问题:
linux 排查网络问题,docker 容器跑的 http 服务可以访问,但是在宿主机运行的http无法从其他机器访问?
郏正信
linux 排查网络问题,docker 容器跑的 http 服务可以访问,但是在宿主机运行的http无法从其他机器访问?
╰─➤ docker restart rabbitmq3-management 2 ↵Error response from daemon: Cannot restart container rabbitmq3-management: driver failed programming external connectivity on endpoint rabbitmq3-management (f6bf8d5245c463e0ccdbfb5340e09d460dea3925124be09c92612a5ee5823c8e): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 15692 -j DNAT --to-destination 172.21.2.2:15692 ! -i br-ea23e34daef4: iptables: No chain/target/match by that name. (exit status 1))之前因为服务器的内存条损坏,然后强制跳过内存条自检,把服务器重新成功了,现在服务器就带病跑在,还没有新的内存条替换
if __name__ == "__main__": uvicorn.run( app='api:app', host="0.0.0.0", port=9600, workers=1, )但是服务器重启后发现了问题,我在该服务器,跑了一个 fastapi,发现在自己访问自己可以
─➤ http -v http://192.168.38.223:9600 GET / HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateConnection: keep-aliveHost: 192.168.38.223:9600User-Agent: HTTPie/2.6.0HTTP/1.1 200 OKcontent-length: 25content-type: application/jsondate: Thu, 01 Feb 2024 06:56:05 GMTserver: uvicorn{ "message": "Hello World"}但是从其他机器访问这个服务器的 fastapi 的 9600 就不行
─➤ http -v http://192.168.38.223:9600GET / HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brConnection: keep-aliveHost: 192.168.38.223:9600User-Agent: HTTPie/3.2.2HTTP/1.1 503 Service UnavailableConnection: closeContent-Length: 0Proxy-Connection: close但是其他机器访问这个服务的 docker 跑的 http 服务都是可以的
比如这个机器上用 docker 跑了一个 rabbitmq server,从其他机器访问这个 rabbitmq sever 的 15672 端口是可以的
─➤ http -v http://192.168.38.223:15672GET / HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brConnection: keep-aliveHost: 192.168.38.223:15672User-Agent: HTTPie/3.2.2HTTP/1.1 200 OKConnection: keep-aliveContent-Length: 3056Content-Security-Policy: script-src 'self' 'unsafe-eval' 'unsafe-inline'; object-src 'self'Content-Type: text/htmlDate: Thu, 01 Feb 2024 06:57:12 GMTEtag: "3550788022"Keep-Alive: timeout=4Last-Modified: Thu, 24 Aug 2023 17:56:19 GMTProxy-Connection: keep-aliveServer: CowboyVary: origin使用 netstat 查看,9600 确实是被监听着
╰─➤ netstat -tulnp 1 ↵(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)Active Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:19530 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:5601 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:5672 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:2224 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:15692 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:8929 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9200 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9091 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9002 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9300 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:9600 0.0.0.0:* LISTEN 1636021/python tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:36672 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:44127 0.0.0.0:* LISTEN 1598742/node tcp 0 0 127.0.0.1:44359 0.0.0.0:* LISTEN 1598878/code-8b3775 tcp 0 0 127.0.0.1:41939 0.0.0.0:* LISTEN 1598538/node tcp6 0 0 :::19530 :::* LISTEN - tcp6 0 0 :::5601 :::* LISTEN - tcp6 0 0 :::5432 :::* LISTEN - tcp6 0 0 :::5672 :::* LISTEN - tcp6 0 0 :::6379 :::* LISTEN - tcp6 0 0 :::7891 :::* LISTEN 1646/clash tcp6 0 0 :::7890 :::* LISTEN 1646/clash tcp6 0 0 :::8000 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 :::2224 :::* LISTEN - tcp6 0 0 :::3306 :::* LISTEN - tcp6 0 0 :::15692 :::* LISTEN - tcp6 0 0 :::15672 :::* LISTEN - tcp6 0 0 :::8929 :::* LISTEN - tcp6 0 0 :::9200 :::* LISTEN - tcp6 0 0 :::9091 :::* LISTEN - tcp6 0 0 :::9090 :::* LISTEN 1646/clash tcp6 0 0 :::9002 :::* LISTEN - tcp6 0 0 :::9000 :::* LISTEN - tcp6 0 0 :::9300 :::* LISTEN - udp 0 0 127.0.0.53:53 0.0.0.0:* - udp6 0 0 :::7891 :::* 1646/clash 我的机器网络如下:
─➤ ip --color a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 90:8d:6e:c2:5d:24 brd ff:ff:ff:ff:ff:ff altname enp24s0f0 inet 192.168.38.223/24 brd 192.168.38.255 scope global eno1 valid_lft forever preferred_lft forever inet6 fe80::928d:6eff:fec2:5d24/64 scope link valid_lft forever preferred_lft forever3: eno2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000 link/ether 90:8d:6e:c2:5d:25 brd ff:ff:ff:ff:ff:ff altname enp24s0f14: eno3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000 link/ether 90:8d:6e:c2:5d:26 brd ff:ff:ff:ff:ff:ff altname enp25s0f05: eno4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000 link/ether 90:8d:6e:c2:5d:27 brd ff:ff:ff:ff:ff:ff altname enp25s0f16: br-7abdd021226c: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:20:78:a1:26 brd ff:ff:ff:ff:ff:ff inet 172.21.7.1/24 brd 172.21.7.255 scope global br-7abdd021226c valid_lft forever preferred_lft forever8: br-fae6ff4cbfe5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:a3:e3:7b:47 brd ff:ff:ff:ff:ff:ff inet 172.21.8.1/24 brd 172.21.8.255 scope global br-fae6ff4cbfe5 valid_lft forever preferred_lft forever inet6 fe80::42:a3ff:fee3:7b47/64 scope link valid_lft forever preferred_lft forever9: br-1ad62c94cb59: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:e0:b5:64:9f brd ff:ff:ff:ff:ff:ff inet 172.21.4.1/24 brd 172.21.4.255 scope global br-1ad62c94cb59 valid_lft forever preferred_lft forever10: br-72097f53c6c8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:2d:88:79:b3 brd ff:ff:ff:ff:ff:ff inet 172.21.5.1/24 brd 172.21.5.255 scope global br-72097f53c6c8 valid_lft forever preferred_lft forever inet6 fe80::42:2dff:fe88:79b3/64 scope link valid_lft forever preferred_lft forever11: br-2c578316f047: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:f5:72:f5:5c brd ff:ff:ff:ff:ff:ff inet 172.21.1.1/24 brd 172.21.1.255 scope global br-2c578316f047 valid_lft forever preferred_lft forever12: br-33e0a46249f7: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:b6:a2:c1:e3 brd ff:ff:ff:ff:ff:ff inet 192.168.49.1/24 brd 192.168.49.255 scope global br-33e0a46249f7 valid_lft forever preferred_lft forever13: br-7c40d6bf640c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:e7:a5:67:9c brd ff:ff:ff:ff:ff:ff inet 172.21.3.1/24 brd 172.21.3.255 scope global br-7c40d6bf640c valid_lft forever preferred_lft forever inet6 fe80::42:e7ff:fea5:679c/64 scope link valid_lft forever preferred_lft forever14: br-ae3a1dd6e320: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:41:e9:55:06 brd ff:ff:ff:ff:ff:ff inet 172.21.0.1/24 brd 172.21.0.255 scope global br-ae3a1dd6e320 valid_lft forever preferred_lft forever inet6 fe80::42:41ff:fee9:5506/64 scope link valid_lft forever preferred_lft forever15: br-ea23e34daef4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:77:fc:27:bf brd ff:ff:ff:ff:ff:ff inet 172.21.2.1/24 brd 172.21.2.255 scope global br-ea23e34daef4 valid_lft forever preferred_lft forever inet6 fe80::42:77ff:fefc:27bf/64 scope link valid_lft forever preferred_lft forever16: br-eb248bb5b3fa: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:49:87:4d:ff brd ff:ff:ff:ff:ff:ff inet 172.21.15.1/24 brd 172.21.15.255 scope global br-eb248bb5b3fa valid_lft forever preferred_lft forever inet6 fe80::42:49ff:fe87:4dff/64 scope link valid_lft forever preferred_lft forever17: br-0cbe1b0ddf78: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:fc:d6:05:b2 brd ff:ff:ff:ff:ff:ff inet 172.21.9.1/24 brd 172.21.9.255 scope global br-0cbe1b0ddf78 valid_lft forever preferred_lft forever inet6 fe80::42:fcff:fed6:5b2/64 scope link valid_lft forever preferred_lft forever18: br-298fd4684d8e: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:7e:14:43:4b brd ff:ff:ff:ff:ff:ff inet 172.21.17.1/24 brd 172.21.17.255 scope global br-298fd4684d8e valid_lft forever preferred_lft forever19: br-3fa489a3f1b3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:37:b1:67:2f brd ff:ff:ff:ff:ff:ff inet 172.21.10.1/24 brd 172.21.10.255 scope global br-3fa489a3f1b3 valid_lft forever preferred_lft forever20: br-bff545d104b6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ee:12:b1:2e brd ff:ff:ff:ff:ff:ff inet 172.21.19.1/24 brd 172.21.19.255 scope global br-bff545d104b6 valid_lft forever preferred_lft forever inet6 fe80::42:eeff:fe12:b12e/64 scope link valid_lft forever preferred_lft forever21: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:16:5c:70:8e brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever23: vethc4971ff@if22: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0cbe1b0ddf78 state UP group default link/ether 6e:1b:be:ce:63:4f brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::6c1b:beff:fece:634f/64 scope link valid_lft forever preferred_lft forever25: vethbb38cd9@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-72097f53c6c8 state UP group default link/ether 46:af:51:eb:82:5a brd ff:ff:ff:ff:ff:ff link-netnsid 5 inet6 fe80::44af:51ff:feeb:825a/64 scope link valid_lft forever preferred_lft forever27: vetha994484@if26: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-ea23e34daef4 state UP group default link/ether 2e:62:df:af:e7:77 brd ff:ff:ff:ff:ff:ff link-netnsid 10 inet6 fe80::2c62:dfff:feaf:e777/64 scope link valid_lft forever preferred_lft forever29: vetha936228@if28: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-fae6ff4cbfe5 state UP group default link/ether ea:9a:37:c2:7a:f9 brd ff:ff:ff:ff:ff:ff link-netnsid 9 inet6 fe80::e89a:37ff:fec2:7af9/64 scope link valid_lft forever preferred_lft forever31: veth903d616@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-7c40d6bf640c state UP group default link/ether fe:4f:15:d0:24:bb brd ff:ff:ff:ff:ff:ff link-netnsid 3 inet6 fe80::fc4f:15ff:fed0:24bb/64 scope link valid_lft forever preferred_lft forever33: veth0fb5941@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-ae3a1dd6e320 state UP group default link/ether da:81:51:b4:6e:ff brd ff:ff:ff:ff:ff:ff link-netnsid 4 inet6 fe80::d881:51ff:feb4:6eff/64 scope link valid_lft forever preferred_lft forever35: veth03a943c@if34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-bff545d104b6 state UP group default link/ether d6:0c:97:ce:c1:73 brd ff:ff:ff:ff:ff:ff link-netnsid 7 inet6 fe80::d40c:97ff:fece:c173/64 scope link valid_lft forever preferred_lft forever39: veth3051cb6@if38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0cbe1b0ddf78 state UP group default link/ether a2:31:f3:14:e4:42 brd ff:ff:ff:ff:ff:ff link-netnsid 11 inet6 fe80::a031:f3ff:fe14:e442/64 scope link valid_lft forever preferred_lft forever41: veth90b7282@if40: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0cbe1b0ddf78 state UP group default link/ether 5e:b6:3c:e7:8e:52 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::5cb6:3cff:fee7:8e52/64 scope link valid_lft forever preferred_lft forever43: vethb1255cd@if42: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-fae6ff4cbfe5 state UP group default link/ether 66:81:8d:a6:b2:54 brd ff:ff:ff:ff:ff:ff link-netnsid 8 inet6 fe80::6481:8dff:fea6:b254/64 scope link valid_lft forever preferred_lft forever45: veth08c2693@if44: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-0cbe1b0ddf78 state UP group default link/ether c6:a5:cb:0e:0f:2a brd ff:ff:ff:ff:ff:ff link-netnsid 6 inet6 fe80::c4a5:cbff:fe0e:f2a/64 scope link valid_lft forever preferred_lft forever6217: vethe2ecf76@if6216: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-eb248bb5b3fa state UP group default link/ether 16:6f:0a:c6:7c:f2 brd ff:ff:ff:ff:ff:ff link-netnsid 2 inet6 fe80::146f:aff:fec6:7cf2/64 scope link valid_lft forever preferred_lft forever这该怎么办呢?有什么排查思路或者方向吗?
之前都是可以访问的,就是内存出问题重启后出现了这个问题。
不仅仅是 9600端口,我把 fastapi 改成其他端口都是不通的。甚至我把 docker 跑的 rabbitmq 关掉,释放 15672 端口,然后把 fastapi 绑定到 15672 端口,这是从其他电脑也无法访问 15672 了。(但是 docker 跑的 rabbitmq 的 15672 是可以被其他机器访问的)
共有1个答案
巩镜
考虑192.168.38.223这个机器的防火墙是不是过滤了9600端口。
类似资料:
-
问题内容: 我刚刚使用自制软件在Mac上使用Docker- Toolbox安装了Docker:使用自制软件安装了Docker 在使用Rails创建并配置了容器之后,Postgres并启动了docker-compose,一切看起来都很好,但是我无法从主机访问Web服务器。 输出 当我输入谷歌浏览器的网址http://0.0.0.0:8000/我得到 所以我尝试了 具有以下输出: 当我尝试使用Chro
-
我有一个关于这个问题的问题https://hub.docker.com/r/jupyter/scipy-notebook.我正在尝试使用docker compose运行此图像: 组成: Dockerfile 我用手够不着它http://locahost:8888 .... 网址。我使用Windows10作为主机,并尝试从这个docker compose和这些工作中访问其他服务。
-
问题内容: 我正在boot2docker 1.3.1下运行。 我有一个Docker容器通过运行Web服务器。 如果我连接到该容器,则可以使用浏览该网站,以便知道服务器正在运行。 我用以下容器运行容器: 它具有以下详细信息: 我以为可以访问,从托管人访问该网站。 这是行不通的。我只是在Chrome中看到“正在连接…”,却一无所获。 我究竟做错了什么? 问题答案: 好吧,愚蠢的我,我在boot2doc
-
我有一个docker应用程序,我使用以下docker compose。yml运行它: 我有一个没有docker化的服务器在我的机器上运行,我可以通过访问它。我希望我的服务能够访问它。 我发现有人建议在我的服务配置中添加以下内容: 但是当我添加这个时,并尝试,我得到。当我尝试<code>curl时,也会出现同样的错误http://host.docker.internal:3000。 我拼命地尝试将端
-
我在本地机器(Mac)上工作,其中有一个名为sqlvm的遗留虚拟机(这意味着我可以通过http://sqlvm:从本地主机访问这个虚拟机)。现在,我在应该连接到vm的同一个本地主机(我的Mac)中设置了几个docker容器(使用docker-compose)。< code>pymysql会引发一个异常: 如何将外部的“sqlvm”公开给内部 Docker 网络? 编辑:我尝试在yml文件中为相关容
-
我需要创建一些docker容器,这些容器必须由同一网络上的其他计算机访问。 问题是,当我创建容器时,Docker获得的IP地址仅在主机内有效。