Bug 1394474

Summary: docker containers can't resolve public DNS records on Fedora 24
Product: [Fedora] Fedora Reporter: Javier Ramirez <javier.ramirez>
Component: firewalldAssignee: Thomas Woerner <twoerner>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: adimania, admiller, amurdaca, dwalsh, ichavero, jcajka, jchaloup, lsm5, marianne, miminar, nalin, riek, twoerner, vbatts
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-15 15:17:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Javier Ramirez 2016-11-12 12:07:45 UTC 
Description of problem:

In Fedora 24 after installing and enabling docker, docker container can't resolve public DNS records until you run an "iptables -F"

Version-Release number of selected component (if applicable):
docker-1.10.3-54.gite03ddb8.fc24.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Install and enable docker
2. Run "docker run -it centos curl redhat.com"

Actual results:
# docker run -it centos curl redhat.com
curl: (6) Could not resolve host: redhat.com; Unknown error

Expected results:
dns to be resolved 

Additional info:
Running "iptables -F" solve the issue.

I trying adding the docker0 interface to FedoraWorkstation and/or "trusted" firewalld zones but it did not make any difference.
Comment 1 Javier Ramirez 2016-11-12 12:11:30 UTC 
My initial problem was using "oc cluster up" and trying to build some templates, obviously that also fails as reported here:

https://github.com/openshift/origin/issues/10139

But I think that the problem should be solved by amending firewalld rules, not sure if the component I should select is docker or firewalld though.
Comment 2 Daniel Walsh 2016-11-13 10:27:21 UTC 
This seems like a configuration issue.  We have not had other reports of problems with docker on Fedora 24
Comment 3 Javier Ramirez 2016-11-15 15:17:07 UTC 
I(In reply to Daniel Walsh from comment #2)
> This seems like a configuration issue.  We have not had other reports of
> problems with docker on Fedora 24

Yes, testing in a fresh environment it works fine, so I should check my networkmanager/dnsmasq/firewalld configuration.