Windows Container群集发布端口,不能访问

我使用Windows容器,并尝试创builddocker群,我创build三个虚拟机使用hyper-v,而每个操作系统是Windows服务器2016.这里的机器ip是:

windocker211 192.168.1.211 windocker212 192.168.1.212 windocker219 192.168.1.219 

docker群节点是:

 PS C:\ConsoleZ> docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS 4c0g0o0uognheugw4do1a1h7y windocker212 Ready Active bbxot0c8zijq7xw4lm86svgwp * windocker219 Ready Active Leader wftwpiqpqpbqfdvgenn787psj windocker211 Ready Active 

我创build使用命令:

 docker service create --name=demo5 -p 5005:5005 --replicas 6 192.168.1.245/cqgis/wintestcore:0.6 

docker图像是asp.net核心应用程序,Dockerfile是:

 FROM 192.168.1.245/win/aspnetcore-runtime:1.1.2 COPY . /app WORKDIR /app ENV ASPNETCORE_URLS http://*:5005 EXPOSE 5005/tcp ENTRYPOINT ["dotnet", "dotnetcore.dll"] 

那么它创造了成功:

 PS C:\ConsoleZ> docker service ls ID NAME MODE REPLICAS IMAGE PORTS omhu7e0vo96s demo5 replicated 6/6 192.168.1.245/cqgis/wintestcore:0.6 *:5005->5005/tcp PS C:\ConsoleZ> docker service ps demo5 ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS 8pihnak9a2ei demo5.1 192.168.1.245/cqgis/wintestcore:0.6 windocker212 Running Running 59 seconds ago ut3f3b9giu4w demo5.2 192.168.1.245/cqgis/wintestcore:0.6 windocker219 Running Running 47 seconds ago iy1xjevt67yl demo5.3 192.168.1.245/cqgis/wintestcore:0.6 windocker211 Running Running about a minute ago q7f1gnbwslr3 demo5.4 192.168.1.245/cqgis/wintestcore:0.6 windocker212 Running Running about a minute ago 8zewaktcu32h demo5.5 192.168.1.245/cqgis/wintestcore:0.6 windocker219 Running Running about a minute ago xq820kqwf3v9 demo5.6 192.168.1.245/cqgis/wintestcore:0.6 windocker211 Running Running 55 seconds ago 

但我的问题是我不能访问本网站

 http://192.168.1.219:5005/ http://192.168.1.219:5005/ http://192.168.1.219:5005/ 

当我使用命令

 docker run -it -p 5010:5005 192.168.1.245/cqgis/wintestcore:0.6 

我可以使用http://192.168.1.219:5010/获得正确的结果

我的docker信息是

 PS C:\ConsoleZ> docker info Containers: 4 Running: 3 Paused: 0 Stopped: 1 Images: 5 Server Version: 17.06.0-ce-rc1 Storage Driver: windowsfilter Windows: Logging Driver: json-file Plugins: Volume: local Network: l2bridge l2tunnel nat null overlay transparent Log: awslogs etwlogs fluentd json-file logentries splunk syslog Swarm: active NodeID: bbxot0c8zijq7xw4lm86svgwp Is Manager: true ClusterID: 32vsgwrbn6ihvpevly71gkgxk Managers: 1 Nodes: 3 Orchestration: Task History Retention Limit: 5 Raft: Snapshot Interval: 10000 Number of Old Snapshots to Retain: 0 Heartbeat Tick: 1 Election Tick: 3 Dispatcher: Heartbeat Period: 5 seconds CA Configuration: Expiry Duration: 3 months Force Rotate: 0 Root Rotation In Progress: false Node Address: 192.168.1.219 Manager Addresses: 192.168.1.219:2377 Default Isolation: process Kernel Version: 10.0 14393 (14393.1198.amd64fre.rs1_release_sec.170427-1353) Operating System: Windows Server 2016 Datacenter OSType: windows Architecture: x86_64 CPUs: 8 Total Memory: 2.89GiB Name: windock219 ID: 7AOY:OT6V:BTJV:NCHA:3OF5:5WR5:K2YR:CFG3:VXLD:QTMD:GA3D:ZFJ2 Docker Root Dir: C:\ProgramData\docker Debug Mode (client): false Debug Mode (server): true File Descriptors: -1 Goroutines: 297 System Time: 2017-06-04T19:58:20.7582294+08:00 EventsListeners: 2 Registry: https://index.docker.io/v1/ Experimental: true Insecure Registries: 192.168.1.245 127.0.0.0/8 Live Restore Enabled: false 

我相信你需要以“主机”模式发布端口(docs.microsoft.com/en-us/virtualization/windowscontainers/…)。 此外,它将是运行容器和主机之间的一对一端口映射,因此您将无法在同一端口上运行多个容器。 路由网格不能在Windows上工作。

Docker for Windows容器和Docker for Linux之间的networking存在一些差异。 Windows Containers使用HyperVnetworking技术来提供Docker使用的虚拟networkingfunction。 从那里有一些限制,不像你所期望的那样工作,或者在标准的Docker文档中find。

  • 首先,您不能通过使用回溯地址(127.0.0.1)或主机地址(192.168.1.xxx)访问在容器内运行的Web端。您必须始终从远程机器调用它。
  • 我看到你在Dockerfile中使用了expose命令。 这并不是自我解释,而是暴露在任何其他networking中的端口,然后是主机或入口networking。 如果在非群体configuration中这样做,这不是问题,但它在群体中不起作用。 我build议删除Expose命令。
  • Windowsnetworking有一些未解决的问题。 有时在容器重新启动后端口仍然在使用中。 例如,主机系统重启后。 [ https://github.com/moby/moby/issues/21558%5D [1 ]

有了这个脚本,你可以删除所有的虚拟networking设置:

 Stop-Service docker Get-ContainerNetwork | Remove-ContainerNetwork Get-NetNat | Remove-NetNat Get-VMSwitch | Remove-VMSwitch Start-Service docker