On Sat, 30 Sep 2023 21:23:26 -0000 (UTC), Jim Henderson wrote:
OK, so I've found that in the lxd image, it fails as with rimelek's setup. So I've been able to reliably reproduce it.
I've also got it configured on the host that runs the lxd image, and it works there.
From there I've been able to determine that the traffic is never leaving the userspace network. Running wireshark both inside the userspace network and outside it, I see the requests inside the userspace network, and no traffic on the host's network at all.
What I was hoping to see was a DNS lookup request and response, followed by nothing - but the DNS request isn't even getting out.
When I do the trace on the host (where it works for me), I see traffic on the host's external network.
So it seems that the issue is that traffic isn't passing from the userspace network to the real-world network.
The user who reported the issue has figured it out. Because we generate a symlink for /etc/resolv.conf rather than a real file, slirp4netns doesn't work. The documentation for it specifically states that the file has to be a real file, not a symlink. Changing it to a real file resolved the issue for him. He's going to report this through bugzilla so a permanent fix can be implemented. His post on his resolution can be found at [1]. [1] https://forums.docker.com/t/rootless-docker-i-o-timeout-with-docker- pull/137848/29 -- Jim Henderson Please keep on-topic replies on the list so everyone benefits