docker集装箱networking/ DNS /防火墙问题

我在公司虚拟机上运行docker,主机虚拟机的操作系统是CentOS 6.7

我面对的问题类似于常见的DNS问题,但我无法find任何解决scheme。

所以…我开始docker容器运行像这样的python图像:

docker run -it python:2.7 bash 

然后我可以运行ping -c 4 www.google.com

 root@46120eb4eacf:/# ping -c 4 www.google.com PING www.google.com (74.125.239.50): 56 data bytes 64 bytes from 74.125.239.50: icmp_seq=0 ttl=56 time=2.371 ms 64 bytes from 74.125.239.50: icmp_seq=1 ttl=56 time=2.264 ms 64 bytes from 74.125.239.50: icmp_seq=2 ttl=56 time=2.245 ms 64 bytes from 74.125.239.50: icmp_seq=3 ttl=56 time=2.385 ms --- www.google.com ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/stddev = 2.245/2.316/2.385/0.062 ms 

这是非常好的。 但是,当我试图运行curl命令,它卡住了

 curl http://www.google.com --verbose * Rebuilt URL to: http://www.google.com/ * Hostname was NOT found in DNS cache * Trying 74.125.239.51... * Connected to www.google.com (74.125.239.51) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.38.0 > Host: www.google.com > Accept: */* > 

同样的事情发生时,我在python shell中的http请求:

 root@46120eb4eacf:/# python Python 2.7.10 (default, Oct 14 2015, 11:36:56) [GCC 4.9.2] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import urllib2 >>> urllib2.urlopen("http://www.google.com").read() 

但是, pip install运行没有问题

 root@7fd68dd1f74b:/# pip install Django Collecting Django Downloading Django-1.8.5-py2.py3-none-any.whl (6.2MB) 100% |████████████████████████████████| 6.2MB 61kB/s Installing collected packages: Django Successfully installed Django-1.8.5 

我注意到的另一个问题是,当我拔出一个Ubuntu映像,并试图运行apt-get update ,它也卡住了,不知道是否相关。

我可以得到这个工作的唯一方法是添加--net=host到docker运行命令。 还有一些关于主机的其他信息:

 uname -a Linux presidio-client00 2.6.32-573.7.1.el6.x86_64 #1 SMP Tue Sep 22 22:00:00 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux docker version Client version: 1.7.1 Client API version: 1.19 Go version (client): go1.4.2 Git commit (client): 786b29d OS/Arch (client): linux/amd64 Server version: 1.7.1 Server API version: 1.19 Go version (server): go1.4.2 Git commit (server): 786b29d OS/Arch (server): linux/amd64 docker info Containers: 27 Images: 23 Storage Driver: devicemapper Pool Name: docker-252:3-2095948-pool Pool Blocksize: 65.54 kB Backing Filesystem: extfs Data file: /dev/loop0 Metadata file: /dev/loop1 Data Space Used: 1.529 GB Data Space Total: 107.4 GB Data Space Available: 44.33 GB Metadata Space Used: 3.666 MB Metadata Space Total: 2.147 GB Metadata Space Available: 2.144 GB Udev Sync Supported: true Deferred Removal Enabled: false Data loop file: /var/lib/docker/devicemapper/devicemapper/data Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata Library Version: 1.02.95-RHEL6 (2015-09-08) Execution Driver: native-0.2 Logging Driver: json-file Kernel Version: 2.6.32-573.7.1.el6.x86_64 Operating System: <unknown> CPUs: 1 Total Memory: 1.832 GiB Name: presidio-client00 ID: ZCIY:EKUA:OF52:3N6Z:YDQB:5Z2Y:CDNO:NE2U:ZOBT:6C67:BB5W:KLST Debug mode (server): true File Descriptors: 11 Goroutines: 15 System Time: 2015-10-23T14:04:10.337394645-07:00 EventsListeners: 0 Init SHA1: 4193d771605617409a8d2578127b8fbd5754e969 Init Path: /usr/libexec/docker/dockerinit Docker Root Dir: /var/lib/docker 

在这样一个老的CentOS(6.7,内核2.6.32)上运行docker可能不完全支持。

Docker有一个安装页面… CentOS 7.x(内核3.10以上) 。

这可能解释连接问题(从容器内)