docker / for-mac

Bug reports for Docker Desktop for Mac
https://www.docker.com/products/docker#/mac
2.44k stars 117 forks source link

Host networking has been disabled because you are not signed in. Please sign in to enable it. #7391

Open NiklasBr opened 2 months ago

NiklasBr commented 2 months ago

Description

Got this notification even though I am logged in to my team account, also the "View More" link is useless.

Screenshot 2024-08-19 at 11 17 54 Screenshot 2024-08-19 at 11 17 58

Reproduce

Open Docker Desktop after a reboot.

Expected behavior

No such error message.

docker version

Client:
 Version:           27.1.1
 API version:       1.46
 Go version:        go1.21.12
 Git commit:        6312585
 Built:             Tue Jul 23 19:54:12 2024
 OS/Arch:           darwin/arm64
 Context:           desktop-linux

Server: Docker Desktop 4.33.0 (160616)
 Engine:
  Version:          27.1.1
  API version:      1.46 (minimum version 1.24)
  Go version:       go1.21.12
  Git commit:       cc13f95
  Built:            Tue Jul 23 19:57:14 2024
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.7.19
  GitCommit:        2bf793ef6dc9a18e00cb12efb64355c2c9d5eb41
 runc:
  Version:          1.7.19
  GitCommit:        v1.1.13-0-g58aa920
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client:
 Version:    27.1.1
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.16.1-desktop.1
    Path:     /Users/nikbr/.docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.29.1-desktop.1
    Path:     /Users/nikbr/.docker/cli-plugins/docker-compose
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.34
    Path:     /Users/nikbr/.docker/cli-plugins/docker-debug
  desktop: Docker Desktop commands (Alpha) (Docker Inc.)
    Version:  v0.0.14
    Path:     /Users/nikbr/.docker/cli-plugins/docker-desktop
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     /Users/nikbr/.docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.25
    Path:     /Users/nikbr/.docker/cli-plugins/docker-extension
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.5
    Path:     /Users/nikbr/.docker/cli-plugins/docker-feedback
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.3.0
    Path:     /Users/nikbr/.docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /Users/nikbr/.docker/cli-plugins/docker-sbom
  scout: Docker Scout (Docker Inc.)
    Version:  v1.11.0
    Path:     /Users/nikbr/.docker/cli-plugins/docker-scout
WARNING: Plugin "/Users/nikbr/.docker/cli-plugins/docker-scan" is not valid: failed to fetch metadata: fork/exec /Users/nikbr/.docker/cli-plugins/docker-scan: no such file or directory

Server:
 Containers: 13
  Running: 12
  Paused: 0
  Stopped: 1
 Images: 31
 Server Version: 27.1.1
 Storage Driver: overlayfs
  driver-type: io.containerd.snapshotter.v1
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 2bf793ef6dc9a18e00cb12efb64355c2c9d5eb41
 runc version: v1.1.13-0-g58aa920
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
  cgroupns
 Kernel Version: 6.10.0-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: aarch64
 CPUs: 9
 Total Memory: 23.44GiB
 Name: docker-desktop
 ID: 4bacd5ea-52d7-4544-a700-b29136ca8a38
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Labels:
  com.docker.desktop.address=unix:///Users/nikbr/Library/Containers/com.docker.docker/Data/docker-cli.sock
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: daemon is not using the default seccomp profile

Diagnostics ID

39263439-8ED3-425A-A6C1-A4B1DD929F05/20240819092053

Additional Info

No response

aheck commented 2 months ago

Does the feature work anyway?

When you start a container with docker run -it --net=host --rm nicolaka/netshoot nc -lkv 0.0.0.0 8000 in one terminal and try to connect to it in another terminal with nc 127.0.0.1 8000 do you get a "connection refused" error or can you enter text that then appears in the other terminal?

NiklasBr commented 2 months ago

Host networking seems to be working, yes.

NiklasBr commented 2 months ago

@jpbriend I see you consider it fixed, but if it is fixed how do I stop the notification from consistently appearing?

jpbriend commented 2 months ago

Hi @NiklasBr , here is the sequence of events which probably happens on your laptop:

Notifications can not currently be disabled (they are kind of fire-and-forget). We are working on a fix to improve this kind of race condition.

You can safely ignore the notification.

NiklasBr commented 2 months ago
  • your laptop restarts
  • Docker Desktop starts before wifi connects because the computer is fast (faster than wifi connecting)
  • Wifi finally connects.

I use a desktop computer, connected with Ethernet.

  • Docker Desktop is configured to automatically start at startup

It is configured to not start at computer startup/login.

  • Docker Desktop can not connect and considers the user not yet signed in because entitlement can not be downloaded (no network connectivity yet).
  • Docker Desktop automatically reconnects because network connectivity is detected.
  • Host networking is re-enabled because entitlement is ✅ .
  • Host networking checks for entitlement at startup. It is not found and disables itself. A notification is sent to the notification center.

I assumed Docker Desktop should wait until it is actually ready to check for things like that rather than being so eager in throwing an incorrect error, I have now turned off "Access experimental features" so why does it still happen?

All these incorrect(?) notifications such as this one, the "something changed your configuration" (which cannot be fixed), the "log in again" (which I am according to the CLI) are really annoying. It's a pattern, and I hope they are not an indication of some deeper issue with the Docker codebase.

jpbriend commented 2 months ago

Can you share with us what you see in the Experimental Feature screen? Can you also confirm you previously enabled Host Networking option once?

Notification system revamp is in our backlog, we are aware it's not ideal (even from our point of view as DD developers).

I would also be interested in your notification regarding SignIn. Would you mind creating another issue and tagging me in it? I will have a deeper look and see if the issue is solved with the incoming changes in the CLI.

NiklasBr commented 2 months ago

I don't think I have ever enabled Host Networking.

Screenshot 2024-08-26 at 11 02 55

jpbriend commented 2 months ago

Oh my bad, it is in Beta Features now (the first tab).

I see you may soon run out of disk space in the VM. Maybe run some docker prune commands to do some cleanup. The Docker build cache can take a lot of space and be annoying.

NiklasBr commented 2 months ago

Screenshot 2024-08-26 at 11 16 00

I'm running these regularly:

docker image prune -a -f --filter "until=240h"
docker container prune -f --filter "until=24h"
docker volume prune -f --filter "label!=keep"
jpbriend commented 2 months ago

Thank you that is useful.

Can you give us the content of the settings file for HostNetworking? You can get it with this commandline: cat ~/Library/Group\ Containers/group.com.docker/settings.json | grep -i hostnetworking

If hostNetworkingPreferEnabled is set to true, then shutdown Docker Desktop, edit the file and set the value to false. After that, restart Docker Desktop. Your issue with the notification should be gone. We'll issue the bug with this flag if you can confirm us it was set to true in your local file.

NiklasBr commented 2 months ago
  "hostNetworkingEnabled": false,
  "hostNetworkingPreferEnabled": false,
jpbriend commented 2 months ago

Is this notification bug happening every time you restart Docker Desktop? Can you check that the notification is always a new one? Notifications will persist across restarts and a timestamp indication is displayed at the bottom of the notification. It indicates Just now when the notification was triggered less than a few minutes ago.

Docker Desktop does not remove notifications until you click on the "trash" icon displayed when the mouse hovers the notification:

image