Docker容器DNS问题。让我们加密ghcr.io/linuxserver/swag
Docker容器DNS问题。让我们加密ghcr.io/linuxserver/swag
提问于 2021-05-03 16:34:51
早上好,我在Docker容器中遇到了DNS问题。它不会解析任何名称,但会解析所有IP。您可以通过执行(更改URL=MY_URL)来重现此问题:
docker run -d --name=swag5 --cap-add=NET_ADMIN -e PUID=1000 -e PGID=1000 -e TZ=Europe/London -e URL=MY_URL -e SUBDOMAINS=www, -e VALIDATION=http -p 443:443 -v /root/letsencrypt/templates:/config --restart unless-stopped ghcr.io/linuxserver/swag --add-host="acme-v02.api.letsencrypt.org:104.99.248.78" -e STAGING=true -e EMAIL=MY_EMAIL@MY_COMPANY.onmicrosoft.com -e DNSPLUGIN=digitalocean主机完美地解决了机器“acme-v02.api.letscrypt.org”。
我尝试过的东西:
我已经尝试在主机的daemon.json中更改域名系统,但仍然不起作用
/etc/docker/daemon.json (before 8.8.8.8)
{
"dns": ["169.53.182.120 "," 176.9.1.117","194.224.52.37","8.8.8.8"]
}我尝试在运行过程中手动添加主机:- add -host =“acme-v02.api.letscrypt.org:104.99.248.78”
我已尝试将端口53 (DNS,域名系统)添加到防火墙。
我还暂时禁用了fw。
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp LIMIT Anywhere
2375/tcp ALLOW Anywhere
2376/tcp ALLOW Anywhere
25060 ALLOW Anywhere
53 ALLOW Anywhere
443 ALLOW Anywhere
22/tcp (v6) LIMIT Anywhere (v6)
2375/tcp (v6) ALLOW Anywhere (v6)
2376/tcp (v6) ALLOW Anywhere (v6)
25060 (v6) ALLOW Anywhere (v6)
53 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
80/tcp ALLOW FWD Anywhere
80/tcp (v6) ALLOW FWD Anywhere (v6)我尝试设置选项DNSPLUGIN = digitalocean:机器在digitalocean (云中机器的提供商)中
/etc/resolv.conf (容器,最初仅->8.8.8.8)
nameserver 169.53.182.120
nameserver 176.9.1.117
nameserver 194.224.52.37
nameserver 8.8.8.8ip地址(主机-Ubuntu 20)
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 2a:0e:fc:97:57:ce brd ff:ff:ff:ff:ff:ff
inet XXX.XX.XXX.XX/20 brd XXX.XX.XXX.XXX scope global eth0
valid_lft forever preferred_lft forever
inet 10.19.0.7/16 brd 10.19.255.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 XXX::280e:XXXX:fe97:XXXX/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether XX:e0:5c:d4:XX:1f brd ff:ff:ff:ff:ff:ff
inet 10.XXX.0.9/20 brd 10.XXX.15.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::XXXX:5cff:fed4:81f/64 scope link
valid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:XX:f6:3e:bb brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:3fff:fef6:3ebb/64 scope link
valid_lft forever preferred_lft foreverip地址(容器)
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
35: eth0@if36: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft foreverroot@f63f87fb8f:/# nslookup google.com ;;连接超时,无法连接到任何服务器
nameserver 8.8.8.8
nameserver 8.8.4.4有什么想法吗?谢谢!!
回答 1
Stack Overflow用户
发布于 2021-05-03 23:52:02
在我的例子中,问题是我没有在防火墙上打开传出UDP端口53。
谢谢大家!
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/67365850
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号