forked from wolfsoftwaresystemsltd/WolfStack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdebug_wolfnet_docker.sh
More file actions
executable file
·138 lines (119 loc) · 5.09 KB
/
debug_wolfnet_docker.sh
File metadata and controls
executable file
·138 lines (119 loc) · 5.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/bin/bash
# Written by Paul Clevett
# (C)Copyright Wolf Software Systems Ltd
# https://wolf.uk.com
#
# WolfNet Docker Networking Diagnostic Script
# Run this ON THE SERVER where Docker containers are running
echo "============================================"
echo " WolfNet Docker Networking Diagnostics"
echo "============================================"
echo ""
# 1. Find running Docker containers with WolfNet IPs
echo "=== Running Docker containers ==="
docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" 2>/dev/null
echo ""
# 2. Find containers with wolfnet labels
echo "=== Containers with WolfNet IPs ==="
for c in $(docker ps -q 2>/dev/null); do
name=$(docker inspect --format '{{.Name}}' "$c" | sed 's/^\//')
wip=$(docker inspect --format '{{index .Config.Labels "wolfnet.ip"}}' "$c" 2>/dev/null)
bridge_ip=$(docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$c")
mac=$(docker inspect --format '{{.NetworkSettings.MacAddress}}' "$c")
if [ -n "$wip" ]; then
echo " Container: $name"
echo " WolfNet IP: $wip"
echo " Bridge IP: $bridge_ip"
echo " MAC: $mac"
echo ""
fi
done
# 3. Check routes
echo "=== Host routes for 10.10.10.x ==="
ip route show | grep 10.10.10
echo ""
# 4. Check ARP/neighbor table for docker0
echo "=== Neighbor table for docker0 ==="
ip neigh show dev docker0
echo ""
# 5. Check iptables FORWARD
echo "=== iptables FORWARD chain ==="
iptables -L FORWARD -n -v --line-numbers 2>/dev/null | head -30
echo ""
# 6. Check Docker isolation rules
echo "=== Docker ISOLATION rules ==="
iptables -L DOCKER-ISOLATION-STAGE-1 -n -v 2>/dev/null
iptables -L DOCKER-ISOLATION-STAGE-2 -n -v 2>/dev/null
echo ""
# 7. Check sysctl
echo "=== Sysctl settings ==="
sysctl net.ipv4.ip_forward
sysctl net.ipv4.conf.docker0.proxy_arp 2>/dev/null
echo ""
# 8. Check if container has the IP inside
echo "=== Container internal networking ==="
for c in $(docker ps -q 2>/dev/null); do
name=$(docker inspect --format '{{.Name}}' "$c" | sed 's/^\//')
wip=$(docker inspect --format '{{index .Config.Labels "wolfnet.ip"}}' "$c" 2>/dev/null)
if [ -n "$wip" ]; then
echo " Container: $name (WolfNet: $wip)"
echo " --- ip addr show eth0 ---"
docker exec "$name" ip addr show eth0 2>/dev/null
echo " --- ip route ---"
docker exec "$name" ip route 2>/dev/null
echo ""
fi
done
# 9. Try to ping bridge IP
echo "=== Test: ping container bridge IP ==="
for c in $(docker ps -q 2>/dev/null); do
name=$(docker inspect --format '{{.Name}}' "$c" | sed 's/^\//')
bridge_ip=$(docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$c")
wip=$(docker inspect --format '{{index .Config.Labels "wolfnet.ip"}}' "$c" 2>/dev/null)
if [ -n "$wip" ] && [ -n "$bridge_ip" ]; then
echo " Pinging $name at bridge IP $bridge_ip..."
ping -c 1 -W 2 "$bridge_ip" 2>&1 | tail -2
echo ""
fi
done
# 10. Try manual fix
echo "============================================"
echo " Attempting manual fix..."
echo "============================================"
for c in $(docker ps -q 2>/dev/null); do
name=$(docker inspect --format '{{.Name}}' "$c" | sed 's/^\//')
wip=$(docker inspect --format '{{index .Config.Labels "wolfnet.ip"}}' "$c" 2>/dev/null)
bridge_ip=$(docker inspect --format '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' "$c")
mac=$(docker inspect --format '{{.NetworkSettings.MacAddress}}' "$c")
if [ -n "$wip" ] && [ -n "$bridge_ip" ] && [ -n "$mac" ]; then
echo ""
echo "Container: $name | WolfNet: $wip | Bridge: $bridge_ip | MAC: $mac"
# Add IP inside container
echo " [1] Adding $wip/32 to container eth0..."
docker exec "$name" ip addr add "$wip/32" dev eth0 2>&1 || echo " (already exists)"
# Add static neighbor entry
echo " [2] Adding static ARP: $wip -> $mac on docker0..."
ip neigh replace "$wip" lladdr "$mac" dev docker0 nud permanent
ip neigh show "$wip" dev docker0
# Delete old route and add new one
echo " [3] Adding route: $wip/32 dev docker0..."
ip route del "$wip/32" 2>/dev/null
ip route add "$wip/32" dev docker0
ip route show | grep "$wip"
# Enable forwarding
sysctl -w net.ipv4.ip_forward=1 > /dev/null
sysctl -w net.ipv4.conf.docker0.proxy_arp=1 > /dev/null
# Test ping
echo " [4] Testing ping to $wip..."
ping -c 2 -W 2 "$wip" 2>&1
echo ""
# If that failed, try pinging bridge IP to confirm basic connectivity
echo " [5] Testing ping to bridge IP $bridge_ip..."
ping -c 1 -W 2 "$bridge_ip" 2>&1 | tail -2
echo ""
fi
done
echo "============================================"
echo " WolfStack journal logs (last 20 WolfNet-related lines):"
echo "============================================"
journalctl -u wolfstack --no-pager -n 100 2>/dev/null | grep -i "wolfnet\|wolfd\|route\|mac\|bridge\|container.*routed" | tail -20