Docker compose RHEL8和docker组成默认网络错误EHOSTUNREACH

我们已经使用单容器Docker映像一段时间了，RHEL8上没有问题。我们需要使用docker compose来集成多个服务，但即使是简单的尝试也没有成功

我们正在使用Mongo（Mongo:4.2.3-bionic）和NodeJS（node:alpine）

我们创建了一个简单的节点应用程序，它试图将单个文档添加到MongoDB集合中。dbwrite.js的代码是：

var MongoClient = require('mongodb').MongoClient;

MongoClient.connect("mongodb://mongo:27017/", function(err, mongodb) {
  if (err) throw err;
  var mongodbo = mongodb.db("test");
  var doc = {"payload":"test doc"};
  mongodbo.collection("test2").insertOne(doc, function(err, res) {
    if (err) throw err;
  });
  mongodb.close();
});

FROM node:alpine
ADD . /
CMD ["node", "dbwrite.js"]

dbwrite.js的Dockerfile是：

var MongoClient = require('mongodb').MongoClient;

MongoClient.connect("mongodb://mongo:27017/", function(err, mongodb) {
  if (err) throw err;
  var mongodbo = mongodb.db("test");
  var doc = {"payload":"test doc"};
  mongodbo.collection("test2").insertOne(doc, function(err, res) {
    if (err) throw err;
  });
  mongodb.close();
});

FROM node:alpine
ADD . /
CMD ["node", "dbwrite.js"]

Mongo容器与节点容器一样从DockerHub中提取

docker-compose.yaml文件：

version: '3.1'
services:
  mongo:
    image: mongo:4.2.3-bionic
    container_name: mongo
    restart: always
  ports:
    - 27017:27017
  volumes:
    - ./mongo_db:/data/db

app:
  image: dbwrite:v0.1
  container_name: dbwrite

如果执行“docker compose up”，dbwrite容器将抛出一个错误：

dbwrite  | /node_modules/mongodb/lib/topologies/server.js:233
dbwrite  |             throw err;
dbwrite  |             ^
dbwrite  | 
dbwrite  | MongoNetworkError: failed to connect to server [mongo:27017] on first connect [Error:    connect EHOSTUNREACH 172.22.0.2:27017
dbwrite  |     at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1137:16) {
dbwrite  |   name: 'MongoNetworkError',
dbwrite  |   [Symbol(mongoErrorContextSymbol)]: {}
dbwrite  | }]
dbwrite  |     at Pool.<anonymous> (/node_modules/mongodb/lib/core/topologies/server.js:438:11)
dbwrite  |     at Pool.emit (events.js:321:20)
dbwrite  |     at /node_modules/mongodb/lib/core/connection/pool.js:561:14
dbwrite  |     at /node_modules/mongodb/lib/core/connection/pool.js:994:11
dbwrite  |     at /node_modules/mongodb/lib/core/connection/connect.js:31:7
dbwrite  |     at callback (/node_modules/mongodb/lib/core/connection/connect.js:264:5)
dbwrite  |     at Socket.<anonymous> (/node_modules/mongodb/lib/core/connection/connect.js:294:7)
dbwrite  |     at Object.onceWrapper (events.js:428:26)
dbwrite  |     at Socket.emit (events.js:321:20)
dbwrite  |     at emitErrorNT (internal/streams/destroy.js:84:8) {
dbwrite  |   name: 'MongoNetworkError',
dbwrite  |   [Symbol(mongoErrorContextSymbol)]: {}
dbwrite  | }
dbwrite exited with code 1

与

从“mongo”生成正常的ping响应，因此我相信默认网络是正确创建的，DNS正在按预期进行，但我的节点应用程序得到了EHOSTUNREACH

dbwrite  | 64 bytes from 172.22.0.2: seq=15 ttl=64 time=0.072 ms
dbwrite  | 64 bytes from 172.22.0.2: seq=16 ttl=64 time=0.080 ms
dbwrite  | 64 bytes from 172.22.0.2: seq=17 ttl=64 time=0.067 ms
dbwrite  | 64 bytes from 172.22.0.2: seq=18 ttl=64 time=0.121 ms
dbwrite  | 64 bytes from 172.22.0.2: seq=19 ttl=64 time=0.097 ms
dbwrite  | 
dbwrite  | --- mongo ping statistics ---
dbwrite  | 20 packets transmitted, 20 packets received, 0% packet loss
dbwrite  | round-trip min/avg/max = 0.065/0.086/0.121 ms
dbwrite exited with code 0

如果我们编辑dbwrite.js代码并将connect（）方法中的“mongo”替换为“localhost”，并从localhost（容器外部）执行“node dbwrite.js”，则文档将被保存到集合中。Mongo容器日志报告它正在侦听0.0.0.0

mongo    | 2020-02-10T19:35:26.337+0000 I  NETWORK  [listener] Listening on 0.0.0.0
mongo    | 2020-02-10T19:35:26.337+0000 I  NETWORK  [listener] waiting for connections on port 27017

虽然我没有捕获输出，但之前执行的“docker network inspect”显示了172.22.0.x/16上的容器及其分配的IPv4地址。IPAM显示在子网172.22.0.0/16上使用默认驱动程序“网桥”和网关172.22.0.1

如果您对可能出现的问题提出任何建议，我们将不胜感激。我们即将降低RHEL8的等级，看看这是否与我们的问题有关，因为红帽公司口头上声称支持Docker的不是。似乎这是一些网络安全问题，因为ICMP ping可以通过网桥，但TCP套接字连接不能