concourse: Containers cannot reach external networks/hosts

Bug Report

Worker containers are unable to reach external networks

Steps to Reproduce

https://gist.github.com/TheRevenantStar/024d8a68e4cb47c476109e4aacb0acad

Expected Results

The pipeline to run scuessfully

Actual Results

Repository Check errors with

resource script '/opt/resource/check []' failed: exit status 128

stderr:
Cloning into '/tmp/git-resource-repo-cache'...
fatal: unable to access 'https://gitlab.com/atentousa/aegis.git/': Failed to connect to gitlab.com port 443: Connection timed out

Intercepting the check shows I can use cURL to get the webpage at 192.168.1.100, but not for external addresses. This appears to be specific to containers spawned by concourse, as running a docker container using the docker CLI seems to function just fine.

Additional Context

Running Ubuntu server 18.04 and consul on port 53 (set to use 8.8.8.8 as a recursor to serve DNS correctly)

Version Info

Concourse version: 5.5.1
Deployment type (BOSH/Docker/binary): binary
Did this used to work? Yes, It works on a near identical configuration on another machine.

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 16 (4 by maintainers)

Most upvoted comments

The issue persists in 5.7.2, Ubuntu 16.04, single worker. Please re-open this issue.

95rade on Dec 1, 2019

I have the exact same problem even when running the tutorial, is that any reason why is this closed?

run check step: run check step: check: resource script '/opt/resource/check []' failed: exit status 128

stderr:
Cloning into '/tmp/git-resource-repo-cache'...
fatal: unable to access 'https://github.com/starkandwayne/concourse-tutorial.git/': Could not resolve host: github.com

wellyal on Sep 12, 2020

@vinayakasg18 For errors like could not resolve host it’s likely a DNS issue. See the docs for help https://concourse-ci.org/concourse-worker.html#troubleshooting-and-fixing-dns-resolution

taylorsilva on Apr 18, 2022