时间戳

首页 > 解决方案 > Docker 在 Kubernetes 中的 docker 路由

docker - Docker 在 Kubernetes 中的 docker 路由

问题描述

我使用 Calico 网络层在 Kubernetes 主机上遇到了与网络相关的问题。对于持续集成,我需要在 docker 中运行 docker,但是docker build使用这个Dockerfile运行起来很简单:

FROM praqma/network-multitool AS build
RUN route
RUN ping -c 4 google.com
RUN traceroute google.com

产生输出:

Step 1/4 : FROM praqma/network-multitool AS build
 ---> 3619cb81e582
Step 2/4 : RUN route
 ---> Running in 80bda13a9860
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         172.17.0.1      0.0.0.0         UG    0      0        0 eth0
172.17.0.0      *               255.255.0.0     U     0      0        0 eth0
Removing intermediate container 80bda13a9860
 ---> d79e864eafaf
Step 3/4 : RUN ping -c 4 google.com
 ---> Running in 76354a92a413
PING google.com (216.58.201.110) 56(84) bytes of data.

--- google.com ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 53ms
---> 3619cb81e582
Step 4/4 : RUN traceroute google.com
 ---> Running in 3aa7908347ba
traceroute to google.com (216.58.201.110), 30 hops max, 46 byte packets
 1  172.17.0.1 (172.17.0.1)  0.009 ms  0.005 ms  0.003 ms

似乎 docker 容器在 Kubernetes 上创建时路由无效。Kubernetes 编排的 Pod 可以正常访问 Internet。

bash-5.0# ping -c 3 google.com
PING google.com (216.58.201.110) 56(84) bytes of data.
64 bytes from prg03s02-in-f14.1e100.net (216.58.201.110): icmp_seq=1 ttl=55 time=0.726 ms
64 bytes from prg03s02-in-f14.1e100.net (216.58.201.110): icmp_seq=2 ttl=55 time=0.586 ms
64 bytes from prg03s02-in-f14.1e100.net (216.58.201.110): icmp_seq=3 ttl=55 time=0.451 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 10ms
rtt min/avg/max/mdev = 0.451/0.587/0.726/0.115 ms
bash-5.0# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         169.254.1.1     0.0.0.0         UG    0      0        0 eth0
169.254.1.1     *               255.255.255.255 UH    0      0        0 eth0
bash-5.0# traceroute google.com
traceroute to google.com (216.58.201.110), 30 hops max, 46 byte packets
 1  10-68-149-194.kubelet.kube-system.svc.kube.example.com (10.68.149.194)  0.006 ms  0.005 ms  0.004 ms

标签: dockerkubernetesroutingproject-calicodocker-in-docker

解决方案

推荐阅读