【发布时间】:2021-08-12 06:46:53
【问题描述】:
我在 CentOS 7 机器上安装了 Docker,但 DNS 在容器中不起作用。
所以,如果我在主机上运行 nslookup google.com,它会正确解析。但是,如果我这样做 docker container run busybox nslookup google.com 我会得到:
Server: 8.8.8.8
Address: 8.8.8.8:53
Non-authoritative answer:
Name: google.com
Address: 142.250.72.46
*** Can't find google.com: No answer
root@XXX [~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
scan: Docker Scan (Docker Inc.)
Server:
Containers: 57
Running: 0
Paused: 0
Stopped: 57
Images: 10
Server Version: 20.10.6
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-1160.25.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 3.7GiB
Name: cgh.cgh.net
ID: X2YB:LILA:S5Q3:CLRJ:ACY7:ST4T:YRDD:3D3E:PLXV:DHGS:3IE2:QMIP
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: akhtariev
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
root@xxx [~]# docker version
Client: Docker Engine - Community
Version: 20.10.6
API version: 1.41
Go version: go1.13.15
Git commit: 370c289
Built: Fri Apr 9 22:45:33 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.6
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 8728dd2
Built: Fri Apr 9 22:43:57 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.4
GitCommit: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc:
Version: 1.0.0-rc93
GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
docker-init:
Version: 0.19.0
GitCommit: de40ad0
root@XXX [~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "609282cb44a298bb8f69b424d4ba2b1e3ab391b37fc171d2ec032f592dc3afbb",
"Created": "2021-05-23T14:52:38.789641794-05:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
我已经尝试将默认 DNS 服务器设置为 8.8.8.8 并遵循各种其他故障排除指南,但没有任何效果。值得一提的是,服务器由 hostgator 提供并安装了 cPanel。我要求hostgator禁用防病毒和防火墙。他们不提供 Docker 支持,也无法帮助解决我的问题。
非常感谢任何帮助,如果需要更多信息来帮助解决此问题,请告诉我。
更新: 这不仅发生在busybox上,也发生在其他平台上。我的主要问题是我无法运行从以下 Dockerfile 构建的映像容器:
FROM python:3.9.5-buster
ENV HOME_PATH=/root
ENV PATH="${HOME_PATH}/.local/bin:${PATH}"
WORKDIR ${HOME_PATH}
COPY requirements.txt cron-job ${HOME_PATH}/
RUN apt-get update
RUN apt-get install -y cron
RUN useradd --create-home service
RUN pip install --user -r ${HOME_PATH}/requirements.txt
COPY . ${HOME_PATH}
RUN ls \
&& mv cron-job /etc/cron.d/cron-job \
&& chmod 0644 /etc/cron.d/cron-job \
&& crontab /etc/cron.d/cron-job \
&& touch ${HOME_PATH}/agl_history.log
CMD cron && tail -f ${HOME_PATH}/agl_history.log
docker-compose.yml:
version: "3.9"
services:
agl-history:
depends_on:
- mariadb
build: .
restart: on-failure
networks:
- main
mariadb:
image: "mariadb:10.5"
restart: on-failure
environment:
MYSQL_ROOT_PASSWORD: ${MARIADB_PASSW}
ports:
- 3306:3306
volumes:
- /var/lib/docker/volumes/add3-data:/var/lib/mysql
networks:
- main
networks:
main:
driver: bridge
此服务运行良好,并在我运行最新 Ubuntu 的个人计算机上进行了测试
更新 2:
因此,cmets 中的建议通过 docker run --rm busybox nslookup -type=a google.com 解决了 nslookup 的问题
但是,我在运行上述 buster 容器时仍然遇到问题。这就是发生的事情:
Building agl-history
Sending build context to Docker daemon 918.5kB
Step 1/12 : FROM python:3.9.5-buster
---> a6a0779c5fb2
Step 2/12 : ENV HOME_PATH=/root
---> Using cache
---> 7aea834621d4
Step 3/12 : ENV PATH="${HOME_PATH}/.local/bin:${PATH}"
---> Using cache
---> dc16e6178688
Step 4/12 : WORKDIR ${HOME_PATH}
---> Using cache
---> 950712b33f21
Step 5/12 : COPY requirements.txt cron-job ${HOME_PATH}/
---> Using cache
---> 6923c1410731
Step 6/12 : RUN apt-get update
---> Using cache
---> aa4c4a4d25c4
Step 7/12 : RUN apt-get install -y cron
---> Running in 26c7517a05d0
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package cron
The command '/bin/sh -c apt-get install -y cron' returned a non-zero code: 100
ERROR: Service 'agl-history' failed to build : Build failed
【问题讨论】:
-
不幸的是,这不仅仅发生在busybox上。其实busybox只是用来说明的。我的主要形象是在 buster 上。当我运行该映像的容器时,由于 DNS 的这个问题,它无法从 Internet 获取依赖项。我将使用此图像的 Dockerfile 更新问题
-
好的,但是只要将
--dns标志都放到docker run和-type=a或-type=aaaa到nslookup,nslookup也会起作用 -
谢谢!你是对的,当我做
docker run --rm busybox nslookup -type=a google.com时它起作用了。我将尝试弄清楚如何使用这些知识来解决我在 buster 容器中安装依赖项的原始问题。如果您有任何建议,请让我知道。我发布了 Dockerfile 的内容以及有关该问题的更多信息。再次感谢您的帮助! -
我在您的 Dockerfile 中看到的一个错误是,您在两个不同的
RUN指令上使用了apt-get update和apt-get install,正如 the best practice 中所指出的那样,这可能会导致您出现缓存问题.而是RUN apt-get update && apt-get install -y cron。