如何为Docker容器启用出站连接?
[英]How to enable outbound connections for a Docker container?
问题描述
I have an ASP.NET Core application that is hosted in the Docker cloud (cloud provider is Azure ). 
我有一个托管在Docker cloud的ASP.NET Core应用程序(云提供商是Azure )。 The application uses Hangfire to run recurring jobs in the background, and one of the jobs needs to request data from an external REST API. 该应用程序使用Hangfire在后台运行定期作业,其中一个作业需要从外部REST API请求数据。 I noticed that any attempt at outbound communication fails, and I would like to know, how I can enable it. 我注意到任何出站通信尝试都失败了,我想知道如何启用它。
The deployment consists of some other containers, whereby linked containers (services) can communicate with no problem. 部署由一些其他容器组成,其中链接的容器(服务)可以毫无问题地进行通信。 There is no special network configuration; 没有特殊的网络配置; the default "bridge" mode is used. 使用默认的“桥接”模式。 Do I need to configure something in the container´s image, or do I need to make changes to the network settings... I have no clue. 我是否需要在容器的映像中配置某些内容,或者是否需要更改网络设置...我不知道。
2 个解决方案
解决方案1
2 2017-11-23 08:11:20
There is no special network configuration;
According to your description, it seems you are using a VM and run docker on it. 根据您的描述,您似乎正在使用VM并在其上运行docker。 If you want to access this docker from Internet, we should map docker port to local port, for example: 如果要从Internet访问此docker,我们应该将docker port映射到本地端口,例如:
docker run -d -p 80:80 my_image service nginx start
After we map port 80 to this VM, we should add inbound rules to Azure network security group (NSG), we can follow this article to add it. 在我们将端口80映射到此VM之后,我们应该将入站规则添加到Azure 网络安全组 (NSG),我们可以按照这篇文章添加它。
Also we should add port 80 to OS filewall inbound rules. 我们还应该将端口80添加到OS filewall入站规则中。
Update : 更新 :
Sorry for misunderstand. 很抱歉误会了。
Here is my test, I install docker on Azure VM(Ubuntu 16), then create a centos docker, like this: 这是我的测试,我在Azure VM(Ubuntu 16)上安装docker,然后创建一个centos docker,如下所示:
root@jasonvms:~# docker run -i -t centos bash
Unable to find image 'centos:latest' locally
latest: Pulling from library/centos
d9aaf4d82f24: Pull complete
Digest: sha256:4565fe2dd7f4770e825d4bd9c761a81b26e49cc9e3c9631c58cfc3188be9505a
Status: Downloaded newer image for centos:latest
[root@75f92bf5b499 /]# ping www.google.com
PING www.google.com (172.217.3.100) 56(84) bytes of data.
64 bytes from lga34s18-in-f4.1e100.net (172.217.3.100): icmp_seq=1 ttl=47 time=7.93 ms
64 bytes from lga34s18-in-f4.1e100.net (172.217.3.100): icmp_seq=2 ttl=47 time=8.13 ms
64 bytes from lga34s18-in-f4.1e100.net (172.217.3.100): icmp_seq=3 ttl=47 time=8.15 ms
^C
--- www.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 7.939/8.076/8.153/0.121 ms
[root@75f92bf5b499 /]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=1.88 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=51 time=1.89 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=51 time=1.86 ms
c64 bytes from 8.8.8.8: icmp_seq=4 ttl=51 time=1.87 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=51 time=1.78 ms
64 bytes from 8.8.8.8: icmp_seq=6 ttl=51 time=1.87 ms
^C
--- 8.8.8.8 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5009ms
rtt min/avg/max/mdev = 1.783/1.861/1.894/0.061 ms
[root@75f92bf5b499 /]#
I find it can community with the internet, could you please show me more information about your issue? 我发现它可以通过互联网进行社区化,您能否向我显示有关您的问题的更多信息?
解决方案2
0 2017-11-22 09:51:17
如果您使用独立实例,则在network_security实例组中进行更改并允许出站规则,如果使用ACS,请按照以下链接https://docs.microsoft.com/en-us/azure/container-service/dcos-swarm/container -SERVICE启用公共访问
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.