Docker中的ElasticSearch java.net.NoRouteToHostException

 
[2015-10-11 13:08:26,587][WARN ][transport.netty ] [Joseph] exception caught on transport layer [[id: 0x7e9f652b]], closing connection java.net.NoRouteToHostException: No route to host at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method) at sun.nio.ch.SocketChannelImpl.finishConnect(Unknown Source) at org.elasticsearch.common.netty.channel.socket.nio.NioClientBoss.connect(NioClientBoss.java:152) at org.elasticsearch.common.netty.channel.socket.nio.NioClientBoss.processSelectedKeys(NioClientBoss.java:105) at org.elasticsearch.common.netty.channel.socket.nio.NioClientBoss.process(NioClientBoss.java:79) at org.elasticsearch.common.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337) at org.elasticsearch.common.netty.channel.socket.nio.NioClientBoss.run(NioClientBoss.java:42) at org.elasticsearch.common.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

在Docker中启动elasticsearch时得到这个exception(其实我在CentOS7 docker主机中只有这个问题)

首先,我的Dockefile公开UDP端口。 

 EXPOSE 9200 9300/udp 9301/udp 9302/udp 9303/udp 9304/udp 9305/udp

当我启动Docker容器时,我通过-p 9200:9200 -p 9300:9300/udp -p 9301:9301/udp -p 9302:9302/udp -p 9303:9303/udp -p 9304:9304/udp -p 9305:9305/udp打开了这些端口-p 9200:9200 -p 9300:9300/udp -p 9301:9301/udp -p 9302:9302/udp -p 9303:9303/udp -p 9304:9304/udp -p 9305:9305/udp

docker ps ,我看到这些端口打开为0.0.0.0:9300-9305->9300-9305/udp

这里是我的elasticsearch.yml一些行 

 cluster.name: changsha discovery.zen.ping.unicast.hosts: [ "10.0.5.241" ] network.publish_host: 10.0.5.241

10.0.5.241是我的docker主机的IP地址。 请问这里有什么问题? 它在CentOS6主机上成功,但在CentOS7主机上失败。

UPDATE

在这个答案之后 ,我从tcpdump -p -nn icmp得到以下结果。 

 09:26:53.277117 IP 10.0.5.241 > 172.17.0.8: ICMP host 10.0.5.241 unreachable - admin prohibited, length 68 09:26:53.277494 IP 10.0.5.241 > 172.17.0.8: ICMP host 10.0.5.241 unreachable - admin prohibited, length 68 09:26:53.277822 IP 10.0.5.241 > 172.17.0.8: ICMP host 10.0.5.241 unreachable - admin prohibited, length 68 09:26:53.278043 IP 10.0.5.241 > 172.17.0.8: ICMP host 10.0.5.241 unreachable - admin prohibited, length 68 09:26:54.277753 IP 10.0.5.241 > 172.17.0.8: ICMP host 10.0.5.241 unreachable - admin prohibited, length 68 09:27:04.280703 IP 10.0.5.241 > 172.17.0.8: ICMP host 10.0.5.241 unreachable - admin prohibited, length 68

首先找出docker接口的ip地址 

 # ifconfig docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.42.1 netmask 255.255.0.0 broadcast 0.0.0.0 ether 56:84:7a:fe:97:99 txqueuelen 0 (Ethernet) RX packets 115761 bytes 12605533 (12.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 55687 bytes 22647938 (21.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

然后将所有docker的IP地址添加到白名单中 

 firewall-cmd --permanent --zone=trusted --add-source=172.17.0.0/16 firewall-cmd --reload

问题解决了

Interesting Posts

Web3j无法从Docker容器连接

Docker错误运行镜像hyperkube-amd64:v1.7.0

卡蒙,统计,格拉法纳磁盘空间

rabbitmq工人继续下线

docker exec在cron中不起作用

下载Github使用wget / curl构build工件(发布)

CoreOS的Docker端口绑定行为

docker工人运行的解决方法“–env-file”提供的文件未按预期进行评估

窗户10泊坞窗kitematic设置错误

在Docker中执行python脚本