Docker 容器可以访问互联网但不能访问本地网络
[英]Docker container has access to internet but not the local network
问题描述
I have a windows docker container running on win server 2016
我有一个在 win server 2016 上运行的 windows docker 容器
The the site running in the container is accessible from other nodes on the network.容器中运行的站点可以从网络上的其他节点访问。
The container has access to the internet (it can access 3rd party nodes external to the network), but it is unable to connect to other nodes in the network.容器可以访问互联网(它可以访问网络外部的第 3 方节点),但无法连接到网络中的其他节点。
When an app running in the container tries to access a service on another machine in the network (machine_name) it gets the following error:当容器中运行的应用程序尝试访问网络中另一台机器上的服务 (machine_name) 时,它会收到以下错误:
The remote name could not be resolved: machine_name
When the app tries to connect to a database on the network:当应用程序尝试连接到网络上的数据库时:
A network-related or instance-specific error occurred while establishing a connection
So it looks like the container does not have access or cannot find the machines on intranet所以看起来容器没有访问权限或在内网上找不到机器
I ran docker exec -ti e87633560c6c ipconfig /all and got the following:我运行docker exec -ti e87633560c6c ipconfig /all并得到以下信息:
Windows IP Configuration
Host Name . . . . . . . . . . . . : gmsa_acct
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter vEthernet (Container NIC 0b35fe9f):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
Physical Address. . . . . . . . . : 00-15-5D-30-F4-1D
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7939:903e:141f:5c98%24(Preferred)
IPv4 Address. . . . . . . . . . . : 172.22.223.136(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . : 172.22.208.1
DNS Servers . . . . . . . . . . . : 172.22.208.1
10.xxx
10.xxx
NetBIOS over Tcpip. . . . . . . . : Disabled
I ran this command in the machine that the container is running on我在容器运行的机器上运行了这个命令
docker exec e87633560c6c nltest /sc_verify:mydomain.com
Flags: b0 HAS_IP HAS_TIMESERV
Trusted DC Name \\D1dns01.mydomain.com
Trusted DC Connection Status Status = 0 0x0 NERR_Success
Trust Verification Status = 0 0x0 NERR_Success
The command completed successfully
The strange thing is that the same container ran on another host without any issues.奇怪的是,同一个容器在另一台主机上运行没有任何问题。 We are now trying to run it on a new host and are getting the above issues.我们现在正在尝试在新主机上运行它并遇到上述问题。
Any help is appreciated.任何帮助表示赞赏。
Thanks.谢谢。
EDIT: I am able to connect via the IP address and not the machine name.编辑:我能够通过 IP 地址而不是机器名称进行连接。 How can I connect via the machine name?如何通过机器名称连接?
3 个解决方案
解决方案1
1 2020-09-30 22:51:59
When Docker create a network for its running container, as default it create a NATed network of type bridge .当 Docker 为其运行的容器创建网络时,默认情况下它会创建类型为bridge的 NATed 网络。 You can fine more detail about your container's network with the command docker network ls , the results it's like these:您可以使用命令docker network ls更详细地了解您的容器docker network ls ,结果如下所示:
NETWORK ID NAME DRIVER SCOPE
17e324f45964 bridge bridge local
6ed54d316334 host host local
7092879f2cc8 none null local
You can try with "host" network configuration:您可以尝试使用“主机”网络配置:
If you use the host network mode for a container, that container's network stack is not isolated from the Docker host (the container shares the host's networking namespace), and the container does not get its own IP-address allocated.
解决方案2
0 2020-10-08 05:16:40
The issue is your DNS settings are not working.问题是您的 DNS 设置不起作用。 It looks like a lot of reports are out there of similar issues with Docker on Windows (see here ).看起来很多关于 Windows 上 Docker 的类似问题的报告(请参阅此处)。 But here are a few options to try:但这里有几个选项可以尝试:
- Step up to latest docker version (if you're not there already)升级到最新的 docker 版本(如果你还没有)
- Resetting to factory settings (see here )重置为出厂设置(请参阅此处)
- Assigning a static DNS server through your daemon.json file, for example:通过 daemon.json 文件分配静态 DNS 服务器,例如:
"dns" : ["8.8.8.8"]
解决方案3
0 2020-10-08 19:16:14
As mentioned in @a_manfrinati answer, the default network brige is used by a new container.正如@a_manfrinati 回答中提到的,默认网络brige由新容器使用。 In your case it looks both nodes are not running on same network.在您的情况下,看起来两个节点都没有在同一网络上运行。
Try creating a network first and then adding nodes later to it:尝试先创建一个网络,然后再向其中添加节点:
$ docker network create my_new_network
$ docker container run -d --name node1 --network my_new_network node1
$ docker container run -d --name node2 --network my_new_network node2
Also note that the DNS name will be same as the container name.另请注意,DNS 名称将与容器名称相同。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.