为什么我不能暴露portainer代理端口9001?

时间:2018-11-24 08:47:52

标签: docker docker-compose docker-swarm portainer

我正在尝试在集群群集中公开portainer代理程序端口9001,以便从外部portainer进行访问,它以“全局”模式部署。

以下docker-compose文件有效:

version: "3.2"
services:
  agent:
    image: "portainer/agent:1.1.2"
    environment:
      AGENT_CLUSTER_ADDR: tasks.agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
      - priv_portainer
    deploy:
      mode: global

networks:
  priv_portainer:
    driver: overlay

然后,当我尝试公开端口9001时,堆栈启动,但是出现日志错误,并且portainer无法连接这些代理:

version: "3.2"
services:
  agent:
    image: "portainer/agent:1.1.2"
    environment:
      AGENT_CLUSTER_ADDR: tasks.agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    ports:
      - "9001:9001"
    networks:
      - priv_portainer
    deploy:
      mode: global

networks:
  priv_portainer:
    driver: overlay

具有另一个端口的事件:

ports:
  - "19001:9001"

即使端口无关:

ports:
  - "12345:54321"

编辑

来自堆栈的日志:

portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: b6040a1ccc2a 10.255.0.13 portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:50 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true) portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: c6c277e3f60b 10.255.0.11 portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: 3e290151a5eb 10.255.0.12 portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.12:7946: write udp [::]:7946->10.255.0.12:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.12:7946: write udp [::]:7946->10.255.0.12:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: 3e290151a5eb 10.255.0.12 portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: b6040a1ccc2a 10.255.0.13 portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: c6c277e3f60b 10.255.0.11 portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true) portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: c6c277e3f60b 10.255.0.11 portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: b6040a1ccc2a 10.255.0.13 portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:50 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true) portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: 3e290151a5eb 10.255.0.12 portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.12:7946: write udp [::]:7946->10.255.0.12:7946: sendto: operation not permitted

当我替换时:

ports:
  - "9001:9001"

使用:

- target: 9001
  published: 9001
  protocol: tcp
  mode: host

这行得通,为什么host模式可以解决此问题?

0 个答案:

没有答案
相关问题
最新问题