我需要在公司代理后面运行docker-compose网络,但是由于代理的原因,服务之间的访问通常最终通过代理路由,而这显然不了解它们。
例如,此docker-compose.yml:
version: '3.4'
services:
webserver:
image: nginx
webtest:
image: alpine
command: sh -c "sleep 1 && wget -O - http://webserver"
失败,因为wget向公司代理询问了webserver,并且没有指向我创建的服务:
$ docker-compose up
Starting dgx-docker-network-test_webtest_1 ... done
Starting dgx-docker-network-test_webserver_1 ... done
Attaching to dgx-docker-network-test_webtest_1, dgx-docker-network-test_webserver_1
webtest_1 | Connecting to proxy.blah.blah.blah:8080 (xx.xx.xx.xx:8080)
webtest_1 | wget: server returned error: HTTP/1.1 307 Temporarily Moved for Domain Name Expansion
如果我将命令更改为不使用诸如ping之类的代理的工具,它将正常工作:
$ docker-compose up
Starting dgx-docker-network-test_webserver_1 ... done
Starting dgx-docker-network-test_webtest_1 ... done
Attaching to dgx-docker-network-test_webserver_1, dgx-docker-network-test_webtest_1
webtest_1 | PING webserver (172.18.0.2): 56 data bytes
webtest_1 | 64 bytes from 172.18.0.2: seq=0 ttl=64 time=0.090 ms
webtest_1 | 64 bytes from 172.18.0.2: seq=1 ttl=64 time=0.095 ms
webtest_1 | 64 bytes from 172.18.0.2: seq=2 ttl=64 time=0.076 ms
webtest_1 | 64 bytes from 172.18.0.2: seq=3 ttl=64 time=0.072 ms
webtest_1 |
webtest_1 | --- webserver ping statistics ---
webtest_1 | 4 packets transmitted, 4 packets received, 0% packet loss
webtest_1 | round-trip min/avg/max = 0.072/0.083/0.095 ms
dgx-docker-network-test_webtest_1 exited with code 0
那么,什么是最好的设置方式,以便在尝试访问由docker-compose启动的服务时忽略代理? docker-compose是否有办法将服务自动添加到它从no_proxy创建的~/.docker/config.json环境变量中?
答案 0 :(得分:0)
到目前为止,我最好的答案是,no_proxy和NO_PROXY环境变量需要在每个服务上进行更新以包括它要访问的服务。但这非常笨重,如果有另一种方法,那就太好了:
version: '3.4'
services:
webserver:
image: nginx
webtest:
image: cirrusci/wget # docker image with prebuild GNU wget
command: sh -c "sleep 1 && wget -O - http://webserver"
environment:
- no_proxy=webserver,${no_proxy}
- NO_PROXY=webserver,${NO_PROXY}
不幸的是,alpine随附的wget的busybox版本似乎不支持no_proxy / NO_PROXY,因此我不得不使用准备好GNU wget的映像。但这确实有效:
$ docker-compose up
Starting dgx-docker-network-test_webserver_1 ... done
Starting dgx-docker-network-test_webtest_1 ... done
Attaching to dgx-docker-network-test_webserver_1, dgx-docker-network-test_webtest_1
webtest_1 | --2019-01-21 02:45:07-- http://webserver/
webtest_1 | Resolving webserver... 172.18.0.2
webtest_1 | Connecting to webserver|172.18.0.2|:80... connected.
webtest_1 | HTTP request sent, awaiting response... 200 OK
webtest_1 | Length: 612 [text/html]
webtest_1 | Saving to: 'STDOUT'
webtest_1 |
webtest_1 | 0K <!DOCTYPE html>
webtest_1 | <html>
webtest_1 | <head>
webtest_1 | <title>Welcome to nginx!</title>
webtest_1 | <style>
webtest_1 | body {
webtest_1 | width: 35em;
webtest_1 | margin: 0 auto;
webtest_1 | font-family: Tahoma, Verdana, Arial, sans-serif;
webtest_1 | }
webtest_1 | </style>
webtest_1 | </head>
webtest_1 | <body>
webtest_1 | <h1>Welcome to nginx!</h1>
webtest_1 | <p>If you see this page, the nginx web server is successfully installed and
webtest_1 | working. Further configuration is required.</p>
webtest_1 |
webtest_1 | <p>For online documentation and support please refer to
webtest_1 | <a href="http://nginx.org/">nginx.org</a>.<br/>
webtest_1 | Commercial support is available at
webtest_1 | <a href="http://nginx.com/">nginx.com</a>.</p>
webtest_1 |
webtest_1 | <p><em>Thank you for using nginx.</em></p>
webtest_1 | </body>
webtest_1 | </html>
webserver_1 | 172.18.0.3 - - [21/Jan/2019:02:45:07 +0000] "GET / HTTP/1.1" 200 612 "-" "Wget/1.19.5 (linux-musl)" "-"
webtest_1 | 100% 62.8M=0s
webtest_1 |
webtest_1 | 2019-01-21 02:45:07 (62.8 MB/s) - written to stdout [612/612]
webtest_1 |
dgx-docker-network-test_webtest_1 exited with code 0
我对此解决方案并不满意,因为:
no_proxy和NO_PROXY都重复一遍。no_proxy / NO_PROXY中列出所有服务,或者
通过我的docker-compose.yml并根据我要访问的内容自定义设计每个服务的列表no_proxy中有关NO_PROXY / ~/.docker/config.json的任何内容,这在某些设置中可能是个问题。鉴于docker已经从no_proxy解析了NO_PROXY / ~/.docker/config.json,如果docker-compose可以在此基础上自动处理此问题,那就太好了一些时尚。