无法ping泊坞窗容器

发布时间：2020-12-16 03:49:45 所属栏目：安全来源：网络整理

导读：在mac osx上新的docker.我正在从基本的phusion图像构建一个ubuntu图像,以用作git服务器.使用以下文件安装基础和所需的软件.这非常有效.但是,我无法ping通机器. 编辑我无法ping通机器.我可以运行图像并在ps命令中查看容器.我也可以抨击它. CONTAINER ID IMAG

在mac osx上新的docker.我正在从基本的phusion图像构建一个ubuntu图像,以用作git服务器.使用以下文件安装基础和所需的软件.这非常有效.但是,我无法ping通机器.

编辑

我无法ping通机器.我可以运行图像并在ps命令中查看容器.我也可以抨击它.

CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS               NAMES
54e4cef78445        git-ssh_img         "/usr/sbin/sshd -D"   44 minutes ago      Up 44 minutes       22/tcp              git-ssh

以下也有效

docker exec -it 54e4cef78445 ping www.google.com
PING www.google.com (173.194.219.147) 56(84) bytes of data.
64 bytes from ya-in-f147.1e100.net (173.194.219.147): icmp_seq=1 ttl=61 time=65.1 ms
64 bytes from ya-in-f147.1e100.net (173.194.219.147): icmp_seq=2 ttl=61 time=67.1 ms

Dockerfile：

# Use phusion/baseimage as base image. To make your builds reproducible,make
# sure you lock down to a specific version,not to `latest`!
# See https://github.com/phusion/baseimage-docker/blob/master/Changelog.md for
# a list of version numbers.
FROM phusion/baseimage:0.9.18

# Use baseimage-docker's init system.
CMD ["/sbin/my_init"]

# ...put your own build instructions here...

ENV TERM xterm

RUN apt-get -y update
RUN apt-get -y install openssh-server
RUN apt-get -y install git 
    libxml2-dev 
    python 
    build-essential 
    make 
    gcc 
    python-dev 
    python-pip

# Clean up APT when done.
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Setting openssh
# RUN mkdir /var/run/sshd
RUN sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config

# Adding git user
RUN adduser --system git
RUN mkdir -p /home/git/.ssh

# Clearing and setting authorized ssh keys
RUN echo '' > /home/git/.ssh/authorized_keys
RUN echo 'First key' >> /home/git/.ssh/authorized_keys
# RUN echo 'Second SSH public key' >> /home/git/.ssh/authorized_keys
# ...

# Updating shell to bash
RUN sed -i s#/home/git:/bin/false#/home/git:/bin/bash# /etc/passwd

EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]

检查命令：

[
{
    "Id": "54e4cef78445e1308b744297edc1d3d153932ce7724e87b35dc3690f8ffe41a2","Created": "2015-12-10T21:01:16.683875853Z","Path": "/usr/sbin/sshd","Args": [
        "-D"
    ],"State": {
        "Running": true,"Paused": false,"Restarting": false,"OOMKilled": false,"Dead": false,"Pid": 13930,"ExitCode": 0,"Error": "","StartedAt": "2015-12-10T21:01:16.763739339Z","FinishedAt": "0001-01-01T00:00:00Z"
    },"Image": "b2c6f9604ceca1e112dc0560aa4d0c50596d27c80256c544613f1d6badf6ccda","NetworkSettings": {
        "Bridge": "","EndpointID": "87f12f9b527f3e0d7f823f1e2c88b0d0e860ff2d1687568d0a15cfa9fdfe22c3","Gateway": "172.17.42.1","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"HairpinMode": false,"IPAddress": "172.17.0.26","IPPrefixLen": 16,"IPv6Gateway": "","LinkLocalIPv6Address": "","LinkLocalIPv6PrefixLen": 0,"MacAddress": "02:42:ac:11:00:1a","NetworkID": "a60ea78a8239baed013f9bfb1b2719a599ddef7745170e3c17eeab743a391ebe","PortMapping": null,"Ports": {
            "22/tcp": null
        },"SandboxKey": "/var/run/docker/netns/54e4cef78445","SecondaryIPAddresses": null,"SecondaryIPv6Addresses": null
    },"ResolvConfPath": "/mnt/sda1/var/lib/docker/containers/54e4cef78445e1308b744297edc1d3d153932ce7724e87b35dc3690f8ffe41a2/resolv.conf","HostnamePath": "/mnt/sda1/var/lib/docker/containers/54e4cef78445e1308b744297edc1d3d153932ce7724e87b35dc3690f8ffe41a2/hostname","HostsPath": "/mnt/sda1/var/lib/docker/containers/54e4cef78445e1308b744297edc1d3d153932ce7724e87b35dc3690f8ffe41a2/hosts","LogPath": "/mnt/sda1/var/lib/docker/containers/54e4cef78445e1308b744297edc1d3d153932ce7724e87b35dc3690f8ffe41a2/54e4cef78445e1308b744297edc1d3d153932ce7724e87b35dc3690f8ffe41a2-json.log","Name": "/git-ssh","RestartCount": 0,"Driver": "aufs","ExecDriver": "native-0.2","MountLabel": "","ProcessLabel": "","AppArmorProfile": "","ExecIDs": null,"HostConfig": {
        "Binds": null,"ContainerIDFile": "","LxcConf": [],"Memory": 0,"MemorySwap": 0,"CpuShares": 0,"CpuPeriod": 0,"CpusetCpus": "","CpusetMems": "","CpuQuota": 0,"BlkioWeight": 0,"OomKillDisable": false,"MemorySwappiness": -1,"Privileged": false,"PortBindings": {},"Links": null,"PublishAllPorts": false,"Dns": null,"DnsSearch": null,"ExtraHosts": null,"VolumesFrom": null,"Devices": [],"NetworkMode": "default","IpcMode": "","PidMode": "","UTSMode": "","CapAdd": null,"CapDrop": null,"GroupAdd": null,"RestartPolicy": {
            "Name": "no","MaximumRetryCount": 0
        },"SecurityOpt": null,"ReadonlyRootfs": false,"Ulimits": null,"LogConfig": {
            "Type": "json-file","Config": {}
        },"CgroupParent": "","ConsoleSize": [
            0,0
        ]
    },"GraphDriver": {
        "Name": "aufs","Data": null
    },"Mounts": [],"Config": {
        "Hostname": "54e4cef78445","Domainname": "","User": "","AttachStdin": false,"AttachStdout": true,"AttachStderr": true,"ExposedPorts": {
            "22/tcp": {}
        },"Tty": false,"OpenStdin": false,"StdinOnce": false,"Env": [
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin","TERM=xterm"
        ],"Cmd": [
            "/usr/sbin/sshd","-D"
        ],"Image": "git-ssh_img","Volumes": null,"WorkingDir": "","Entrypoint": null,"OnBuild": null,"Labels": {}
    }
}
]

最佳答案

如“Can’t visit http://172.17.0.2:5000 after starting docker registry”中所述,您不能使用为container-to-container communication制作的内部IP.

您需要使用$(docker-machine ip< yourMachine>)返回的IP来实际ping通运行容器的机器.

更新2017年2月,docker 1.13：kboom kboom,现在你有Docker for Mac使用轻量级管理程序(HyperKit),它允许绑定到localhost(但你仍然无法访问内部地址).

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!