Docker 码头集装箱不能按港口提供
我无法访问端口8080上的nginx。一般来说,我无法访问任何容器Docker 码头集装箱不能按港口提供,docker,Docker,我无法访问端口8080上的nginx。一般来说,我无法访问任何容器 CentOS Linux 7 Docker版本19.03.13,内部版本4484c46d9d 容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- CentOS Linux 7
- Docker版本19.03.13,内部版本4484c46d9d
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b0ce058600e6 nginx "/docker-entrypoint.…" 9 hours ago Up 9 hours 0.0.0.0:8080->80/tcp web
1fc09982cb16 portainer/portainer-ce "/portainer" 10 hours ago Up About a minute 0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp portainer
-P INPUT ACCEPT
-P FORWARD DROP
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION-STAGE-1
-N DOCKER-ISOLATION-STAGE-2
-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -o br-e080a2054aa8 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-e080a2054aa8 -j DOCKER
-A FORWARD -i br-e080a2054aa8 ! -o br-e080a2054aa8 -j ACCEPT
-A FORWARD -i br-e080a2054aa8 -o br-e080a2054aa8 -j ACCEPT
-A DOCKER -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8000 -j ACCEPT
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -i br-e080a2054aa8 ! -o br-e080a2054aa8 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -o br-e080a2054aa8 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-USER -j RETURN
错误
curl http://localhost:8080
curl: (56) Recv failure: Connection reset by peer
nginx容器:
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of
/etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in
/etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
手提电话也一样
iptables
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b0ce058600e6 nginx "/docker-entrypoint.…" 9 hours ago Up 9 hours 0.0.0.0:8080->80/tcp web
1fc09982cb16 portainer/portainer-ce "/portainer" 10 hours ago Up About a minute 0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp portainer
-P INPUT ACCEPT
-P FORWARD DROP
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION-STAGE-1
-N DOCKER-ISOLATION-STAGE-2
-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -o br-e080a2054aa8 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-e080a2054aa8 -j DOCKER
-A FORWARD -i br-e080a2054aa8 ! -o br-e080a2054aa8 -j ACCEPT
-A FORWARD -i br-e080a2054aa8 -o br-e080a2054aa8 -j ACCEPT
-A DOCKER -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 9000 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8000 -j ACCEPT
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -i br-e080a2054aa8 ! -o br-e080a2054aa8 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -o br-e080a2054aa8 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-USER -j RETURN
但它不起作用一切都起作用。问题可能出在防火墙中。运行容器时是否暴露端口?你能发布你的
docker compose.yml
文件或者你用来运行容器的cli命令吗?@Kickin_-Wing我使用了这个命令docker run-it--rm-d-p8080:80--name web nginx
我能够下载这些图像并使用相同的命令成功运行它们。这让我相信你可能和docker有配置问题。你能试着运行curl0.0.0.0:8080
看看这是否能给你一个响应吗?我发现这个问题可能会有帮助:@Kickin_Wing[root@docker_analyses~]#curl 0.0.0.0:8080 curl:(56)Recv故障:当运行tcpdump-i docker0时,对等方重置连接
@Kickin_Wing所有工作。不幸的是,我没有足够的知识来理解为什么会发生这种情况。