bind(2)-related syscalls do not work well with nested containers #66
Description
In the following example, nerdctl exec dind docker exec nginx wget -O- http://127.0.0.1 is working as expected, but nerdctl exec dind docker exec nginx wget -O- http://172.17.0.2 is failing with Host is unreachable
$ nerdctl run -d --name dind --annotation nerdctl/bypass4netns=1 --privileged docker:dind
$ nerdctl exec dind docker run -d --name nginx nginx:alpine
$ nerdctl exec dind docker exec nginx wget -O- http://127.0.0.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
[...]
</html>
Connecting to 127.0.0.1 (127.0.0.1:80)
writing to stdout
- 100% |********************************| 615 0:00:00 ETA
written to stdout
$ nerdctl exec dind docker exec nginx ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
$ nerdctl exec dind docker exec nginx wget -O- http://172.17.0.2
Connecting to 172.17.0.2 (172.17.0.2:80)
wget: can't connect to remote host (172.17.0.2): Host is unreachable
FATA[0003] exec failed with exit code 1- nerdctl: v2.0.0-beta.3
- bypass4netns: the current master 2794f7e
Probably the cause is same as:
cc @naoki9911