Fatal编程技术网
  • docker/
  • Docker 如何从容器内部访问internet URL

Docker 如何从容器内部访问internet URL

docker

Docker 如何从容器内部访问internet URL,docker,rancher,k3s,Docker,Rancher,K3s,有没有办法从docker容器中访问internet 我的容器必须到达一些URL才能工作 我的容器是: $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 457c79c831b6 rancher/k3s:v1.17.0-k3s

有没有办法从docker容器中访问internet

我的容器必须到达一些URL才能工作

我的容器是:

$ docker ps
CONTAINER ID        IMAGE                       COMMAND                  CREATED             STATUS              PORTS                    NAMES
457c79c831b6        rancher/k3s:v1.17.0-k3s.1   "/bin/k3s agent"         15 hours ago        Up 10 minutes                                k3d-k3s-default-worker-1
b9b39e82a6b2        rancher/k3s:v1.17.0-k3s.1   "/bin/k3s agent"         15 hours ago        Up 10 minutes                                k3d-k3s-default-worker-0
fb795905ec64        rancher/k3s:v1.17.0-k3s.1   "/bin/k3s server --h…"   15 hours ago        Up 10 minutes       0.0.0.0:6443->6443/tcp   k3d-k3s-default-server
如您所见,他们正在运行
rancher/k3s:--
image

我查看了日志:

E0205 08:07:07.844781 6 kuberuntime_manager.go:729]为pod“vault-helm-158088075-agent-injector-b7647bf59-vght5_default(7210fa15-5ba4-4c61-9e2c-2bce05cd3bc0)”创建pod沙箱失败:rpc错误:代码=未知描述=无法获取沙箱图像“docker.io/rancher/pause:3.1”:无法提取图像“docker.io/rancher/pause:3.1”:未能提取和解压缩图像“docker.io/rancher/pause:3.1”:未能解析引用“docker.io/rancher/pause:3.1”:未能执行请求:Head:拨号tcp:查找注册表-1.docker.io:重试

它似乎无法访问
registry-1.docker.io
存储库

但是,我可以从主机中提取图像:

$ docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
bdbbaa22dec6: Pull complete 
Digest: sha256:6915be4043561d64e0ab0f8f098dc2ac48e077fe23f488ac24b665166898115a
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest
我的主机正在使用一个合作代理:

$ cat /etc/systemd/system/docker.service.d/proxy.conf
[Service]
Environment="HTTP_PROXY=http://10.49.0.1:8080/"
Environment="HTTPS_PROXY=http://10.49.0.1:8080/"
Environment="NO_PROXY="localhost,127.0.0.1,::1"
此外,我还尝试测试容器是否能够访问代理ip:

$ docker exec -it 457c79c831b6 sh
/ # ping 10.49.0.1
PING 10.49.0.1 (10.49.0.1): 56 data bytes
<no response>
编辑2

k3d主容器节点的网络相关检查:

$ docker inspect k3d-k3s-default-server | grep -i networks -A10
    "NetworkSettings": {
        "Bridge": "",
        "SandboxID": "57705be8c175394ac122b95f070321dbe48d4c7b7752482391fc243562babb75",
        "HairpinMode": false,
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "Ports": {
            "6443/tcp": [
                {
                    "HostIp": "0.0.0.0",
                    "HostPort": "6443"
--
        "Networks": {
            "k3d-k3s-default": {
                "IPAMConfig": null,
                "Links": null,
                "Aliases": [
                    "k3d-k3s-default-server",
                    "fb795905ec64"
                ],
                "NetworkID": "337e73b268477428e97798665dd8013fd1e17d2003e33dcce694ab78f7f8b4bb",
                "EndpointID": "a35a783664dff4d68d199c6e23cd6d2c5a7cd0eac7a5f4b1691d524befe4ec01",
                "Gateway": "172.18.0.1",
编辑3

$ docker network inspect k3d-k3s-default
[
    {
        "Name": "k3d-k3s-default",
        "Id": "337e73b268477428e97798665dd8013fd1e17d2003e33dcce694ab78f7f8b4bb",
        "Created": "2020-02-04T17:40:01.13490488+01:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "457c79c831b6a76ae9b78cf360ae437eed04b18bd18429ac2e8436801ba0f4f7": {
                "Name": "k3d-k3s-default-worker-1",
                "EndpointID": "af38a2ecd618cf31df3dd4c88dea58ddc54de621e580934eb308105835f549d1",
                "MacAddress": "02:42:ac:12:00:03",
                "IPv4Address": "172.18.0.3/16",
                "IPv6Address": ""
            },
            "b9b39e82a6b2ef0863cbc8ed9f09cabbbcf8618fc14a2877feac9218b6803575": {
                "Name": "k3d-k3s-default-worker-0",
                "EndpointID": "87aacc1963289bca9097586cfc28fa17c7a98ee7716d5918a4c83143c35c8b00",
                "MacAddress": "02:42:ac:12:00:04",
                "IPv4Address": "172.18.0.4/16",
                "IPv6Address": ""
            },
            "fb795905ec64f99aac5ed1ad654d3e44a73e702327d15a91e4f60df4e5d03724": {
                "Name": "k3d-k3s-default-server",
                "EndpointID": "a35a783664dff4d68d199c6e23cd6d2c5a7cd0eac7a5f4b1691d524befe4ec01",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {
            "app": "k3d",
            "cluster": "k3s-default"
        }
    }
]

cat/etc/resolv.conf
。它是否包含您的公司名称服务器?同时显示docker inspect k3d-k3s-default-server | grep-i networks-A10的结果以显示其最新版本,
docker network inspect k3d-k3s-default
我添加了网络检查功能…通过
tcpdump-I docker0
检查您的主机是否没有防火墙阻止连接到
docker0
。然后转到容器并ping docker0地址
172.17.0.1
。如果
tcpdump
上没有显示任何内容,则可能是防火墙问题 
$ docker network inspect k3d-k3s-default
[
    {
        "Name": "k3d-k3s-default",
        "Id": "337e73b268477428e97798665dd8013fd1e17d2003e33dcce694ab78f7f8b4bb",
        "Created": "2020-02-04T17:40:01.13490488+01:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "457c79c831b6a76ae9b78cf360ae437eed04b18bd18429ac2e8436801ba0f4f7": {
                "Name": "k3d-k3s-default-worker-1",
                "EndpointID": "af38a2ecd618cf31df3dd4c88dea58ddc54de621e580934eb308105835f549d1",
                "MacAddress": "02:42:ac:12:00:03",
                "IPv4Address": "172.18.0.3/16",
                "IPv6Address": ""
            },
            "b9b39e82a6b2ef0863cbc8ed9f09cabbbcf8618fc14a2877feac9218b6803575": {
                "Name": "k3d-k3s-default-worker-0",
                "EndpointID": "87aacc1963289bca9097586cfc28fa17c7a98ee7716d5918a4c83143c35c8b00",
                "MacAddress": "02:42:ac:12:00:04",
                "IPv4Address": "172.18.0.4/16",
                "IPv6Address": ""
            },
            "fb795905ec64f99aac5ed1ad654d3e44a73e702327d15a91e4f60df4e5d03724": {
                "Name": "k3d-k3s-default-server",
                "EndpointID": "a35a783664dff4d68d199c6e23cd6d2c5a7cd0eac7a5f4b1691d524befe4ec01",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {
            "app": "k3d",
            "cluster": "k3s-default"
        }
    }
]