docker - Docker 连接问题:apt/apk 在 docker 容器内和 docker build 期间不起作用
问题描述
两天以来,我一直在努力解决以下问题。当我尝试运行包管理系统以构建新的容器映像时,它们会失败,我尝试使用 alpine:latest 和 ubuntu:latest。如果我尝试从正在运行的容器中使用它们,我会得到相同的行为,即使我使用了该--network host
选项。
例如,如果我尝试构建以下容器:
FROM alpine:latest
RUN apk update
像这样:
docker build --no-cache -t test .
我得到:
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/main: could not connect to server (check repositories file)
WARNING: Ignoring APKINDEX.b89edf6e.tar.gz: No such file or directory
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/community: could not connect to server (check repositories file)
WARNING: Ignoring APKINDEX.737f7e01.tar.gz: No such file or directory
和 ubuntu:
FROM ubuntu:latest
RUN apt-get update
我得到:
Sending build context to Docker daemon 3.954MB
Step 1/2 : FROM ubuntu:latest
---> 47b19964fb50
Step 2/2 : RUN apt-get update
---> Running in 4c637396e7be
Err:1 http://archive.ubuntu.com/ubuntu bionic InRelease
Could not connect to 127.0.0.1:3000 (127.0.0.1). - connect (111:Connection refused)
Err:2 http://security.ubuntu.com/ubuntu bionic-security InRelease
Could not connect to 127.0.0.1:3000 (127.0.0.1). - connect (111:Connection refused)
Err:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Unable to connect to 127.0.0.1:3000:
Err:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Unable to connect to 127.0.0.1:3000:
Reading package lists...
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic/InRelease Could not connect to 127.0.0.1:3000 (127.0.0.1). - connect (111: Connection refused)
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-updates/InRelease Unable to connect to 127.0.0.1:3000:
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/bionic-backports/InRelease Unable to connect to 127.0.0.1:3000:
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/bionic-security/InRelease Could not connect to 127.0.0.1:3000 (127.0.0.1). connect (111: Connection refused)
W: Some index files failed to download. They have been ignored, or old ones used instead.
Removing intermediate container 4c637396e7be
---> e41da39b1a0d
Successfully built e41da39b1a0d
Successfully tagged test:latest
我正在使用 Docker 版本 18.09.3,构建 774a1f4,在 ubuntu 16.04 主机上。我的系统在路由器后面运行。我已经尝试过这个答案中建议的策略,也尝试过这个答案中的策略,但没有任何运气。如果我从 adiazmor/docker-ubuntu-with-ping ping 如下,那就更奇怪了:
docker run --rm -it adiazmor/docker-ubuntu-with-ping
root@a774331799d3:/# ping google.com
PING google.com (216.58.205.46): 56 data bytes
64 bytes from 216.58.205.46: icmp_seq=0 ttl=53 time=44.976 ms
64 bytes from 216.58.205.46: icmp_seq=1 ttl=53 time=43.661 ms
64 bytes from 216.58.205.46: icmp_seq=2 ttl=53 time=43.471 ms
64 bytes from 216.58.205.46: icmp_seq=3 ttl=53 time=44.066 ms
64 bytes from 216.58.205.46: icmp_seq=4 ttl=53 time=43.849 ms
它可以工作,但是 apt-get update 像以前一样失败。我的想法不多了。任何帮助表示赞赏。
更新:似乎某些容器能够找到正确的 DNS 服务器,而其他容器则不能。
确实,如果我运行:
docker run --rm -i busybox nslookup google.com
它不起作用:
Unable to find image 'busybox:latest' locallylatest: Pulling from library/busybox
697743189b6d: Pull complete
Digest: sha256:061ca9704a714ee3e8b80523ec720c64f6209ad3f97c0ff7cb9ec7d19f15149f
Status: Downloaded newer image for busybox:latest
Server: 8.8.8.8
Address: 8.8.8.8:53
Non-authoritative answer:
Name: google.com
Address: 2a00:1450:4002:807::200e
*** Can't find google.com: No answer
但如果我运行:
docker run --rm -it tutum/dnsutils nslookup google.com
有用:
Unable to find image 'tutum/dnsutils:latest' locally
latest: Pulling from tutum/dnsutils
a3ed95caeb02: Pull complete
0d4f8675aa34: Pull complete
7cf67d95acf6: Pull complete
56692d2aae61: Pull complete
349ad02ed73a: Pull complete
Digest: sha256:d2244ad47219529f1003bd1513f5c99e71655353a3a63624ea9cb19f8393d5fe
Status: Downloaded newer image for tutum/dnsutils:latest
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 216.58.205.78
解决方案
更新:问题的根本原因在于我的本地用户配置(/home/myuser/.docker/config.json),实际上它是将默认代理设置为127.0.0.1:3000
.
好吧,我至少发现了 ubuntu 的问题,它一直摆在我面前。信不信由你,官方的 ubuntu 镜像都带有http_proxy
并HTTP_PROXY
设置为127.0.0.1:3000
. 事实上,我刚刚测试了对我的 Dockerfile.ubuntu 的这种更改:
FROM ubuntu:latest
RUN echo $HTTP_PROXY && echo $http_proxy && unset HTTP_PROXY && unset http_proxy && apt-get update
它工作正常:
$ docker build --no-cache -f Dockerfile.ubuntu .
Sending build context to Docker daemon 3.956MB
Step 1/2 : FROM ubuntu:latest
---> 47b19964fb50
Step 2/2 : RUN echo $HTTP_PROXY && echo $http_proxy && unset HTTP_PROXY && unset http_proxy && apt-get update
---> Running in bc697aa04846
http://127.0.0.1:3000
http://127.0.0.1:3000
Get:1 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Get:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:4 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages [358 kB]
Get:5 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Get:6 http://security.ubuntu.com/ubuntu bionic-security/multiverse amd64 Packages [3910 B]
Get:7 http://security.ubuntu.com/ubuntu bionic-security/restricted amd64 Packages [5436 B]
Get:8 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [157 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic/restricted amd64 Packages [13.5 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic/multiverse amd64 Packages [186 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages [11.3 MB]
Get:12 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages [1344 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-updates/restricted amd64 Packages [10.8 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [946 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 Packages [6966 B]
Get:16 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [708 kB]
Get:17 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 Packages [3650 B]
Fetched 15.6 MB in 10s (1578 kB/s)
Reading package lists...
Removing intermediate container bc697aa04846
---> 0b6a1f333528
Successfully built 0b6a1f333528
在我看来,这仍然违反了隔离原则,但也许有一个很好的理由,我想知道,谁能澄清为什么默认设置这两个 env 变量?
更新:
这个问题在高山也是一样的。
推荐阅读
- r - 删除主 x 轴并在 ggplot 中仅保留重复的辅助轴
- arguments - AArch64 - U-Boot - 在寄存器中传递多个参数(内存地址)的引导 ELF 映像
- python - 如何使用 Firebase REST API 设置文档 ID
- c++ - 为什么当它是一个 int 时我不能分配返回右值引用的函数,但当它是一个类时我可以?
- python - Pandas groupby 滚动均值,但仅针对最近的行以节省计算时间
- android - 了解 shell 命令 'dumpsys window windows | 的返回值 grep mCurrentFocus'
- css - 如何从文本框中删除阴影
- keycloak - 导出/导入身份提供者和客户端 (12.0.4)
- rendering - Blender 渲染视图不起作用 - 对象消失,视图变暗并且图像纹理被拉伸?
- oracle - OracleXE安装和权限问题