도커 컨테이너에 인터넷이 없습니다.

도커 컨테이너에 인터넷이 없습니다.

---

나는 잘 작동했지만 이제는 멈췄다. 아무 소용없이 다음 명령을 시도했습니다.

docker run -dns 8.8.8.8 base ping google.com

docker run base ping google.com

sysctl -w net.ipv4.ip_forward=1 -호스트와 컨테이너 모두

모든 I get 및입니다 unknown host google.com. 도커 버전 0.7.0

어떤 아이디어?

PS ufw비활성화

---

먼저 확인해야 할 것은 docker 컨테이너cat /etc/resolv.conf 에서 실행 됩니다 . 와 같은 잘못된 DNS 서버가있는 경우 컨테이너는 도메인 이름을 ip 주소로 확인할 수 없으므로 실패합니다.nameserver 127.0.x.xping google.com

두 번째로 확인해야 할 것은 호스트 시스템cat /etc/resolv.conf 에서 실행 됩니다 . Docker는 기본적으로 컨테이너가 시작될 때마다 호스트 를 컨테이너에 복사합니다 . 따라서 호스트 가 잘못되면 도커 컨테이너도 마찬가지입니다./etc/resolv.conf/etc/resolv.conf

호스트 /etc/resolv.conf가 틀렸다는 것을 발견하면 다음 두 가지 옵션이 있습니다.

1. daemon.json에서 DNS 서버를 하드 코드하십시오. 이것은 쉽지만 DNS 서버가 변경 될 것으로 예상되는 경우에는 이상적이지 않습니다.

2. 호스트를 수정하십시오 /etc/resolv.conf. 이것은 조금 까다 롭지 만 동적으로 생성되며 DNS 서버를 하드 코딩하지 않습니다.

---

1. docker daemon.json의 DNS 서버 하드 코드

• 편집하다 /etc/docker/daemon.json

  {
      "dns": ["10.1.2.3", "8.8.8.8"]
  }
  

• 변경 사항을 적용하려면 docker 데몬을 다시 시작하십시오.
  sudo systemctl restart docker

• 이제 컨테이너를 실행 / 시작하면 docker가의 /etc/resolv.conf값으로 채워집니다 daemon.json.

---

2. 호스트 수정 /etc/resolv.conf

A. 우분투 16.04 및 이전

• Ubuntu 16.04 이하의 경우 /etc/resolv.confNetworkManager에 의해 동적으로 생성되었습니다.

• 라인 주석 dns=dnsmasq의 (a와 #)의를/etc/NetworkManager/NetworkManager.conf

• NetworkManager를 다시 시작하여 다음을 재생성하십시오 /etc/resolv.conf.
  sudo systemctl restart network-manager

• 호스트에서 확인하십시오. cat /etc/resolv.conf

B. 우분투 18.04 이상

• Ubuntu 18.04는를 systemd-resolved생성하는/etc/resolv.conf 데 사용 하도록 변경되었습니다 . 이제 기본적으로 로컬 DNS 캐시 127.0.0.53을 사용합니다. 컨테이너 내부에서는 작동하지 않으므로 Docker는 기본적으로 Google의 8.8.8.8 DNS 서버로 설정되어 방화벽 뒤에있는 사람들에게는 손상 될 수 있습니다.

• /etc/resolv.conf실제로 Ubuntu 18.04에서 기본적 ls -l /etc/resolv.conf으로 /run/systemd/resolve/stub-resolv.conf(127.0.0.53) 을 가리키는 심볼릭 링크 ( )입니다 .

• /run/systemd/resolve/resolv.conf실제 DNS 서버를 나열 하도록 심볼릭 링크를 변경하십시오 .
  sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf

• 호스트에서 확인하십시오. cat /etc/resolv.conf

이제 /etc/resolv.confdocker가 컨테이너에 복사 할 수있는 유효한 호스트 가 있어야합니다 .

---

이 조언을 따르면 수정됩니다.

[...] 모든 것을 재설정하려고 할 수 있습니까?

pkill docker
iptables -t nat -F
ifconfig docker0 down
brctl delbr docker0
docker -d

도 커가 브리지를 다시 만들고 모든 네트워크 규칙을 다시 초기화하도록합니다.

https://github.com/dotcloud/docker/issues/866#issuecomment-19218300

Seems the interface was 'hanged' somehow.

Update for more recent versions of docker:

The above answer might still get the job done for you but it has been quite a long time since this answer was posted and docker is more polished now so make sure you try these first before going into mangling with iptables and all.

sudo service docker restart or (if you are in a linux distro that does not use upstart) sudo systemctl restart docker

---

The intended way to restart docker is not to do it manually but use the service or init command:

service docker restart

---

Updating this question with an answer for OSX (using Docker Machine)

If you are running Docker on OSX using Docker Machine, then the following worked for me:

docker-machine restart

<...wait for it to restart, which takes up to a minute...>

docker-machine env
eval $(docker-machine env)

Then (at least in my experience), if you ping google.com from a container all will be well.

---

I was using DOCKER_OPTS="--dns 8.8.8.8" and later discovered and that my container didn't have direct access to internet but could access my corporate intranet. I changed DOCKER_OPTS to the following:

DOCKER_OPTS="--dns <internal_corporate_dns_address"

replacing internal_corporate_dns_address with the IP address or FQDN of our DNS and restarted docker using

sudo service docker restart

and then spawned my container and checked that it had access to internet.

---

For me it was the host's firewall. I had to allow DNS on the host's firewall. And also had to restart docker after changing the host firewall setting.

---

For me it was an iptables forwarding rule. For some reason the following rule, when coupled with docker's iptables rules, caused all outbound traffic from containers to hit localhost:8080:

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 8080

---

I had the problem on Ubuntu 18.04. However the problem was with the DNS. I was in a corporate network that has its own DNS server and block other DNS servers. This is to block some websites (porn, torrents, ... so on )

To resolve your problem

1. find your DNS on host machine

2. use --dns your_dns as suggested by @jobin

   docker run --dns your_dns -it --name cowsay --hostname cowsay debian bash

---

I do not know what I am doing but that worked for me :

OTHER_BRIDGE=br-xxxxx # this is the other random docker bridge (`ip addr` to find)    
service docker stop

ip link set dev $OTHER_BRIDGE down
ip link set dev docker0 down
ip link delete $OTHER_BRIDGE type bridge
ip link delete docker0 type bridge
service docker start && service docker stop

iptables -t nat -A POSTROUTING ! -o docker0 -s 172.17.0.0/16 -j MASQUERADE
iptables -t nat -A POSTROUTING ! -o docker0 -s 172.18.0.0/16 -j MASQUERADE

service docker start

---

On windows (8.1) I killed the virtualbox interface (via taskmgr) and it solved the issue.

---

You may have started your docker with dns options --dns 172.x.x.x

I had the same error and removed the options from /etc/default/docker

The lines:

# Use DOCKER_OPTS to modify the daemon startup options.
DOCKER_OPTS="--dns 172.x.x.x"

---

No internet access can also be caused by missing proxy settings. In that case, --network host may not work either. The proxy can be configured by setting the environment variables http_proxy and https_proxy:

docker run -e "http_proxy=YOUR-PROXY" \
           -e "https_proxy=YOUR-PROXY"\
           -e "no_proxy=localhost,127.0.0.1" ... 

Do not forget to set no_proxy as well, or all requests (including those to localhost) will go through the proxy.

More information: Proxy Settings in the Archlinux Wiki.

---

If you're on OSX, you might need to restart your machine after installing Docker. This has been an issue at times.

---

Originally my docker container was able to reach the external internet (This is a docker service/container running on an Amazon EC2).

Since my app is an API, I followed up the creation of my container (it succeeded in pulling all the packages it needed) with updating my IP Tables to route all traffic from port 80 to the port that my API (running on docker) was listening on.

Then, later when I tried rebuilding the container it failed. After much struggle, I discovered that my previous step (setting the IPTable port forwarding rule) messed up the docker's external networking capability.

Solution: Stop your IPTable service:

sudo service iptables stop

Restart The Docker Daemon:

sudo service docker restart

Then, try rebuilding your container. Hope this helps.

---

Follow Up

I completely overlooked that I did not need to mess with the IP Tables to forward incoming traffic to 80 to the port that the API running on docker was running on. Instead, I just aliased port 80 to the port the API in docker was running on:

docker run -d -p 80:<api_port> <image>:<tag> <command to start api>

---

I was stumped when this happened randomly for me for one of my containers, while the other containers were fine. The container was attached to at least one non-internal network, so there was nothing wrong with the Compose definition. Restarting the VM / docker daemon did not help. It was also not a DNS issue because the container could not even ping an external IP. What solved it for me was to recreate the docker network(s). In my case, docker-compose down && docker-compose up worked.

Compose

This forces the recreation of all networks of all the containers:

docker-compose down && docker-compose up

Swarm mode

I suppose you just remove and recreate the service, which recreates the service's network(s):

docker service rm some-service

docker service create ...

If the container's network(s) are external

Simply remove and recreate the external networks of that service:

docker network rm some-external-network

docker network create some-external-network

---

Just adding this here in case someone runs into this issue within a virtualbox container running docker. I reconfigured the virtualbox network to bridged instead of nat, and the problem went away.

---

For Ubuntu 19.04 using openconnect 8.3 for VPN, I had to symlink /etc/resolve.conf to the one in systemd (opposite of answerby wisbucky )

sudo ln -sf /etc/resolv.conf /run/systemd/resolve/resolv.conf

Steps to debug

1. Connect to Company VPN
2. Look for correct VPN settings in either /etc/resolv.conf or /run/systemd/resolve/resolv.conf
3. Whichever has the correct DNS settings, we'll symlink that to the other file ( Hint: Place one with correct settings on the left of assignment )

Docker version: Docker version 19.03.0-rc2, build f97efcc

---

I also encountered such an issue while trying to set up a project using Docker-Compose on Ubuntu.

The Docker had no access to internet at all, when I tried to ping any IP address or nslookup some URL - it failed all the time.

I tried all the possible solutions with DNS resolution described above to no avail.

I spent the whole day trying to find out what the heck is going on, and finally found out that the cause of all the trouble was the antivirus, in particular it's firewall which for some reason blocked Docker from getting the IP address and port.

When I disabled it - everything worked fine.

So, if you have an antivirus installed and nothing helps fix the issue - the problem could be the firewall of the antivirus.

---

I've had a similar problem for the last few days. For me the cause was a combination of systemd, docker and my hosting provider. I'm running up-to-date CentOS (7.7.1908).

My hosting provider automatically generates a config file for systemd-networkd. Starting with systemd 219 which is the current version for CentOS 7, systemd-networkd took control of network-related sysctl parameters. Docker seems to be incompatible with this version and will reset the IP-Forwarding flags everytime a container is launched.

My solution was to add IPForward=true in the [Network]-section of my provider-generated config file. This file might be in several places, most likely in /etc/systemd/network.

The process is also described in the official docker docs: https://docs.docker.com/v17.09/engine/installation/linux/linux-postinstall/#ip-forwarding-problems

참고URL : https://stackoverflow.com/questions/20430371/my-docker-container-has-no-internet