Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WSL2: Unable to access Docker(in wsl2) on host #11096

Closed
1 of 2 tasks
chen4903 opened this issue Jan 30, 2024 · 7 comments
Closed
1 of 2 tasks

WSL2: Unable to access Docker(in wsl2) on host #11096

chen4903 opened this issue Jan 30, 2024 · 7 comments
Labels
needs-author-feedback

Comments

@chen4903
Copy link

Windows Version

Microsofe Windows[Version 10.0.22621.3007]

WSL Version

2.0.9.0

Are you using WSL 1 or WSL 2?

  • WSL 2
  • WSL 1

Kernel Version

5.15.133.1-1

Distro Version

Ubuntu-22.04

Other Software

levi@LEVI-104-PC:/mnt/c/Users/ChenQin$ docker version
Client: Docker Engine - Community
 Version:           25.0.1
 API version:       1.44
 Go version:        go1.21.6
 Git commit:        29cf629
 Built:             Tue Jan 23 23:09:23 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          25.0.1
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.21.6
  Git commit:       71fa3ab
  Built:            Tue Jan 23 23:09:23 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.27
  GitCommit:        a1496014c916f9e62104b33d1bb5bd03b0858e59
 runc:
  Version:          1.1.11
  GitCommit:        v1.1.11-0-g4bccb38
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Repro Steps

step up a container: docker run -d --name nginx01 -p 3344:80 nginx

Expected Behavior

Under normal circumstances, I can access nginx by: http://localhost:3344

Actual Behavior

I can get the respon in WSL2: curl localhost:3344, but I can not get the respon by any other IP addresses or ports. I want to access the nginx in chrome browser, but it does not work in chrome browser by(of course I can not get respon in command line in windows):

http://localhost:3344
http://127.0.0.1:3344
http://<wsl ip>:3344
http://0.0.0.0:3344
...

Diagnostic Logs

My specifications:

[Windows 11 cmd]: 

WSL version: 2.0.9.0
Kernel version: 5.15.133.1-1
WSLg version: 1.0.59
MSRDC version: 1.2.4677
Direct3D version: 1.611.1-81528511
DXCore version: 10.0.25131.1002-220531-1700.rs-onecore-base2-hyp
Windows version: 10.0.22621.3007

Name                  : {40E0AC32-46A5-438A-A0B2-2B479E8F2E90}
Enabled               : True
DefaultInboundAction  : Allow
DefaultOutboundAction : Allow
LoopbackEnabled       : True
AllowHostPolicyMerge  : True

I have checked the google and github issues but does not help. Reinstalling WSL2 and closing both WSL2 and Windows Firewall are not useful.

PS: I install VMware first, and then use wsl2. Maybe there is some conflict. What should I do to access nginx in Windows chrome? I think this is a network configuration issue.
@github-actions GitHub Actions
Copy link

Hi I'm an AI powered bot that finds similar issues based off the issue title.

Please view the issues below to see if they solve your problem, and if the issue describes your problem please consider closing this one and thumbs upping the other issue to help us prioritize it. Thank you!

Open similar issues:

Closed similar issues:

Note: You can give me feedback by thumbs upping or thumbs downing this comment.

@ghost
Copy link

ghost commented Jan 30, 2024
edited by ghost
Loading

Can you post your .wslconfig and collect /logs? The log collection only needs to run while you start wsl -> start docker -> attempt to connect -> and then stop the container.

@ghost ghost closed this as completed Jan 30, 2024
@ghost ghost reopened this Jan 30, 2024
@SethWen
Copy link

SethWen commented Feb 4, 2024
edited
Loading

I have the same problem. The follow is my testing process.
I install wsl2 on my window11 (22H2 22621.3085). Debian12 and ubuntu20.04 are installed and docker is running on debian.

❯ wsl --version
WSL 版本: 2.0.9.0
内核版本: 5.15.133.1-1
WSLg 版本: 1.0.59
MSRDC 版本: 1.2.4677
Direct3D 版本: 1.611.1-81528511
DXCore 版本: 10.0.25131.1002-220531-1700.rs-onecore-base2-hyp
Windows 版本: 10.0.22621.3085

❯ wsl --list --verbose
  NAME            STATE           VERSION
* Ubuntu-20.04    Running         2
  Debian          Running         2

When I start a docker container on debian as following

docker run -it -p 6379:6379 redis:4.0.14-alpine

I can access the redis service from debian and ubuntu via localhost:6379, but I can not access it from windows via localhost:6379.

However, When I start a docker container on debian with options network=host as following

docker run -it --network host -p 6379:6379 redis:4.0.14-alpine

Then I can access the redis service from debian, ubuntu and also windows via localhost:6379.

Docker version is in the following

Client: Docker Engine - Community
 Version:           25.0.2
 API version:       1.44
 Go version:        go1.21.6
 Git commit:        29cf629
 Built:             Thu Feb  1 00:23:17 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          25.0.2
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.21.6
  Git commit:       fce6e0c
  Built:            Thu Feb  1 00:23:17 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

But if I just listen a port on debian, for example nc -l -p 9999 and not forword port by docker. I can access from all of debian, ubuntu, windows via localhost:9999.

I dont know is it a bug from wsl2 or docker, or maybe is it a feature?

Hope for response~

@SethWen
Copy link

SethWen commented Feb 5, 2024

I have the same problem. The follow is my testing process. I install wsl2 on my window11 (22H2 22621.3085). Debian12 and ubuntu20.04 are installed and docker is running on debian.

❯ wsl --version
WSL 版本: 2.0.9.0
内核版本: 5.15.133.1-1
WSLg 版本: 1.0.59
MSRDC 版本: 1.2.4677
Direct3D 版本: 1.611.1-81528511
DXCore 版本: 10.0.25131.1002-220531-1700.rs-onecore-base2-hyp
Windows 版本: 10.0.22621.3085

❯ wsl --list --verbose
  NAME            STATE           VERSION
* Ubuntu-20.04    Running         2
  Debian          Running         2

When I start a docker container on debian as following

docker run -it -p 6379:6379 redis:4.0.14-alpine

I can access the redis service from debian and ubuntu via localhost:6379, but I can not access it from windows via localhost:6379.

However, When I start a docker container on debian with options network=host as following

docker run -it --network host -p 6379:6379 redis:4.0.14-alpine

Then I can access the redis service from debian, ubuntu and also windows via localhost:6379.

Docker version is in the following

Client: Docker Engine - Community
 Version:           25.0.2
 API version:       1.44
 Go version:        go1.21.6
 Git commit:        29cf629
 Built:             Thu Feb  1 00:23:17 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          25.0.2
  API version:      1.44 (minimum version 1.24)
  Go version:       go1.21.6
  Git commit:       fce6e0c
  Built:            Thu Feb  1 00:23:17 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

But if I just listen a port on debian, for example nc -l -p 9999 and not forword port by docker. I can access from all of debian, ubuntu, windows via localhost:9999.

I dont know is it a bug from wsl2 or docker, or maybe is it a feature?

Hope for response~

I have soved the problem.
The global wsl config on windows is the following. See here

[wsl2]
networkingMode=mirrored
dnsTunneling=true
firewall=true

[experimental]
hostAddressLoopback=true
autoMemoryReclaim=dropcache

And then add the following to /etc/docker/daemon.json.

{
  "iptables": false
}

@erikspigle-payroc
Copy link

@SethWen: Your above solution for the .json config worked for me (I only needed the daemon.json part and none of the experimental features under the .wslconfig file). I'm curious if setting iptables to false could cause some other unintended behavior, however. Docker documentation calls out that setting this to false is inappropriate for most users, though maybe this is an appropriate case:

https://docs.docker.com/network/packet-filtering-firewalls/#prevent-docker-from-manipulating-iptables

@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

This issue has been automatically closed since it has not had any author activity for the past 7 days. If you're still experiencing this issue please re-file it as a new issue.

Thank you!

@LoadingZhang
Copy link

if set "iptables": false, containers cannot be accessed through docker internal networks. It's not a perfect way

This was referenced Nov 11, 2024
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs-author-feedback
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@LoadingZhang @SethWen @chen4903 @erikspigle-payroc