docker - docker 19.03 上的用户定义网络与 CentOS 8 不工作
问题描述
环境设置:
OS: CentOS Linux release 8.2.2004 (Core)
Docker Version:
Client: Docker Engine - Community
Version: 19.03.11
API version: 1.40
Go version: go1.13.10
Git commit: 42e35e61f3
Built: Mon Jun 1 09:13:48 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.11
API version: 1.40 (minimum version 1.12)
Go version: go1.13.10
Git commit: 42e35e61f3
Built: Mon Jun 1 09:12:26 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.6
GitCommit: 894b81a4b802e4eb2a91d1ce216b8817763c29fb
runc:
Version: 1.0.0-rc8
GitCommit: 425e105d5a03fabd737a126ad93d62a9eeede87f
docker-init:
Version: 0.18.0
GitCommit: fec3683
Linux 机器连接到防火墙后面的公司网络。以下是详细信息:
/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6/etc/resolv.conf
# Generated by NetworkManager search subdomain.domain.com nameserver 13.108.0.11 nameserver 13.108.11.16创建用户定义的桥接网络:
$ docker network create mynetwork $ docker network ls NETWORK ID NAME DRIVER SCOPE 05400c341d1d bridge bridge local fb4e364ad31b host host local 835f9d99e610 none null local 7d8fc26d3632 mynetwork bridge local在 mynetwork 上创建了两个容器:
$ docker container run --name search1 --network mynetwork --network-alias search --detach elasticsearch:2和
$ docker container run --name search2 --network mynetwork --network-alias search --detach elasticsearch:2DNS 循环检查:
$ docker container run --rm -it --network mynetowrk alpine nslookup search输出:
Server: 127.0.0.11 Address: 127.0.0.11:53 ** server can't find search.subdomain.domain.com: NXDOMAIN ** server can't find search.subdomain.domain.com: NXDOMAIN容器 /etc/resolv.conf
$ docker container run --rm -it --network mynetwork alpine cat /etc/resolv.conf输出:
search subdomain.domain.com nameserver 127.0.0.11 options ndots:0Docker 用户定义的网络详细信息:
$ docker network inspect -v mynetwork
输出:
[ { "Name": "mynetwork", "Id": "7d8fc26d36323cf9ba47dbb272bf4ad15113d6b26a26fbf6c82cc1d866b480c0", "Created": "2020-06-18T09:54:12.37673638+05:30", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "172.19.0.0/16", "Gateway": "172.19.0.1" } ] }, "Internal": false, "Attachable": true, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "ec1cacb437926b5c6bb5693ab9c0afa6f8bc2764d5e15a5e15d9d5709346c1e5": { "Name": "search1", "EndpointID": "2c7420176adbce496e4c033416d98c290cf74dcc1e68568d7160b45cefd8d1db", "MacAddress": "02:42:ac:13:00:02", "IPv4Address": "172.19.0.2/16", "IPv6Address": "" }, "f7cf532aa71df9cefaf5575ff27d4a2f4525f7674a479989d5b96f281282b6db": { "Name": "search2", "EndpointID": "d641f94dfc1d898d7d8ec667b4389d4ff6a0d53be3454a89f77b24b0bd04a663", "MacAddress": "02:42:ac:13:00:03", "IPv4Address": "172.19.0.3/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
问题:
- 为什么 docker 在用户定义的 docker 网络中使用主机搜索域?
- 为什么网络别名不可解析?
- 与CentOS 8.2版本有关吗?
- 如何解决?或如何使它工作?
谢谢
解决方案
sudo firewall-cmd --permanent --zone=public --add-masquerade
推荐阅读
- javascript - Angular 8 - 如何将数据从 1 个组件导出到 2,然后到 3
- vscode-extensions - 我想为 gdb 支持的语言创建调试器扩展,我可以从扩展中扩展另一个扩展吗?
- collections - 在埃菲尔对一组可比对象进行排序的一些方法
- selenium - 赛普拉斯:勾选复选框时未启用另一个按钮
- flume - 水槽复制然后过滤,如何?
- python - 使用列表数据按字段过滤
- angular - 错误类型错误:a.markerClusterGroup 不是函数
- python - jinja2 基本模板覆盖页面的其余部分
- google-apps-script - 为什么 Google App Script getRange 认为我给它的是一个类而不是一个数字?
- merge - Apache PDFBOXMerge 功能