docker容器內無http / https連接

Question

我對主機runnig docker容器有問題。 在將docker升級到17.09 ce之后，我在docker容器內失去了連接：

root@21a3edc71e4e:/# apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu xenial InRelease
Ign:2 http://archive.ubuntu.com/ubuntu xenial-updates InRelease
0% [Waiting for headers]^C              




 wget http://..../media/cache/8b/44/thumb3_HP_Color_LaserJet_Pro_M252dw.jpg
--2017-11-29 11:18:31--  http://www...../media/cache/8b/44/thumb3_HP_Color_LaserJet_Pro_M252dw.jpg
Resolving www.toner1.bg (www.toner1.bg)... 91.215.216.25
Connecting to www.toner1.bg (www.toner1.bg)|91.215.216.25|:80... connected.
HTTP request sent, awaiting response... ^C

Ping正在運行，但DNS正常：

root@21a3edc71e4e:/# ping dir.bg
PING dir.bg (194.145.63.12): 56 data bytes
64 bytes from 194.145.63.12: icmp_seq=0 ttl=53 time=35.621 ms
64 bytes from 194.145.63.12: icmp_seq=1 ttl=53 time=35.674 m

Docker信息：

docker info
Containers: 12
 Running: 0
 Paused: 0
 Stopped: 12
Images: 6
Server Version: 17.09.0-ce
Storage Driver: devicemapper
 Pool Name: docker-253:1-1039697-pool
 Pool Blocksize: 65.54kB
 Base Device Size: 10.74GB
 Backing Filesystem: xfs
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data Space Used: 7.693GB
 Data Space Total: 107.4GB
 Data Space Available: 20.39GB
 Metadata Space Used: 6.316MB
 Metadata Space Total: 2.147GB
 Metadata Space Available: 2.141GB
 Thin Pool Minimum Free Space: 10.74GB
 Udev Sync Supported: true
 Deferred Removal Enabled: true
 Deferred Deletion Enabled: true
 Deferred Deleted Device Count: 0
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.110 (2015-10-30)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
runc version: 3f2f8b84a77f73d38244dd690525642a72156c64
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-101-generic
Operating System: Ubuntu 16.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.859GiB
Name: bamboo-builder-20-shared
ID: TV3Q:SEG5:YVQP:2BWO:UDH6:MR27:RSCZ:N5B7:EK7P:NFW5:7F3D:CRBZ
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: devicemapper: usage of loopback devices is strongly discouraged for production use.
         Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
WARNING: No swap limit support

我正在運行Ubuntu 16.04 iptables：

iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DOCKER     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DOCKER     all  --  anywhere            !loopback/8           ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  172.17.0.0/16        anywhere            

Chain DOCKER (2 references)
target     prot opt source               destination         
RETURN     all  --  anywhere             anywhere

ufw處於非活動狀態，我已經重新安裝了docker-ce，問題仍然存在。 有什么建議么？

Answer 1

我已經通過添加到主機解決了該問題：

iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

但是不確定為什么需要這樣做。

docker容器內無http / https連接

問題描述

1 個解決方案

解決方案1
2 2017-11-29 15:20:30

docker容器內無http / https連接

問題描述

1 個解決方案

解決方案1 2 2017-11-29 15:20:30

解決方案1
2 2017-11-29 15:20:30