#460 using docker/podman together has network conflicts on F28 Atomic Host
Opened 3 years ago by sinnykumari. Modified 3 years ago

In latest Fedora 28 Atomic Host RC 1.1, we have both podman and docker pre-installed.
I was playing around with podman on Fedora 28 Atomic Host and tried to launch a container by running command

$ sudo podman run -t fedora bash
[root@becd4a294478 /]# 

Container launched successfully and got shell prompt. But, looks like network is unreachable.

# curl example.com
 no response.
# dnf update
Error: Failed to synchronize cache for repo updates.

To workaround, disable docker&&reboot or launch podman container with option --net=host.

$ sudo podman run -t --net=host fedora bash

Note: network inside container launched by docker were fine

We're fairly certain this is a known issue with the CNI plugins, which CRI-O and Podman use for networking. IPTables rules to forward traffic for containers added by Docker are overriding what is done by CNI.

There is an upstream PR against the CNI plugins to fix this [1], but it has been stalled upstream for an extended period of time.

[1] https://github.com/containernetworking/plugins/pull/75

Metadata Update from @dustymabe:
- Issue tagged with: F28, host

3 years ago

Login to comment on this ticket.