Using Docker >= 1.10 breaks HTTPs

asked 2016-06-24 08:13:52 -0500

stieler-it gravatar image

Hi,

we're experimenting with OpenStack and encountered a strange issue:

Https requests from inside a Docker container do not work if we are using a combination of OpenStack and Docker >= 1.10. Without OpenStack or with older Docker versions there are no problems. Disabling Docker's network virtualization with --net="host" improves it, but not for the Java app we are trying to host. Plain HTTP works without problems.

The easiest way to reproduce is to spawn a new VM (we tried Ubuntu 14, Ubuntu 16 and CoreOS), and create an Ubunut container that tries to open a HTTPs connection. E.g. docker start ubuntu apt-get update. Fetching the packet list does not work at all.

Related links / cross-posts:

  • http://stackoverflow.com/questions/35300497/docker-container-not-connecting-to-https-endpoints (http://stackoverflow.com/questions/35...)
  • http://serverfault.com/questions/785768/https-request-fails-in-docker-1-10-with-virtualized-network (http://serverfault.com/questions/7857...)
  • https://bugs.launchpad.net/neutron/+bug/1595762 (https://bugs.launchpad.net/neutron/+b...)
  • https://github.com/docker/docker/issues/20178 (https://github.com/docker/docker/issu...)
edit retag flag offensive close merge delete