Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

wslhost.exe listen only on localhost (0.7.1 with dockerd)

See original GitHub issue

Rancher Desktop Version

0.7.1

Rancher Desktop K8s Version

1.2.1.7

What operating system are you using?

Windows

Operating System / Build Version

Windows 10 Pro 1909

What CPU architecture are you using?

x64

Windows User Only

No response

Actual Behavior

The behaviour of Docker in the WSL distro used by rancher-desktop is different from Docker on Ubuntu, concerning the addresses in listen when a container is run with a bound port.

Steps to Reproduce

Just start a nginx container with the external port 38080 bound on the internal http port :

$ docker run -d --name test-nginx -p 38080:80 nginx
cc9620d916c8147f3d3b0b2903b53cf13fcacc9006e13bc90fd6790f761c77b8

The container is started and the external port should be listen on all interfaces for IP v4 and v6 :

$ docker container ls | egrep '(nginx|CONTAINER)'
CONTAINER ID   IMAGE  COMMAND                  CREATED             STATUS          PORTS                                    NAMES
cc9620d916c8   nginx  "/docker-entrypoint.…"   3 minutes ago       Up 40 seconds   0.0.0.0:38080->80/tcp, :::38080->80/tcp  test-nginx

Result

But actually netstat shows that only the local addresses are bound by the listener.

$ netstat -anto | egrep -a '(38080|Proto)'
  Proto  Adresse locale         Adresse distante       état            PID      état de déchargement
  TCP    127.0.0.1:38080        0.0.0.0:0              LISTENING       10020    InHost
  TCP    [::1]:38080            [::]:0                 LISTENING       10020    InHost

So the container is not reachable with the external IP of the host.

Expected Behavior

In a Docker installed on Ubuntu the external port is reachable with any available IP on the host (locals and externals).

# cat /etc/os-release
NAME="Ubuntu"
VERSION="20.04.1 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.1 LTS"
VERSION_ID="20.04"

# docker version
Client: Docker Engine - Community
 Version:           20.10.11
 API version:       1.41
 Go version:        go1.16.9
 Git commit:        dea9396
 Built:             Thu Nov 18 00:37:06 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.11
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.9
  Git commit:       847da18
  Built:            Thu Nov 18 00:35:15 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.12
  GitCommit:        7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc:
  Version:          1.0.2
  GitCommit:        v1.0.2-0-g52b36a2
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

# docker run -d --name test-nginx -p 38080:80 nginx
977bb07890323434549aee02bfd0be4ab13644d0f02cfcc348c6ea91e2895147

# docker container ls | egrep '(nginx|CONTAINER)'
CONTAINER ID   IMAGE   COMMAND                  CREATED          STATUS          PORTS        
977bb0789032   nginx   "/docker-entrypoint.…"   6 seconds ago   Up 5 seconds   0.0.0.0:38080->80/tcp, :::38080->80/tcp   test-nginx

# ss -antp | egrep '(38080|State)'
State    Recv-Q    Send-Q       Local Address:Port         Peer Address:Port    Process                                                          
LISTEN   0         4096               0.0.0.0:38080             0.0.0.0:*        users:(("docker-proxy",pid=166659,fd=4))                        
LISTEN   0         4096                  [::]:38080                [::]:*        users:(("docker-proxy",pid=166667,fd=4))

One expected the same behaviour with the Docker managed by rancher-desktop.

Additional Information

No response

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:14 (5 by maintainers)

github_iconTop GitHub Comments

3reactions
janduboiscommented, Mar 17, 2022

@jandubois can you please reopen this issue? Does not seem to be resolved.

Sure! @Nino-K can you take a look?

2reactions
zerikvcommented, Jan 5, 2022

In the nginx container : nginx listen on all interfaces

$ wsl -d rancher-desktop -- docker exec test-nginx netstat -anp | grep ':80'
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1/nginx: master pro
tcp6       0      0 :::80                   :::*                    LISTEN      1/nginx: master pro

In the rancher-desktop VM : docker-proxy listen on all interfaces

$ wsl -d rancher-desktop  -- netstat -anp | grep 38080
tcp        0      0 0.0.0.0:38080           0.0.0.0:*               LISTEN      4003/docker-proxy
tcp        0      0 :::38080                :::*                    LISTEN      4011/docker-proxy

On the Windows host: wslhost.exe listen only on local interfaces

$ netstat -ano | grep 38080
  TCP    127.0.0.1:38080        0.0.0.0:0              LISTENING       15452
  TCP    [::1]:38080            [::]:0                 LISTENING       15452

$ tasklist | grep 15452
wslhost.exe                  15452 Console                    2     5 088 Ko

As workaround is it possible to use a proxy port as explained in this Microsoft documentation : Accessing a WSL 2 distribution from your local area network (LAN)

PS C:\WINDOWS\system32> netsh interface portproxy add v4tov4 listenport=38081 listenaddress=0.0.0.0 connectport=38080 connectaddress=localhost

PS C:\WINDOWS\system32> netsh interface portproxy show all
Écouter sur ipv4 :             Connecter à ipv4 :
Adresse         Port        Adresse         Port
--------------- ----------  --------------- ----------
0.0.0.0         38081       localhost       38080

PS C:\WINDOWS\system32> netstat -ano | grep ':3808'
  TCP    0.0.0.0:38081          0.0.0.0:0              LISTENING       3816
  TCP    127.0.0.1:38080        0.0.0.0:0              LISTENING       15452
  TCP    [::1]:38080            [::]:0                 LISTENING       15452

For me that didn’t work at the first try, but after restarting the Windows service iphlpsvc the proxy access works fine :

net stop iphlpsvc
net start iphlpsvc

$ curl -sv http://<HOST_IP>:38081
.../...
< HTTP/1.1 200 OK
< Server: nginx/1.21.5
< Date: Wed, 05 Jan 2022 14:33:47 GMT
< Content-Type: text/html
< Content-Length: 615
< Last-Modified: Tue, 28 Dec 2021 15:28:38 GMT
< Connection: keep-alive
< ETag: "61cb2d26-267"
< Accept-Ranges: bytes
Read more comments on GitHub >

github_iconTop Results From Across the Web

"Cannot connect to the Docker daemon at tcp://localhost:2375 ...
I'm trying to execute Docker commands from a WSL bash terminal and am getting the following error… $ docker ps Cannot connect to...
Read more >
Fixing WSL2 localhost access issue - abdus.dev
This lets us, for instance, access a Docker container listening to 0.0.0.0:8000 on WSL from Windows using localhost:8000 .
Read more >
Can't connect to WSL2 localhost server from WSL2 docker ...
0.1 in Ubuntu hosts file) on my WSL2 Ubuntu. I can connect to it from both Ubuntu and Windows host - so far...
Read more >
Localhost not reachable on windows 10 wsl2 - Super User
first have your ubuntu app listen on 0.0.0.0:8000 (bind to all addresses, not just localhost). second get the ubuntu system ip address or ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Unable to run a container which is reachable on ports 80 or 443

Next page

WSL /var/run/docker.sock permissions