository. If I specify --net=host then it works. It seems it is an issue with the bridge connection. I manually deleted docker0 using ip link delete docker0 then restarted docker service but nothing changed.
I am on Ubuntu 22, so I probably had ufw installed. I tried to reinstall ufw then docker, I also tried to only install docker but nothing worked.
I am supposed to have some tables for docker in iptables (https://docs.docker.com/network/iptables/) but I don't
sudo iptables -L -n -t nat
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Does someone have any clue on this? Thank you.
I have tried to remove all firewalls (iptables, ufw), LXD and docker, and reinstall them (many combinaisons: docker will reinstall iptables in any case).
Sometimes, when re-installing docker, I got this error
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
invoke-rc.d: initscript docker, action "start" failed.
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Mon 2022-12-05 23:24:41 CET; 7ms ago
TriggeredBy: ● docker.socket
Docs: https://docs.docker.com
Process: 15278 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 15278 (code=exited, status=1/FAILURE)
CPU: 107ms
dpkg: erreur de traitement du paquet docker-ce (--configure) :
installed docker-ce package post-installation script subprocess returned error exit status 1
Des erreurs ont été rencontrées pendant l'exécution :
docker-ce
E: Sub-process /usr/bin/dpkg returned an error code (1)
Then, if I tried launching the apt install command 1 or 2 more times, it worked.. This may be a clue.
I tried to regenerate docker's bridge. Between most steps I tried to restart my compute. I checked the DNS in the host which is
nameserver 127.0.0.53
options edns0 trust-ad
search lxd home
I tried to remove lxd from it but it keeps showing in the docker containers.
I solved the issue. I restored my iptables configuration using someone's else configuration: Docker: How to re-create dockers additional iptables rules?
Just to make it clear, my issue was effectively that I had destroyed my iptables by trying to fix the incompatibility between docker and lxc/lx witht a bad advice, but this incompatibility wasn't the issue of this post. If someone find this post trying to fix the incompatibility he may follow this advice: fresh-install-of-ubuntu-22-04-lxd-via-snap-containers-cannot-reach-the-internet