主机 DNS 无法与 docker 容器配合使用

主机 DNS 无法与 docker 容器配合使用

我的 archlinux 内核上的 docker 出现了问题Linux 4.19.31-1-lts #1 SMP Sun Mar 24 09:29:16 CET 2019 x86_64 GNU/Linux

$ docker info返回 :

$ docker info                                                                                                                                                                       
Containers: 46
 Running: 0
 Paused: 0
 Stopped: 46
Images: 1
Server Version: 18.09.3-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: bb71b10fd8f58240ca47fbb579b9d1028eea7c84.m
runc version: ccb5efd37fb7c86364786e9137e22948751de7ed-dirty
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 4.19.31-1-lts
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.54GiB
Name: kermipc
ID: 5HFD:A2HY:5RBD:OK2D:OQ2R:KQFY:AW6F:MNES:CAX4:O2NC:2NXO:OOGX
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

$ ip a看起来像 :

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 38:2c:4a:be:1d:d0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.10/24 brd 192.168.1.255 scope global dynamic noprefixroute enp3s0
       valid_lft 82509sec preferred_lft 82509sec
    inet6 2a01:cb1c:556:7f00:39c4:7c42:ae64:a6d4/64 scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 1749sec preferred_lft 549sec
    inet6 fe80::3a2c:4aff:febe:1dd0/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
66: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:db:68:f0:17 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever

Docker 已正确桥接:

$ docker run alpine ping 8.8.8.8                                                                                                                                                           
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=119 time=2.012 ms
64 bytes from 8.8.8.8: seq=1 ttl=119 time=1.910 ms
64 bytes from 8.8.8.8: seq=2 ttl=119 time=5.877 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 1.910/3.266/5.877 ms

但 DNS 不起作用:

$ docker run alpine ping google.com                                                                                                                                                        
ping: bad address 'google.com'

/etc/dnsmasq.conf看起来像 :

address=/local.lan/127.0.0.1
user=nobody
group=nobody
no-dhcp-interface=
# listen-address=127.0.0.1,172.18.0.1
interface=lo
interface=docker0
bind-interfaces
log-dhcp
log-queries
log-facility=/var/log/dnsmasq.log

/etc/resolv.conf看起来像 :

#Generated by NetworkManager
search 8.8.4.4
nameserver 192.168.1.1
nameserver 127.0.0.1
nameserver 172.18.0.1

当我执行此操作时,docker run alpine ping google.com我可以通过日志文件看到 dnsmasq 正确解析了 dns。有什么想法吗?

编辑1:

docker run --rm -it alpine cat /etc/resolv.conf说 :

# Generated by NetworkManager
search 8.8.4.4
nameserver 192.168.1.1
nameserver 172.18.0.1

答案1

看起来您忘记在 Docker 网络上配置 IPv6。

你是对的,我所有的问题都消失了,解决方案是:

删除/etc/dhcpcd.conf或评论:

noipv4ll

然后重新启动docker:

sudo systemctl restart docker

相关内容