为了测试容器互联,在机器上开了两个不同的容器。启动后发现作为客户端的容器没有telnet等常用网络工具,于是执行 apt-get update & apt-get install telnet
命令安装。命令意外地出现了如下的错误输出:
root@793880f44c90:/# apt-get update && apt-get install telnet Err http://deb.debian.org jessie InRelease Err http://nginx.org jessie InRelease Err http://deb.debian.org jessie-updates InRelease Err http://deb.debian.org jessie Release.gpg Could not resolve 'deb.debian.org' Err http://nginx.org jessie Release.gpg Could not resolve 'nginx.org' Err http://deb.debian.org jessie-updates Release.gpg Could not resolve 'deb.debian.org' Err http://security.debian.org jessie/updates InRelease Err http://security.debian.org jessie/updates Release.gpg Could not resolve 'security.debian.org' Reading package lists... Done W: Failed to fetch http://deb.debian.org/debian/dists/jessie/InRelease W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/InRelease W: Failed to fetch http://security.debian.org/dists/jessie/updates/InRelease W: Failed to fetch http://nginx.org/packages/mainline/debian/dists/jessie/InRelease W: Failed to fetch http://deb.debian.org/debian/dists/jessie/Release.gpg Could not resolve 'deb.debian.o rg' W: Failed to fetch http://nginx.org/packages/mainline/debian/dists/jessie/Release.gpg Could not resolve 'nginx.org' W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/Release.gpg Could not resolve 'deb. debian.org' W: Failed to fetch http://security.debian.org/dists/jessie/updates/Release.gpg Could not resolve 'securi ty.debian.org' W: Some index files failed to download. They have been ignored, or old ones used instead. Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package telnet
看错误信息是解析不了软件包仓库的域名,导致无法获取软件包列表。尝试ping一下www.baidu.com,输出:“ping: unknown host”。接着cat容器的/etc/resolv.conf,和宿主机的resolv.conf对比,发现内容一致。尝试ping 114.114.114.114,没有回应。这几个现象表明容器网络出了问题,导致无法ping通外网,也无法解析域名。
通过google,找到了栈爆网上的一个帖子,顺利解决了问题。解决步骤如下:
- 找出宿主机的dns:
cat /etc/resolv.conf
。一般是两个,例如: 10.0.0.2, 10.0.0.3; - 编辑/etc/docker/daemon.json文件(该文件不存在,需新建),输入内容:
{ "dns": ["10.0.0.2", "10.0.0.3"] }
- 重启docker服务:
systemctl restart docker
。此条命令将会关掉所有的容器。
通过以上三个步骤,即可在容器内正常进行dns解析并顺利访问外网。可以通过启动alpine容器验证:
docker run -it alpine ping www.baidu.com
输出如下:
PING www.baidu.com (220.181.112.244): 56 data bytes 64 bytes from 220.181.112.244: seq=0 ttl=52 time=24.200 ms 64 bytes from 220.181.112.244: seq=1 ttl=52 time=24.056 ms 64 bytes from 220.181.112.244: seq=2 ttl=52 time=24.125 ms 64 bytes from 220.181.112.244: seq=3 ttl=52 time=24.158 ms 64 bytes from 220.181.112.244: seq=4 ttl=52 time=24.151 ms 64 bytes from 220.181.112.244: seq=5 ttl=52 time=24.007 ms