When I tried to
apt-get update
in a container based on ubuntu.
I got an error like this.
Temporary failure resolving 'archive.ubuntu.com'.
When I tried to ping the ip of 'archive.ubuntu.com', it's ok.
But when I tried to ping 'archive.ubuntu.com', it showed me
uknown host archive.ubuntu.com
So I tried several ways I can find on the internet, like this.
echo "91.189.92.201 archive.ubuntu.com" >> /etc/hosts
Then I can ping 'archive.ubuntu.com'
But other websites are still not linkable by name.
I tried to add a line to /etc/default/docker, like this
DOCKER_OPTS="--dns 8.8.8.8 --dns 114.114.114.114 --dns 8.8.4.4"
Then i restart docker service, and attach to the container, to see this
cat /etc/resolv.conf
and the results
root@d9d5bbdb11de:/# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 8.8.8.8
nameserver 8.8.4.4
I don't know if that works for it.
ps, i can ping 8.8.8.8, 114.114.114.114, 8.8.4.4.
For some reasons, I tried to figure it out where it is a firewall problem, so i used iptables out of the containers.
iptables-save.
And here are the results when I iptables-save out of containers.
wjy@wjy-VirtualBox:~$ sudo iptables-save [sudo] wjy 的密码:
# Generated by iptables-save v1.6.0 on Sat Mar 4 16:06:53 2017
*nat :PREROUTING ACCEPT [28:1772] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [253:15867] :POSTROUTING ACCEPT [253:15867] :DOCKER - [0:0]
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A DOCKER -i docker0 -j RETURN COMMIT
# Completed on Sat Mar 4 16:06:53 2017
# Generated by iptables-save v1.6.0 on Sat Mar 4 16:06:53 2017
*filter :INPUT ACCEPT [1211:567114] :FORWARD DROP [0:0] :OUTPUT ACCEPT [1254:152567] :DOCKER - [0:0] :DOCKER-ISOLATION - [0:0]
-A FORWARD -j DOCKER-ISOLATION
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER-ISOLATION -j RETURN COMMIT
# Completed on Sat Mar 4 16:06:53 2017
It may be a host, dns or iptable problem. But I don't know what to do to make all my containers resolve the website names and link to the internet. If you met the similar situation or know how to solve it, please do me a favour. Thanks a lot.
I experimented exactly that error staying behind a proxy on the host machine. I mean, if your docker host machine have set proxy settings. I'll explain how I solved it, maybe could be useful to you if is your case or useful to others.
There are 3 places to configure proxy settings:
It depends of the OS, usually you can put http_proxy=http://yourproxy:port/
at /etc/environment
You must create folder and file at /etc/systemd/system/docker.service.d/http-proxy.conf
containing:
[Service]
Environment="HTTP_PROXY=http://yourproxy:port/"
Dockerfile
to build it!! Example of Dockerfile:
FROM ubuntu:latest
ENV HTTP_PROXY http://yourproxy:port/
RUN apt-get update
Maybe this is your problem like mine was.
My advise is don't touch iptables and don't touch DNS. Recreating containers docker do the needed jobs itself automatically. If you need to touch there, something went wrong. Only be sure to have internet access fully working on docker host machine.
Good luck.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.