[DCOS_OSS-4396] Docker container might disrupt l4lb traffic Created: 26/Oct/18 Updated: 01/May/19 Resolved: 01/May/19
|Affects Version/s:||DC/OS 1.11.6, DC/OS 1.12.0|
|Fix Version/s:||DC/OS 1.12|
|Reporter:||Deepak Goel||Assignee:||Deepak Goel|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
|Team:||DELETE Networking Team|
It was observed that in the soak112s cluster one of the private agents wasn't able to access the service via l4lb. The root cause was found out to be a Docker container which was forwarding the traffic on port 80 to itself via iptables rules. VIP traffic should still continue to work even when such a container is running.
iptables rule that impacted the VIP traffic were:
1. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
|Comment by Evan Lezar [ 02/Nov/18 ]|
There is also a container running on the soak111 cluster (agent int-agent12-soak111).
|Comment by Catherine Southard [ 16/Nov/18 ]|
Updating the fixVersion to 1.12 since this has not yet landed.
|Comment by Deepak Goel [ 01/May/19 ]|
This is a duplicate of