记一次docker容器映射宿主机端口后无法访问的问题及处理过程
1、问题现象
docker 容器正确启动后,查看宿主机端口已经监听,可以telnet通。但是本地curl127.0.0.1返回 curl: (56) Recv failure: Connection reset by peer
docker启动命令 docker run -d -p 8083:8080 --name=tomcat1 345867df0879
宿主机:防火墙、selinux都已经关闭, ipv4转发已经打开。
容器内:tomcat已经正常监听8080端口,监听地址为0.0.0.0:8080,允许其他机器访问。且可以正常访问tomcat
截图如下:
2、处理过程
尝试更换docker版本19、18都一样,本机安装的是20
搜索各种解决办法,没有相同情况。最后找到一篇介绍删除并重新添加docker0网桥,解决问题
(1)停止容器并停止docker服务
(2)重建docker0网桥
[root@localhost ~]# yum install bridge-utils -y
[root@localhost ~]# ip link set dev docker0 down
[root@localhost ~]# brctl delbr docker0
[root@localhost ~]# brctl addbr docker0
[root@localhost ~]# ip addr add 172.16.10.1/24 dev docker0
[root@localhost ~]# ip link set dev docker0 up
[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:15:5d:f0:68:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.137.129/24 brd 192.168.137.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::215:5dff:fef0:6800/64 scope link
valid_lft forever preferred_lft forever
16: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 3a:6d:40:45:b4:5a brd ff:ff:ff:ff:ff:ff
inet 172.16.10.1/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::386d:40ff:fe45:b45a/64 scope link
valid_lft forever preferred_lft forever
(3)重新启动docker服务和容器。验证可以正常访问。
结论:docker0网桥与宿主机网络通信问题,或者容器与docker0网桥通信问题。具体原因待进一步探究。