我有两个从docker compose运行的docker:
version: "3"
services:
sqa:
image: sqa
ports:
- "80:80"
hostname: sqa
networks:
- robottest_net
tty: true
slave:
image: slave
ports:
- "8270:8270"
hostname: slave
cap_add:
- ALL
privileged: false
networks:
- robottest_net
networks:
robottest_net:
两个镜像都基于 centos7。在从属服务器上安装了默认设置的防火墙服务,入口点是 /usr/sbin/init
从 sqa 我可以 ping 从属设备,但是从从属设备则不能。
ping: sqa: Name or service not known
如何配置firewalld centos docker 镜像来解决问题或者也许docker compose需要改变?
来自 /var/log/firewalld 的日志
2019-02-06 15:46:25 WARNING: ip6tables not usable, disabling IPv6 firewall.
2019-02-06 15:46:25 WARNING: ebtables not usable, disabling ethernet bridge firewall.
细节:
我发现了更多描述的问题但尚未解决:https://github.com/moby/moby/issues/35095
如果有人知道,请帮忙
解决方法:
在从属服务启动时添加 Google DNS:
echo "nameserver 8.8.4.4" >> /etc/resolv.conf
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
并在 yaml 中为 sqa 和从属添加静态 IP,然后将其用于从属
extra_hosts:
- "sqa:172.127.0.2"