我无法联系在RHEL 7中运行的RHEL 7 docker容器。问题出现在来自同一网络中的其他计算机。 主机可以联系其自己的Docker容器中运行的烧瓶服务器。容器是裸金属,没有firewalld
或iptables
。
我docker-compose
连接mysql:latest
图片和裸金属rhel7
正在运行的python烧瓶。我有一台运行在同一RHEL 7主机上的mysql服务器,我可以nc
完全可以从同一网络中的另一台计算机上运行它。我没有关于特定rhel图像是如何构建的信息,也没有关闭它的信息,所以我必须解决这个问题,但mysql
图像来自registry.access.redhat.com
。
某些私人信息被???
$ docker info
Containers: 22
Running: 2
Paused: 0
Stopped: 20
Images: 67
Server Version: 1.12.6
Storage Driver: devicemapper
Pool Name: docker-253:1-117440691-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 13.65 GB
Data Space Total: 107.4 GB
Data Space Available: 89.54 GB
Metadata Space Used: 15.32 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.132 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: true
Deferred Deletion Enabled: true
Deferred Deleted Device Count: 0
Data loop file: ???
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: ???
Library Version: 1.02.140-RHEL7 (2017-05-03)
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge null host overlay
Authorization: rhel-push-plugin
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Security Options: seccomp selinux
Kernel Version: 3.10.0-693.1.1.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.4 (Maipo)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 2
Total Memory: 11.58 GiB
Name: ???
ID: ???
Docker Root Dir: ???
Debug Mode (client): false
Debug Mode (server): false
Http Proxy: http://???.com:82
Https Proxy: http://???.com:82
Registry: https://???.com/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
Registries: ???.com (secure), registry.access.redhat.com (secure), docker.io (secure)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
db053a1518e3 ???_server "/usr/bin/python Laun" 54 minutes ago Up 54 minutes 0.0.0.0:8087->8087/tcp ???_server_1
69d512050bb9 ???_db "docker-entrypoint.sh" 54 minutes ago Up 54 minutes 0.0.0.0:3306->3306/tcp ???_db_1
对于mysql:
$ sudo netstat -anp | grep 3306
tcp6 0 0 :::3306 :::* LISTEN 30338/docker-proxy-
对于烧瓶:
$ sudo netstat -anp | grep 8087
tcp6 0 0 :::8087 :::* LISTEN 30454/docker-proxy-
unix 3 [ ] STREAM CONNECTED 368087 21392/dockerd-curre /var/run/docker.sock
我相信mysql容器正在使用ubuntu,它可能具有与RHEL不同的权限。来自同一网络中另一台计算机的nc
给了我:
$ nc 100.71.26.29 3306
J5.7.19{)EOm3ÿÿÁQZBTm%KM-mysql_native_password
哪个很多,但至少我们知道它正在运行。
现在,我从同一个基本映像创建了一个测试泊坞窗映像,并安装了nc
。我运行了以下内容:
$ nc -l 8088
hello world!
hello world!
来自我的主机的telnet连接:
$ telnet localhost 8088
Trying ::1...
Connected to localhost.
Escape character is '^]'.
hello world!
^]
telnet> Connection closed.
这意味着它可以在同一台计算机上运行。
现在,让我们在单独的计算机上进行尝试。
单独的机器无法连接:
$ telnet 100.71.26.29 8088
Trying 100.71.26.29... # hangs forever
telnet: connect to address 100.71.26.29: Connection timed out
在localhost中为特定端口运行curl,这正是我想要的烧瓶服务器:
$ curl localhost:8087
... A lot of HTML ...
<div>
<input id = "get-csv" type = "submit" class = "custom-button">
</div>
</td>
</tr>
</table>
</div>
执行以下命令运行curl INSIDE docker:
$ docker exec -it server:latest /bin/bash
...
docker$ curl localhost:8087
... A lot of HTML ...
<div>
<input id = "get-csv" type = "submit" class = "custom-button">
</div>
</td>
</tr>
</table>
</div>
但是从另一台计算机运行curl失败:
$ curl 100.71.26.29:8087 # hangs for like 2 minutes:
<FONT face="Helvetica">
<big>Network Error (tcp_error)</big>
<BR>
<BR>
</FONT>
</TD></TR>
<TR><TD>
<FONT face="Helvetica">
A communication error occurred: "Operation timed out"
</FONT>
</TD></TR>
<TR><TD>
<FONT face="Helvetica">
The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.
</FONT>
</TD></TR>
<TR><TD>
<FONT face="Helvetica" SIZE=2>
<BR>
For assistance, contact your network support team.
</FONT>
</TD></TR>
</TABLE>
</blockquote>
</FONT>
</BODY></HTML>
那么有没有人对这里发生的事情有任何想法?谢谢!