docker-compose服务内部没有互联网 | compose服务内部没有互联网

本文介绍了docker-compose服务内部没有互联网的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我无法从docker-compose容器访问外部网络.

考虑以下docker-compose文件:

Consider the following docker-compose file:

version: '2'
services:
    nginx:
      image: nginx

使用简单的 docker run -it nginx bash ，我设法访问了外部IP或Internet IP( ping www.google.com ).

Using the simple docker run -it nginx bash I manage to reach external IPs or Internet IPs (ping www.google.com).

另一方面，如果我使用docker-compose并附加到容器，则无法访问外部IP地址/DNS.

On the other hand if I use docker-compose and attach to the container, I cannot reach external IP addresses / DNS.

码头工人信息:

Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 1
Server Version: 1.12.1
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 7
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge null host overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options: apparmor seccomp
Kernel Version: 4.4.0-38-generic
Operating System: Ubuntu 16.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.859 GiB
Name: ***
ID: ****
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
 127.0.0.0/8

docker-compose 1.8.1，内部版本878cff1

docker-compose 1.8.1, build 878cff1

daemon.json文件:

daemon.json file:

{
  "iptables" : false,
  "dns" : ["8.8.8.8","8.8.4.4"]
}

推荐答案

上次遇到这样的问题时，我是这样解决的:

The last time I had a problem like that, I solved it like this:

https://github.com/docker/docker/issues/866#issuecomment-19218300

pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
docker -d

这将迫使docker重新创建网桥并重新初始化所有网络规则.

It will force docker to recreate the bridge and reinit all the network rules.

由于这种情况的发生原因，我没有好的答案.但是我最近确实将问题追溯到了 journald .当我重新启动 journald 时(例如，因为更改了它的配置)，docker-compose容器内的DNS解析始终如一地/可重复地中断了.我不知道为什么会这样，我只能说这是我在RHEL上重现它的可靠方法.

As for reasons why this happens, I don't have good answers. But I did recently trace the problem back to journald. When I restart journald (for example because I changed its config), DNS resolution inside docker-compose containers consistently/reproducibly breaks. I don't know why exactly, I can only say that this is a reliable way for me to reproduce it on RHEL.

编辑 docker -d 命令可能不适用于您，具体取决于您使用的Docker版本，但不用担心，您可以忽略该命令

EDIT The docker -d command might not work for you based on the version of docker you are using but don't worry about it, you can omit that command.

这篇关于docker-compose服务内部没有互联网的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！