Docker kills net/speed (various OS)

Soldato
Joined
18 Aug 2007
Posts
9,688
Location
Liverpool
I decided to get with the times and learn about Docker. I currently have various bare metal server instances on a NAS, and wanted to bring some of them over to Docker on my (infinitely more powerful) Threadripper system. Just to get the hang of it, I installed the latest Docker CE on my MacBook Pro. I found that while I could install images and set servers up no problem (bridge networking), after a short while my main (Mac/host) ethernet would just die and get a 169 IP address. No amount of resetting the connection, unplugging and replugging, or anything else would fix it.

If I turned off Docker and quit the app, I could get an IP using DHCP again and my Mac's internet was perfectly fine. Fire up Docker, and it'd drop to a 169 address again and nothing but a manual config would restore connectivity. Weird, but Docker is meant for Linux anyway so I figured I'd try there in the morning...

So today I installed Docker CE (from Docker's own repo) on my Fedora 31 KDE (Threadripper) box. It installed fine, and after a reboot the hello-world image ran and showed no issues. Great... Except now my internet on *this* box, while still connected at least, runs at between 100 to 500 KBps (versus 550 Mbps usually). It was so slow that updates were timing out, web pages refused to load and hung, and I was getting pop up messages from the system asking if I had 'weird power management settings enabled, as the kernel is confused'.

I tried restarting NetworkManager, I tried setting up a manual profile for the connection (as on the MacBook) - but nothing worked. I uninstalled Docker and I'm instantly back to 550Mbps and instant browsing speeds.

Unless I happen to have stumbled on a huge bug in Docker, coincidentally present in the release at the exact same time I decide to try it, something else must be going wrong. Does anyone have any ideas?
 
Soldato
Joined
10 Oct 2005
Posts
8,706
Location
Nottingham
Do all these systems use DHCP on their main connection? If so I wonder if you are getting some sort of conflict and it's screwing up the connection.

I have a couple of docker hosts under Ubuntu and haven't seen this issue (but my hosts are on static ips)
 
Soldato
OP
Joined
18 Aug 2007
Posts
9,688
Location
Liverpool
The DHCP failing on macOS is still a Docker-induced mystery. The Linux box issue, however, was solved... Dodgy Ethernet cable. :o The two happening at the same time (Docker install and the speed dropping 550 > 5) was a nice big fat red herring, but I worked it out about an hour later. Always check the basics, and don't make assumptions! You'd think I'd learn. Still, all's well that ends well - and I'm loving Docker.
 
Soldato
OP
Joined
18 Aug 2007
Posts
9,688
Location
Liverpool
Sorry to necro this thread (somewhat) chaps, but I have a question and it seemed pointless posting a new one.

I've been learning more about Docker by the day. I've gone from the clueless OP not knowing how to even pull an image, to having a domain with a dozen CNAMES proxied through Cloudflare bouncing off a gateway nginx reverse proxy into my Docker, with all my yummy services (and some I didn't even need, but they were cool... heh). I even have a Whoogle (anonymised Google) instance running, because why not? :D My question is about linking containers for networking. I can't get my head around it. If I set up a Docker container as a WireGuard client (i.e. it connects to a remove WG server via my WAN and has a VPN/proxied IP), how do I link it to other containers so they are automagically covered by the VPN? I can link containers together for resources like files, but I've not sussed networking even with Whoogle's help. Any tips please?
 
Soldato
Joined
18 May 2010
Posts
22,294
Location
London
Sorry to necro this thread (somewhat) chaps, but I have a question and it seemed pointless posting a new one.

I've been learning more about Docker by the day. I've gone from the clueless OP not knowing how to even pull an image, to having a domain with a dozen CNAMES proxied through Cloudflare bouncing off a gateway nginx reverse proxy into my Docker, with all my yummy services (and some I didn't even need, but they were cool... heh). I even have a Whoogle (anonymised Google) instance running, because why not? :D My question is about linking containers for networking. I can't get my head around it. If I set up a Docker container as a WireGuard client (i.e. it connects to a remove WG server via my WAN and has a VPN/proxied IP), how do I link it to other containers so they are automagically covered by the VPN? I can link containers together for resources like files, but I've not sussed networking even with Whoogle's help. Any tips please?

Hmm I dont know the answer.

Two thoughts are:

1. VPN in docker was very hard. Almost impossible without raising the privilege of the docker container.
2. With the new kernels we now have wire guard built in maybe look at those and see if they have made this easier.
 
Back
Top Bottom