Running dockers on Mac OS

on
Docker

Docker is a great piece of technology that I can solve the software dependency issue when I need to run multiple security tools in different scenarios. I can simply configure different containers with different tools and deploy them with speed and ease.

Running docker on Mac OS

These days, I was trying to run some of pre-configured container son my newly purchased Mac OS, and I realized that it is slightly different from running on the Linux box. When we run the docker on Mac OS, one has to create a Virtual Box to host the linux and with the docker client to connect to., but there is no need when you are on the Linux box. Those are transparent to the users if you are installing Docker Toolbox for Mac OS by running the Docker Quickstart Terminal. Everything works fine so far.

Docker daemon is not running?

Nevertheless, I have encountered a problem recently when I was working on different networks. And I would like to share out my findings as I did not find any good reference in the web OR I would say the material is scattered around with some hints to this problem. The main issue is the docker complaining "Cannot connect to the Docker daemon. Is 'docker -d' running on the host?" even I started the Docker with the Quickstart Terminal and the "docker-machine ls" command gave you the TLS connection error. At first, I followed the trace to solve by regenerating the SSH certs and reinstalling the Virtual Box/Docker to the latest version etc from scratch, but all are in vain.

Networks and the routing table?

Finally, I realized that my docker runs absolutely no problem at all when I am in my home network, but it is not the case for some others. When I drilled down from this direction, I found that the Virtual Box creates a bridge interface called vboxnet with 192.168.99.0/24 by default, and expose 192.169.99.100 as the docker host for connections from host to containers (the linux virtual machine). And if I listed out the routing table on my Mac machine, and it showed the correct routing entries as shown below

# netstat -nr
192.168.99      link#11          UC    4        0   vboxnet
192.168.99.6    x:x:xx:xx:xx:x  UHLWI  0        1   vboxnet   1009
192.168.99.100  x:x:xx:xx:xx:xx UHLWI  0      259   vboxnet   1052

And when I listed out the routing table on my Mac with the networks does not work, so happened, they are using the 192.169.99.0/24 for the DHCP servers for IP assignment as shown.

# netstat -nr
192.168.99   link#4       UCS     4       0     en0

You can see that my packet to 192.168.99.0/24 can never be reached the virtual machine and this is the reason of why the connection failure and TLS connection errors. Enjoy!


Comments

  1. neraliuMay 15, 2016 at 9:21 AM

    finally, natvie support for mac and windows are coming - https://beta.docker.com

    ReplyDelete

Post a Comment