Bash docker无法指定容器连接_Bash_Ubuntu_Docker_Iptables

Bash docker无法指定容器连接

bash ubuntu docker

Bash docker无法指定容器连接,bash,ubuntu,docker,iptables,Bash,Ubuntu,Docker,Iptables,docker配置： root@ubuntu>ps-ef | grep docker 根xxxxx/usr/bin/dockerd-H fd://-b=br0--icc=false--iptables=true 启动“web”容器： sudo docker exec -it test bash root@00585b9efea8:/# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe

docker配置：


root@ubuntu>ps-ef | grep docker
根xxxxx/usr/bin/dockerd-H fd://-b=br0--icc=false--iptables=true

启动“web”容器：

sudo docker exec -it test bash
root@00585b9efea8:/# cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.100.2   web 2cec3235f5fa
192.168.100.3   00585b9efea8
root@00585b9efea8:/# ping web
PING web (192.168.100.2): 56 data bytes
^C--- web ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# ping 192.168.100.2
PING 192.168.100.2 (192.168.100.2): 56 data bytes
^C--- 192.168.100.2 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# curl web
^C
root@00585b9efea8:/# curl http://192.168.100.2:80
^C

docker run-d--name web-p 8080:80 php fpm:5.4

启动“测试”容器：

sudo docker exec -it test bash
root@00585b9efea8:/# cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.100.2   web 2cec3235f5fa
192.168.100.3   00585b9efea8
root@00585b9efea8:/# ping web
PING web (192.168.100.2): 56 data bytes
^C--- web ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# ping 192.168.100.2
PING 192.168.100.2 (192.168.100.2): 56 data bytes
^C--- 192.168.100.2 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# curl web
^C
root@00585b9efea8:/# curl http://192.168.100.2:80
^C

docker-run-dit--name-test--link-web:webblackhole/ubuntu:0.1bash

iptables过滤器：

root@ubuntu> sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain DOCKER (0 references)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            192.168.100.2        tcp dpt:80
ACCEPT     tcp  --  192.168.100.3        192.168.100.2        tcp dpt:80
ACCEPT     tcp  --  192.168.100.2        192.168.100.3        tcp spt:80
ACCEPT     tcp  --  192.168.100.3        192.168.100.2        tcp dpt:443
ACCEPT     tcp  --  192.168.100.2        192.168.100.3        tcp spt:443
ACCEPT     tcp  --  192.168.100.3        192.168.100.2        tcp dpt:22
ACCEPT     tcp  --  192.168.100.2        192.168.100.3        tcp spt:22

在“测试”容器中：

sudo docker exec -it test bash
root@00585b9efea8:/# cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.100.2   web 2cec3235f5fa
192.168.100.3   00585b9efea8
root@00585b9efea8:/# ping web
PING web (192.168.100.2): 56 data bytes
^C--- web ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# ping 192.168.100.2
PING 192.168.100.2 (192.168.100.2): 56 data bytes
^C--- 192.168.100.2 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# curl web
^C
root@00585b9efea8:/# curl http://192.168.100.2:80
^C

指定容器的三个条件：

sudo docker exec -it test bash
root@00585b9efea8:/# cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.100.2   web 2cec3235f5fa
192.168.100.3   00585b9efea8
root@00585b9efea8:/# ping web
PING web (192.168.100.2): 56 data bytes
^C--- web ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# ping 192.168.100.2
PING 192.168.100.2 (192.168.100.2): 56 data bytes
^C--- 192.168.100.2 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# curl web
^C
root@00585b9efea8:/# curl http://192.168.100.2:80
^C

--icc=fasle

--iptables=true

--链接

没问题，为什么不呢

ubuntu版本：16.04.2 LTS docker版本：.13.1

内核版本：4.9.0-040900-generic

链接选项已被禁用。对于基于DNS的服务发现，您应该创建一个新的桥接网络，并指定

--net

使docker容器加入此网络：

docker run -d --name=nginx1 --net=www nginx:1-alpine
docker run -d --name=nginx2 --net=www nginx:1-alpine

创建新的桥接网络：

docker network create --subnet=192.168.177.0/24 --gateway=192.168.177.1 www

在此网络上创建两个容器：

docker run -d --name=nginx1 --net=www nginx:1-alpine
docker run -d --name=nginx2 --net=www nginx:1-alpine

尝试按名称相互ping：

docker exec -it nginx1 /bin/sh
/ # ping nginx2
PING nginx2 (192.168.177.3): 56 data bytes
64 bytes from 192.168.177.3: seq=0 ttl=64 time=0.113 ms
64 bytes from 192.168.177.3: seq=1 ttl=64 time=0.123 ms

--- nginx2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.113/0.118/0.123 ms

您可以通过执行

docker network inspect www

更多信息可在此处找到：

这是个好主意。但是，由于某些要求必须使用

链接

选项，

-icc

选项正按照您的要求执行：禁用容器间通信。看起来您必须添加自己的iptables规则，以允许他们也可以通话。我将重试。如果没有，我会接受你的建议。非常感谢你的帮助，没问题。如果设置

-icc=true

，也可以查看问题是否消失。如果我的答案有帮助，请把它标记为正确。谢谢，这个问题已经解决了。因为我没有在dockerfile中添加expose命令。无论如何，谢谢你的帮助