我使用gitlab docker image部署服务,主机上的网址为8080。运行gitlab后,我可以看到端口正常:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b85d87da48df genezys/gitlab:7.5.2 "/bin/sh -c 'gitlab- 25 minutes ago Up 25 minutes 0.0.0.0:2222->22/tcp, 0.0.0.0:8080->80/tcp gitlab_app
netstat命令也可以显示确定:
[root@localhost backup]# netstat -nlp | grep 8080
tcp6 0 0 :::8080 :::* LISTEN 12489/docker-proxy
但是网络浏览器无法成功连接8080(http://10.137.20.112:8080/),tcpdump输出就是这样:
[root@localhost ~]# tcpdump -i enp2s0f1 port 8080 -vv
tcpdump: listening on enp2s0f1, link-type EN10MB (Ethernet), capture size 65535 bytes
02:40:00.808034 IP (tos 0x0, ttl 128, id 4031, offset 0, flags [DF], proto TCP (6), length 52)
perfls15.americas.hpqcorp.net.53178 > 10.137.20.112.webcache: Flags [S], cksum 0x17d1 (correct), seq 997417494, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
02:40:00.808141 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 40)
10.137.20.112.webcache > perfls15.americas.hpqcorp.net.53178: Flags [R.], cksum 0x788a (correct), seq 0, ack 997417495, win 0, length 0
02:40:01.322048 IP (tos 0x0, ttl 128, id 4032, offset 0, flags [DF], proto TCP (6), length 52)
perfls15.americas.hpqcorp.net.53178 > 10.137.20.112.webcache: Flags [S], cksum 0x17d1 (correct), seq 997417494, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
02:40:01.322123 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 40)
10.137.20.112.webcache > perfls15.americas.hpqcorp.net.53178: Flags [R.], cksum 0x788a (correct), seq 0, ack 1, win 0, length 0
02:40:01.821289 IP (tos 0x0, ttl 128, id 4033, offset 0, flags [DF], proto TCP (6), length 48)
......
我不明白为什么主持人总是回复RST,有人能提供一些调试线索吗?
答案 0 :(得分:2)
检查' iptables -L -n'的输出。如果您未在该输出中看到端口8080已打开,则可能需要执行此操作
使用RHEL7,您需要使用firewall-cmd,如下所示
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --reload