Docker For Windows - 部署在容器上的Java应用程序在调用另一个容器上部署的另一个Java应用程序时会收到连接拒绝错误

时间:2017-01-25 12:20:31

标签: spring docker netflix-eureka spring-cloud-netflix docker-windows

我使用的是旧版本的Docker Toolbox for Windows,因此我将其卸载并安装了最新的稳定版Docker for Windows。

我有两个在自己的容器上运行的Java应用程序:

两个应用程序中都使用

Dockerfile

FROM frolvlad/alpine-oraclejdk8:slim
VOLUME /tmp
ADD archimedes-0.0.1-SNAPSHOT.jar app.jar
RUN sh -c 'touch /app.jar'
ENV JAVA_OPTS="-Xms750m -Xmx750m"
ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar /app.jar" ]

我修改了我的Windows / etc / hosts 以使archimedes1 \ 2映射127.0.0.1(使用之前的Docker Toolbox映射192.168.99.100):

127.0.0.1           archimedes1
127.0.0.1           archimedes2

这就是我启动容器的方法(注意使用--add-host使容器知道主机名):

docker run -e "SPRING_PROFILES_ACTIVE=archimedes1" -p 8761:8761 --name archimedes1 --add-host archimedes1:127.0.0.1 --add-host archimedes2:127.0.0.1 -d storyteller/archimedes 
docker run -e "SPRING_PROFILES_ACTIVE=archimedes2" -p 8762:8762 --name archimedes2 --add-host archimedes1:127.0.0.1 --add-host archimedes2:127.0.0.1 -d storyteller/archimedes

这个与Docker Toolbox一起工作但是因为我安装了Docker for Windows容器,当彼此联系时显示连接被拒绝错误。在这种情况下,archimedes2尝试调用archimedes1:

2017-01-25 13:10:27.406 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.MonitoredConnectionManager  : Get connection: {}->http://archimedes1:8761, timeout = 200
2017-01-25 13:10:27.406 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.NamedConnectionPool         : [{}->http://archimedes1:8761] total kept alive: 0, total issued: 0, total allocated: 0 out of 1000
2017-01-25 13:10:27.406 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.NamedConnectionPool         : No free connections [{}->http://archimedes1:8761][null]
2017-01-25 13:10:27.406 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.NamedConnectionPool         : Available capacity: 500 out of 500 [{}->http://archimedes1:8761][null]
2017-01-25 13:10:27.406 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.NamedConnectionPool         : Creating new connection [{}->http://archimedes1:8761]
2017-01-25 13:10:27.407 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.MonitoredConnectionManager  : Released connection is not reusable.
2017-01-25 13:10:27.407 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.NamedConnectionPool         : Releasing connection [{}->http://archimedes1:8761][null]
2017-01-25 13:10:27.407 DEBUG 5 --- [t_archimedes1-2] c.n.d.shared.NamedConnectionPool         : Notifying no-one, there are no waiting threads
2017-01-25 13:10:27.407 ERROR 5 --- [t_archimedes1-2] c.n.e.cluster.ReplicationTaskProcessor   : Network level connection to peer archimedes1; retrying after delay

com.sun.jersey.api.client.ClientHandlerException: java.net.ConnectException: Connection refused (Connection refused)
        at com.sun.jersey.client.apache4.ApacheHttpClient4Handler.handle(ApacheHttpClient4Handler.java:187) ~[jersey-apache-client4-1.19.1.jar!/:1.19.1]
        at com.netflix.eureka.cluster.DynamicGZIPContentEncodingFilter.handle(DynamicGZIPContentEncodingFilter.java:48) ~[eureka-core-1.4.12.jar!/:1.4.12]
        at com.netflix.discovery.EurekaIdentityHeaderFilter.handle(EurekaIdentityHeaderFilter.java:27) ~[eureka-client-1.4.12.jar!/:1.4.12]
        at com.sun.jersey.api.client.Client.handle(Client.java:652) ~[jersey-client-1.19.1.jar!/:1.19.1]
        at com.sun.jersey.api.client.WebResource.handle(WebResource.java:682) ~[jersey-client-1.19.1.jar!/:1.19.1]
        at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74) ~[jersey-client-1.19.1.jar!/:1.19.1]
        at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:570) ~[jersey-client-1.19.1.jar!/:1.19.1]
        at com.netflix.eureka.transport.JerseyReplicationClient.submitBatchUpdates(JerseyReplicationClient.java:116) ~[eureka-core-1.4.12.jar!/:1.4.12]
        at com.netflix.eureka.cluster.ReplicationTaskProcessor.process(ReplicationTaskProcessor.java:71) ~[eureka-core-1.4.12.jar!/:1.4.12]
        at com.netflix.eureka.util.batcher.TaskExecutors$BatchWorkerRunnable.run(TaskExecutors.java:187) [eureka-core-1.4.12.jar!/:1.4.12]
        at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]
Caused by: java.net.ConnectException: Connection refused (Connection refused)

我开始进入容器并从archimedes2的容器中ping archimedes1并且它会回答

-> docker exec -it archimedes2 sh
/ # ping archimedes1
PING archimedes1 (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: seq=0 ttl=64 time=0.072 ms

但是,如果我执行 telnet ,则会拒绝连接:

docker exec -it archimedes2 sh
/ # telnet archimedes1 8761
telnet: can't connect to remote host (127.0.0.1): Connection refused

如果我对自己的容器进行telnet工作:

C:\Users\jinga4x>docker exec -it archimedes2 sh
/ # telnet archimedes2 8762

这里发生了什么?

更新

我还测试了这个:在Windows上启动archimedes1作为普通Java应用程序,在容器中启动archimedes2

Archimedes1 可以联系 archimedes2 ,但 archimedes2 在尝试连接archimedes1时会连接拒绝

更新2:

这是我的docker network inspect bridge信息:

[
    {
        "Name": "bridge",
        "Id": "546e7a5ef627c8d23e8ffdc05911fcae096167a359701fa4ee08ada0f7e1ae7f",
        "Created": "2017-01-25T11:09:27.651777Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Containers": {
            "58634d0c4430895cf0dfbee294c3ea75ca38921441684d614a670421661eb628": {
                "Name": "archimedes2",
                "EndpointID": "b2f40396b4c0f8210ca667d93c7d787296f3dad2d0eb295c31d4f01bfe3b39e1",
                "MacAddress": "02:42:ac:11:00:03",
                "IPv4Address": "172.17.0.3/16",
                "IPv6Address": ""
            },
            "85f70520ad900e729944dc768f8c6951e9221650269b5669a2d0269506a4c16b": {
                "Name": "archimedes1",
                "EndpointID": "651bf095eed639ecc61a24ffdaf2130bddd338f38f42f47a6c54b460c3a979ab",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

archimedes1容器ifconfig:

eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02
          inet addr:172.17.0.2  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:133 errors:0 dropped:0 overruns:0 frame:0
          TX packets:105 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:13158 (12.8 KiB)  TX bytes:345156 (337.0 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:64 errors:0 dropped:0 overruns:0 frame:0
          TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:3200 (3.1 KiB)  TX bytes:3200 (3.1 KiB)

archimedes1 cat etc / hosts:

127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.0.1       archimedes1
127.0.0.1       archimedes2
172.17.0.2      a8045a473784

更新3:

容器可以使用内部私有IP互相访问,但不能使用公共IP(127.0.0.1)。

更新4:

我启动了代理监控archimedes1:22233并将其流量发送到archimedes1:8761。 archimedes2尝试通过代理进行通信,但没有流量到达它。

1 个答案:

答案 0 :(得分:0)

要获取正确的IP地址,您需要使用docker-machine ip

对于适用于Windows 10的新Docker for Windows,请使用docker ps获取容器ID,然后在IPAddress的输出中查找docker inspect $CID$CID ==要检查的容器ID。

背景:Docker无法在Windows上运行容器。 Docker是一个纯Linux软件。它需要一个正在运行的Linux内核才能工作。 Docker for Windows用户使用的解决方法是在您的计算机上安装虚拟机(VirtualBox),模拟整个PC - 包括网卡,硬盘驱动器,CPU和所有东西。较新版本的软件使用类似的Hyper-V。

在虚拟PC内部,安装了完整的Linux和Docker。 Windows工具将连接到该虚拟PC,与内部运行的Docker通信。

实际上,地址127.0.0.1不会离开容器 - 它甚至意味着" Docker正在运行的虚拟PC"。 Ping当然有效,因为每台计算机都响应地址127.0.0.1 - 这并不意味着它与您认为的计算机相同。

[编辑] 文件/etc/hosts看起来不对:

10.0.75.1       archimedes1
10.0.75.1       archimedes2

这是两个不同的容器;他们应该有不同的IP地址。

我认为你docker run中有拼写错误。 --add-host archimedes2:10.0.75.1应为--add-host archimedes2:10.0.75.2