堆栈内存溢出
  简体   繁体   English

从主机到 docker 容器没有网络

[英]No networking from host to docker container

 原文  2020-03-27 21:57:20       docker/ centos/ centos7/ docker-networking/ docker-network

问题描述

I have a CentOS 7.2 host running Docker 19.03.我有一台运行 Docker 19.03 的 CentOS 7.2 主机。 All docker containers are in a bridge network (172.18.0.0/16).所有 docker 容器都在桥接网络 (172.18.0.0/16) 中。 From the host I can ping the gateway (172.18.0.1) but not my containers (172.18.0.2 and 172.18.0.3).从主机我可以 ping 网关 (172.18.0.1) 但不能 ping 我的容器 (172.18.0.2 和 172.18.0.3)。 And from my containers I can also ping the gateway but not my host.从我的容器中,我也可以 ping 网关,但不能 ping 我的主机。

The bridge network has basically the default configuration.桥接网络基本都有默认配置。 But is there something else I'm missing?但是还有什么我想念的吗?

1 个解决方案

解决方案1
 3 已采纳  2020-03-28 04:56:47

Docker uses iptables and a kernel module called br_netfilter to manage inter-container networking. Docker 使用iptables和一个名为br_netfilter的内核模块来管理容器间网络。 When the Docker daemon starts, it creates a variety of IPTables rules it required to operate.当 Docker 守护进程启动时,它会创建运行所需的各种 IPTables 规则。 And every time a new container is provisioned additional rules are created and manipulated.每次供应新容器时,都会创建和操作额外的规则。 If iptables is in a weird state, has been modified by you, or is not installed this could cause your issue.如果 iptables 处于异常状态、已被您修改或未安装,这可能会导致您的问题。

I mentioned br_netfilter above.我在上面提到了br_netfilter Operates in a similar way.以类似的方式操作。 You can confirm the kernel module is loaded with the lsmod command.您可以使用lsmod命令确认内核模块已加载。 EG: lsmod | grep br_netfilter EG: lsmod | grep br_netfilter lsmod | grep br_netfilter . lsmod | grep br_netfilter If it is not loaded, then you can load it with modprobe.如果没有加载,那么你可以用 modprobe 加载它。 EG: modprobe br_netfilter . EG: modprobe br_netfilter If it is not available, then the kernel module is not installed in your compiled kernel.如果它不可用,则内核模块未安装在您编译的内核中。 If you succeed in running modprobe to load the module, then you will need to modify /etc/modprobe.conf or drop a file in /etc/modprobe.d to ensure persistence of kernel modules between reboots.如果您成功运行modprobe来加载模块,那么您将需要修改/etc/modprobe.conf或在/etc/modprobe.d放置一个文件,以确保内核模块在重新启动之间的持久性。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Docker组成的网络,从容器访问主机端口 - Docker-compose networking, access host port from container Docker 网络,从 Windows 主机连接到 linux 容器 - Docker networking, connecting to linux container from windows host 在具有桥接网络的Docker容器中映射主机的/ etc / hosts - Map host's /etc/hosts in a Docker container having bridge networking 如何将Selenium独立Docker容器与主机网络正确链接? - How to link selenium standalone docker container properly with host networking? 用于Mac容器的Docker托管网络-领事健康检查拒绝连接 - Docker for Mac Container to Host Networking - Consul Health Checks Connection Refused Docker for Mac主机网络 - Docker for Mac Host Networking 多主机:Docker网络 - Multi Host : Docker Networking 从 docker 容器在主机上运行 docker 容器 - Running a docker container on the host from a docker container 使用network_mode:“主机”公开由docker组成的容器,并使容器与容器联网 - Expose a docker composed container with network_mode: “host” and keep container to container networking 从容器连接到 docker 主机 - Connect to docker host from container
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM