Incompatibility with Docker Desktop 4.39.0

[frusznyak]

Docker Desktop 0.39.0 was released yesterday and appears to break docker-mac-net-connect.

Clean installing Docker as well as docker-mac-net-connect doesn't help.

Steps to reproduce:

• Install or upgrade Docker Desktop to Version 0.39.0
• Run the Usage sample in the README

frusznyak@mba ~ % docker run --rm --name nginx -d nginx
d1ef7412b2fe8d4735da959d315ec6702cd68267453d3615727479667af7638d

frusznyak@mba ~ % docker inspect nginx --format '{{.NetworkSettings.IPAddress}}'
172.17.0.2

frusznyak@mba ~ % curl -I 172.17.0.2                   
curl: (28) Failed to connect to 172.17.0.2 port 80 after 75002 ms: Couldn't connect to server

Downgrading to Docker Desktop 0.38.0 helps to make docker-mac-net-connect work again.

Interestingly i can ping the gateway but not the container, so something seems to be working but gets stopped or blocked.

# pinging the container
frusznyak@mba ~ % ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
Request timeout for icmp_seq 0
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 0 packets received, 100.0% packet loss

# pinging the gateway of the utun device
frusznyak@mba ~ % ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1): 56 data bytes
64 bytes from 172.17.0.1: icmp_seq=0 ttl=64 time=1.555 ms
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=1.995 ms
^C
--- 172.17.0.1 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 1.555/1.775/1.995/0.220 ms

I already verified that the socket symlink exists and points to the right location:

frusznyak@mba ~ % ls -al /var/run/docker.sock
lrwxr-xr-x@ 1 root  daemon  40 Mar  6 15:17 /var/run/docker.sock -> /Users/frusznyak/.docker/run/docker.sock

Running the docker-mac-net-connect executable manually to inspect the log output yields no recognisable difference when running it with Docker Desktop version 0.38.0 or 0.39.0 installed. the utun interface is created and events in docker networks are triggering routing changes as expected.

[cenk1cenk2]

I can also confirm this issue reproduced with similar methodology.

[peter-rauscher]

Multiple people on my team can also reproduce this issue - downgrading to Docker Desktop v4.38.0 and restarting the brew service resolved it for me.

[frusznyak]

Using the nat-unprotected option as commented on in the duplicate issue on the same problem, docker-mac-net-connect is working again as expected with Docker Desktop 4.39.0.

networks:
    default:
        driver_opts:
            com.docker.network.bridge.gateway_mode_ipv4: nat-unprotected

(replace default with your network name name if you have customised it to something non-default)

This hint should be added to the README.md.

[frusznyak]

i created a PR here: #50

[vincentjorgensen]

I'm glad I found this issue! I thought I was going crazy. Does anyone know how to add the driver configuration to k3d?

Edit: I figured it out. I create my network like so:

    docker network create "$network"                                          \
      --subnet "$subnet"                                                      \
      --opt "com.docker.network.bridge.gateway_mode_ipv4=nat-unprotected"