Question

我找到了有关此问题的帖子。但是，我所做的只是使我的安装崩溃。

我的问题的根源：无法从容器内访问在主机上侦听 127.0.0.1:3306 的 mysql。

环境：Centos8, docker-ce / Docker version 20.10.5, build 55c4c88

我之前尝试 ping/traceroute 到 google - ifconfig：

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        inet6 fe80::42:7dff:fe3a:1d23  prefixlen 64  scopeid 0x20<link>
        ether 02:42:7d:3a:1d:23  txqueuelen 0  (Ethernet)
        RX packets 152  bytes 9114 (8.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 32  bytes 2132 (2.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Lokale Schleife)
        RX packets 8  bytes 400 (400.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 400 (400.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

venet0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP>  mtu 1500
        inet 127.0.0.1  netmask 255.255.255.255  broadcast 0.0.0.0  destination 127.0.0.1
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 0  (UNSPEC)
        RX packets 20275  bytes 48492440 (46.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7901  bytes 1118291 (1.0 MiB)
        TX errors 0  dropped 125 overruns 0  carrier 0  collisions 0

venet0:0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP>  mtu 1500
        inet 85.214.171.64  netmask 255.255.255.255  broadcast 85.214.171.64  destination 85.214.171.64
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 0  (UNSPEC)

veth182b7de: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::b463:b4ff:fecd:8989  prefixlen 64  scopeid 0x20<link>
        ether b6:63:b4:cd:89:89  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 866 (866.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth2bbb74a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::2415:b4ff:fe28:e625  prefixlen 64  scopeid 0x20<link>
        ether 26:15:b4:28:e6:25  txqueuelen 0  (Ethernet)
        RX packets 99  bytes 7654 (7.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 18  bytes 1076 (1.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

发行后

docker run -it --rm alpine traceroute -m 5 172.217.168.227
traceroute to 172.217.168.227 (172.217.168.227), 5 hops max, 46 byte packets
 1  172.17.0.1 (172.17.0.1)  0.020 ms  0.012 ms  0.009 ms
 2  *  *  *

（限制为 2 跳，因为与默认的 30 跳没有区别）

ifconfig 输出：

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        inet6 fe80::42:7dff:fe3a:1d23  prefixlen 64  scopeid 0x20<link>
        ether 02:42:7d:3a:1d:23  txqueuelen 0  (Ethernet)
        RX packets 166  bytes 9860 (9.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 37  bytes 2480 (2.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Lokale Schleife)
        RX packets 8  bytes 400 (400.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 400 (400.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

venet0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP>  mtu 1500
        inet 127.0.0.1  netmask 255.255.255.255  broadcast 0.0.0.0  destination 127.0.0.1
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 0  (UNSPEC)
        RX packets 20326  bytes 48495436 (46.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7936  bytes 1124283 (1.0 MiB)
        TX errors 0  dropped 134 overruns 0  carrier 0  collisions 0

venet0:0: flags=211<UP,BROADCAST,POINTOPOINT,RUNNING,NOARP>  mtu 1500
        inet 85.214.171.64  netmask 255.255.255.255  broadcast 85.214.171.64  destination 85.214.171.64
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 0  (UNSPEC)

veth182b7de: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::b463:b4ff:fecd:8989  prefixlen 64  scopeid 0x20<link>
        ether b6:63:b4:cd:89:89  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 14  bytes 908 (908.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth2bbb74a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::2415:b4ff:fe28:e625  prefixlen 64  scopeid 0x20<link>
        ether 26:15:b4:28:e6:25  txqueuelen 0  (Ethernet)
        RX packets 99  bytes 7654 (7.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 19  bytes 1118 (1.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

显然数据包在 venet0 上被丢弃了。

我需要配置什么才能连接到容器外部（包括 127.0.0.1）？

在centos 8上没有来自docker0之外的容器的传出网络流量

0 个答案: