为什么 api.nuget.org 无法在我的 docker-compose devcontainer 中解析?

为什么 api.nuget.org 无法在我的 docker-compose devcontainer 中解析?

我正在运行 Windows Subsystem for Linux v2 和 Ubuntu 20.04。在我的 WSL 中,我正在运行基于docker-from-docker-compose 容器。我无法从我的开发容器中解析 api.nuget.org,但在其他地方它工作正常。我也可以 ping 开发容器内的其他域,只有这个失败了。在网络方面,我几乎是个初学者,所以我在寻求一些如何调试它的帮助。过去一天我读了很多书,试图缩小问题范围,但我又提出了更多问题。以下是我研究过的一些事情:

  • 讨论了很多解决方案这个 GitHub 问题,但它们都不适合我
  • 我尝试使用各种命令行工具进行查询,例如dig,,......事情变得有点奇怪:当我从我的 WSL bash shell 运行时,我得到了这个nslookuphostdig +trace api.nuget.org
$ dig +trace api.nuget.org

; <<>> DiG 9.16.1-Ubuntu <<>> +trace api.nuget.org
;; global options: +cmd
.                       165287  IN      NS      g.root-servers.net.
.                       165287  IN      NS      h.root-servers.net.
.                       165287  IN      NS      a.root-servers.net.
.                       165287  IN      NS      i.root-servers.net.
.                       165287  IN      NS      j.root-servers.net.
.                       165287  IN      NS      k.root-servers.net.
.                       165287  IN      NS      l.root-servers.net.
.                       165287  IN      NS      m.root-servers.net.
.                       165287  IN      NS      b.root-servers.net.
.                       165287  IN      NS      c.root-servers.net.
.                       165287  IN      NS      d.root-servers.net.
.                       165287  IN      NS      e.root-servers.net.
.                       165287  IN      NS      f.root-servers.net.
;; Received 811 bytes from 172.24.176.1#53(172.24.176.1) in 20 ms

org.                    172800  IN      NS      a0.org.afilias-nst.info.
org.                    172800  IN      NS      a2.org.afilias-nst.info.
org.                    172800  IN      NS      b0.org.afilias-nst.org.
org.                    172800  IN      NS      b2.org.afilias-nst.org.
org.                    172800  IN      NS      c0.org.afilias-nst.info.
org.                    172800  IN      NS      d0.org.afilias-nst.org.
org.                    86400   IN      DS      26974 8 2 4FEDE294C53F438A158C41D39489CD78A86BEB0D8A0AEAFF14745C0D 16E1DE32
org.                    86400   IN      RRSIG   DS 8 1 86400 20220608050000 20220526040000 47671 . DcP0H0m+uUbKqzYeO8vmGSeU4Ax1AzmdFTBvZl2PmrbkwFLoZTIP79Jn e4S4IIw9zAb2ZBwg5MOC634Q02HJW9znOMPclnT3T0OYbxQZumUZhcJK 3hw2Nf0fuYCzDgau72J8kXQU10CYgpRfY0chh21L11yaWn7m9Allwv9a fn2+FU6O6JhvHW8N+bOjVocqwLsPoUwqTSV/YtxAqKR00fAwaNhUT2lx BFdd3aZpYqNnypcYb96kVCX9eF81z53Bu8hOZDzr7p5IazzF+qFxGB1u G0Pi+WPFR5qOYu0d+7kHQ5HDnraDD7QEGX5kx5RmO7r1lKIX8DYiYAjt IPN3+w==
;; Received 779 bytes from 192.58.128.30#53(j.root-servers.net) in 80 ms

nuget.org.              86400   IN      NS      ns4-205.azure-dns.info.
nuget.org.              86400   IN      NS      ns1-205.azure-dns.com.
nuget.org.              86400   IN      NS      ns2-205.azure-dns.net.
nuget.org.              86400   IN      NS      ns3-205.azure-dns.org.
1i870vj5h429vj9pci7ar6e9gki74tr7.org. 86400 IN NSEC3 1 1 10 332539EE7F95C32A 1I87R64GAJU4O91MHKBU7I9EKBS7K8UT NS SOA RRSIG DNSKEY NSEC3PARAM
1i870vj5h429vj9pci7ar6e9gki74tr7.org. 86400 IN RRSIG NSEC3 8 2 86400 20220616154216 20220526144216 15843 org. juD6urMvH8mrHHkmAX7sFcQOs3ffqjJ2m5TppBSxCMFlSCHOEyEQT/Hg KpqL3TeoLBmvUi89Z3xSH78EQZGcWXNW5Rq2j5fIRNDMt9t2ePjftEPC 2lIiR4CkHgSGjTlfvaHvnCGUVJ2oXTEtu4Jgjh7Mm3GYXn9dqszel1wA 4BI=
pnnnukt76t98parmvalihebtso9erf6p.org. 86400 IN NSEC3 1 1 10 332539EE7F95C32A PNNSJA6RL8J0AOQQ1NMHT3IUVLTC4CEN NS DS RRSIG
pnnnukt76t98parmvalihebtso9erf6p.org. 86400 IN RRSIG NSEC3 8 2 86400 20220615152234 20220525142234 15843 org. rjaBgwKLles40lIIDm+K3iN49tFJ5gFRMLW5WMAjzN9dMDFj/Hribwxi ZMmt6L1GOgDxwBEA9SX0TVQb9RbGztyoeEiIIMytcx4dah5QnuaSKTOg cVCv+U6G6Hvix8+/yE1vSbDKcE8/RvDI2L8v0s+Ve0/oNd195Mb/9LoI mZw=
;; Received 697 bytes from 199.19.54.1#53(b0.org.afilias-nst.org) in 210 ms

api.nuget.org.          300     IN      CNAME   nugetapiprod.trafficmanager.net.
;; Received 87 bytes from 13.107.24.205#53(ns3-205.azure-dns.org) in 50 ms

这与我在开发容器内运行它时得到的结果几乎相同:

$ dig +trace api.nuget.org

; <<>> DiG 9.16.1-Ubuntu <<>> +trace api.nuget.org
;; global options: +cmd
.                       165234  IN      NS      k.root-servers.net.
.                       165234  IN      NS      l.root-servers.net.
.                       165234  IN      NS      m.root-servers.net.
.                       165234  IN      NS      b.root-servers.net.
.                       165234  IN      NS      c.root-servers.net.
.                       165234  IN      NS      d.root-servers.net.
.                       165234  IN      NS      e.root-servers.net.
.                       165234  IN      NS      f.root-servers.net.
.                       165234  IN      NS      g.root-servers.net.
.                       165234  IN      NS      h.root-servers.net.
.                       165234  IN      NS      a.root-servers.net.
.                       165234  IN      NS      i.root-servers.net.
.                       165234  IN      NS      j.root-servers.net.
;; Received 811 bytes from 127.0.0.11#53(127.0.0.11) in 20 ms

org.                    172800  IN      NS      a0.org.afilias-nst.info.
org.                    172800  IN      NS      a2.org.afilias-nst.info.
org.                    172800  IN      NS      b0.org.afilias-nst.org.
org.                    172800  IN      NS      b2.org.afilias-nst.org.
org.                    172800  IN      NS      c0.org.afilias-nst.info.
org.                    172800  IN      NS      d0.org.afilias-nst.org.
org.                    86400   IN      DS      26974 8 2 4FEDE294C53F438A158C41D39489CD78A86BEB0D8A0AEAFF14745C0D 16E1DE32
org.                    86400   IN      RRSIG   DS 8 1 86400 20220608050000 20220526040000 47671 . DcP0H0m+uUbKqzYeO8vmGSeU4Ax1AzmdFTBvZl2PmrbkwFLoZTIP79Jn e4S4IIw9zAb2ZBwg5MOC634Q02HJW9znOMPclnT3T0OYbxQZumUZhcJK 3hw2Nf0fuYCzDgau72J8kXQU10CYgpRfY0chh21L11yaWn7m9Allwv9a fn2+FU6O6JhvHW8N+bOjVocqwLsPoUwqTSV/YtxAqKR00fAwaNhUT2lx BFdd3aZpYqNnypcYb96kVCX9eF81z53Bu8hOZDzr7p5IazzF+qFxGB1u G0Pi+WPFR5qOYu0d+7kHQ5HDnraDD7QEGX5kx5RmO7r1lKIX8DYiYAjt IPN3+w==
;; Received 779 bytes from 192.5.5.241#53(f.root-servers.net) in 20 ms

nuget.org.              86400   IN      NS      ns1-205.azure-dns.com.
nuget.org.              86400   IN      NS      ns4-205.azure-dns.info.
nuget.org.              86400   IN      NS      ns2-205.azure-dns.net.
nuget.org.              86400   IN      NS      ns3-205.azure-dns.org.
1i870vj5h429vj9pci7ar6e9gki74tr7.org. 86400 IN NSEC3 1 1 10 332539EE7F95C32A 1I87R64GAJU4O91MHKBU7I9EKBS7K8UT NS SOA RRSIG DNSKEY NSEC3PARAM
1i870vj5h429vj9pci7ar6e9gki74tr7.org. 86400 IN RRSIG NSEC3 8 2 86400 20220616154354 20220526144354 15843 org. J6jAHAorvmIVRWSZ0ew21ooNKkUhCsaMowR5qs+1uqJeCVAZEESSP9RW r7UiYCxXctu2dYIu2QRhypmvhIy4Ek3NXyOrIw3Cc8Ie3ndmG6wp+Ny3 T/IB7KolSZk755VzJd13dmbPSyzeifpdW92h8mCUPJU1RQeffDSciaIQ Ok8=
pnnnukt76t98parmvalihebtso9erf6p.org. 86400 IN NSEC3 1 1 10 332539EE7F95C32A PNNSJA6RL8J0AOQQ1NMHT3IUVLTC4CEN NS DS RRSIG
pnnnukt76t98parmvalihebtso9erf6p.org. 86400 IN RRSIG NSEC3 8 2 86400 20220615152234 20220525142234 15843 org. rjaBgwKLles40lIIDm+K3iN49tFJ5gFRMLW5WMAjzN9dMDFj/Hribwxi ZMmt6L1GOgDxwBEA9SX0TVQb9RbGztyoeEiIIMytcx4dah5QnuaSKTOg cVCv+U6G6Hvix8+/yE1vSbDKcE8/RvDI2L8v0s+Ve0/oNd195Mb/9LoI mZw=
;; Received 697 bytes from 199.19.56.1#53(a0.org.afilias-nst.info) in 190 ms

api.nuget.org.          300     IN      CNAME   nugetapiprod.trafficmanager.net.
;; Received 87 bytes from 40.90.4.205#53(ns1-205.azure-dns.com) in 50 ms

但是,当我nslookup -debug api.nuget.org在 WSL 中运行时,出现了以下问题:

$ nslookup -debug api.nuget.org
Server:         172.24.176.1
Address:        172.24.176.1#53

------------
    QUESTIONS:
        api.nuget.org, type = A, class = IN
    ANSWERS:
    ->  api.nuget.org
        canonical name = nugetapiprod.trafficmanager.net.
        ttl = 0
    ->  nugetapiprod.trafficmanager.net
        canonical name = apiprod-mscdn.azureedge.net.
        ttl = 0
    ->  apiprod-mscdn.azureedge.net
        canonical name = apiprod-mscdn.afd.azureedge.net.
        ttl = 0
    ->  apiprod-mscdn.afd.azureedge.net
        canonical name = star-azureedge-prod.trafficmanager.net.
        ttl = 0
    ->  star-azureedge-prod.trafficmanager.net
        canonical name = dual.part-0043.t-0009.t-msedge.net.
        ttl = 0
    ->  dual.part-0043.t-0009.t-msedge.net
        canonical name = part-0043.t-0009.t-msedge.net.
        ttl = 0
    ->  part-0043.t-0009.t-msedge.net
        internet address = 13.107.213.71
        ttl = 0
    ->  part-0043.t-0009.t-msedge.net
        internet address = 13.107.246.71
        ttl = 0
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Non-authoritative answer:
api.nuget.org   canonical name = nugetapiprod.trafficmanager.net.
nugetapiprod.trafficmanager.net canonical name = apiprod-mscdn.azureedge.net.
apiprod-mscdn.azureedge.net     canonical name = apiprod-mscdn.afd.azureedge.net.
apiprod-mscdn.afd.azureedge.net canonical name = star-azureedge-prod.trafficmanager.net.
star-azureedge-prod.trafficmanager.net  canonical name = dual.part-0043.t-0009.t-msedge.net.
dual.part-0043.t-0009.t-msedge.net      canonical name = part-0043.t-0009.t-msedge.net.
Name:   part-0043.t-0009.t-msedge.net
Address: 13.107.213.71
Name:   part-0043.t-0009.t-msedge.net
Address: 13.107.246.71
------------
    QUESTIONS:
        part-0043.t-0009.t-msedge.net, type = AAAA, class = IN
    ANSWERS:
    ->  part-0043.t-0009.t-msedge.net
        has AAAA address 2620:1ec:46::71
        ttl = 0
    ->  part-0043.t-0009.t-msedge.net
        has AAAA address 2620:1ec:bdf::71
        ttl = 0
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Name:   part-0043.t-0009.t-msedge.net
Address: 2620:1ec:46::71
Name:   part-0043.t-0009.t-msedge.net
Address: 2620:1ec:bdf::71

而这是我从开发容器中获得的:

$ nslookup -debug api.nuget.org
Server:         127.0.0.11
Address:        127.0.0.11#53

------------
    QUESTIONS:
        api.nuget.org, type = A, class = IN
    ANSWERS:
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Non-authoritative answer:
------------
    QUESTIONS:
        api.nuget.org, type = AAAA, class = IN
    ANSWERS:
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
*** Can't find api.nuget.org: No answer
  • /etc/nsswitch.conf我的 WSL 和我的开发容器之间的唯一区别是systemd条目,但它看起来像这样:
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         files systemd
group:          files systemd
shadow:         files
gshadow:        files

hosts:          files dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis
  • 这是/etc/hosts在我的 WSL 上的情况:
$ cat /etc/hosts
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateHosts = false
127.0.0.1       localhost
127.0.1.1       <REDACTED - computer name>

74.121.<REDACTED>   <REDACTED - corporate server>
192.168.0.170   host.docker.internal
192.168.0.170   gateway.docker.internal
127.0.0.1       kubernetes.docker.internal

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

这是我/etc/hosts的开发容器中的情况:

$ cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.19.0.2      1376e18baa2d
  • 这是我/etc/resolv.conf在 WSL 上的情况:
$ cat /etc/resolv.conf
# This file was automatically generated by WSL. To stop automatic generation of this file, add the following entry to /etc/wsl.conf:
# [network]
# generateResolvConf = false
nameserver 172.24.176.1

这是我的/etc/resolv.conf开发容器:

$ cat /etc/resolv.conf 
nameserver 127.0.0.11
options ndots:0
  • 如上所述,我可以在我的开发容器上解析其他域名,例如 google.com:
$ dig +trace google.com

; <<>> DiG 9.16.1-Ubuntu <<>> +trace google.com
;; global options: +cmd
.                       164561  IN      NS      d.root-servers.net.
.                       164561  IN      NS      e.root-servers.net.
.                       164561  IN      NS      f.root-servers.net.
.                       164561  IN      NS      g.root-servers.net.
.                       164561  IN      NS      h.root-servers.net.
.                       164561  IN      NS      a.root-servers.net.
.                       164561  IN      NS      i.root-servers.net.
.                       164561  IN      NS      j.root-servers.net.
.                       164561  IN      NS      k.root-servers.net.
.                       164561  IN      NS      l.root-servers.net.
.                       164561  IN      NS      m.root-servers.net.
.                       164561  IN      NS      b.root-servers.net.
.                       164561  IN      NS      c.root-servers.net.
;; Received 811 bytes from 127.0.0.11#53(127.0.0.11) in 20 ms

com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    86400   IN      DS      30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20220608050000 20220526040000 47671 . U/z96yxHnZx3nwEda11jaJom4DJC7fOBt4zsn8fC5ep60RfzAwMj1q8Y 4E4jRlSI28vFuiamNG2uuMAPO/lEUUYuHtYtNsHXnzBKcaDDVK1B3wCA VzEKAQwfh9knPSaD9vCRFfi7nGJWALJbKO3488gz1uBywWu7YQPDDfPp FB/whBsl7/yQihidbbNTbCfQ/oAd88bAq1eFt9tGSL6Wyf0jwp1aeWMd DuM+HcLjyR/7rtBa4YCKob3XniEn+NoavFuikKFJU1Nie1V83ZRU1Xcs OevXYQgT53P857tldjpEM/Lyp70+XgFMJXLoPCe0MfsMqoabiuIiDxyQ vUA5Mg==
;; Received 1170 bytes from 192.203.230.10#53(e.root-servers.net) in 20 ms

google.com.             172800  IN      NS      ns2.google.com.
google.com.             172800  IN      NS      ns1.google.com.
google.com.             172800  IN      NS      ns3.google.com.
google.com.             172800  IN      NS      ns4.google.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20220530082513 20220523071513 37269 com. rGFmb7KWfFWLa2wdegU/hcqoDHxSKwJUkbj6DMSYfkHrwKot/T2EROZQ RF5KJtD3Ae6u7xRPIqGft5rvKOPQD40klXtYrMmMv23rCwXaHjGkdtez HLFl8//cjwFArN7MQZlUdGqDiFDHRIFP7gj9vJ/f+E9wrZs5zmsGy/We J+5hwjAyDh+GDCvNxTnJcmsRGOVJsdPmSlL7KrTiWOMRBA==
S84BKCIBC38P58340AKVNFN5KR9O59QC.com. 86400 IN NSEC3 1 1 0 - S84BUO64GQCVN69RJFUO6LVC7FSLUNJ5 NS DS RRSIG
S84BKCIBC38P58340AKVNFN5KR9O59QC.com. 86400 IN RRSIG NSEC3 8 2 86400 20220601051858 20220525040858 37269 com. hM5qmz0t0spOwBlaXh4fROrcKNjN3urcmJ3AnAA/NCMGyMJEOKS/r+LF R3Qf3hNRB6dgCN0sL3LAfH9QDMHPbLhfgsga1jBCEjP25fvjb7QW43ey yVOSeQzBaVFdV86vhalBhkANzDNXtsnaSGuWVAbsGcXjalBa3EhcXAE2 Fnlvzyu+nRavl0R6iJEjY2hV1kJxXSJ+RWOw/HVlSWvgWQ==
;; Received 836 bytes from 192.12.94.30#53(e.gtld-servers.net) in 30 ms

google.com.             300     IN      A       142.250.68.14
;; Received 55 bytes from 216.239.38.10#53(ns4.google.com) in 80 ms
  • 当我使用 Hyper-V 驱动程序从 Docker for Windows 运行相同的开发容器(即不是从 WSL docker 运行)时,api.nuget.org 域解析得很好。此外,当我从 WSL docker 中的同一存储库运行 docker-for-docker 开发容器时,一切正常。最后,(这一点相对明显)如果我将 docker-compose 网络设置为使用“主机”网络模式,一切都会正常工作。

抱歉发了这么长的帖子,我只想提供尽可能多的信息。如果您能帮助我进行下一步调查,我将不胜感激!

相关内容