故障描述:

当我使用docker-compose的方式部署内网的harbor时。它自动创建了一个bridge网桥,与内网的一个网段(172.18.0.1/16)发生冲突,docker 默认的网络模式是bridge ,默认网段是172.17.0.1/16。

多次执行docker-compose up -d 部署服务后,自动生成的网桥会依次使用: 172.18.x.x ,172.19.x.x....

然后碰巧内网的一个网段也是172.18.x.x。这样就导致这台机器死活也连不到172.18.x.x这台机器。

现象:

telnet不通,也无法ping通。。

解决方法

1、查看路由表:

2、查看docker network如下:

3、将docker-compose应用停止

docker-compose down

4、修改docker.json文件

下次docker启动的时候docker0将会变为172.31.0.1/24,docker-compose自动创建的bridge也会变为172.31.x.x/24

# cat /etc/docker/daemon.json

{

  "debug" : true,

  "default-address-pools" : [

    {

      "base" : "172.31.0.0/16",

      "size" : 24

    }

  ]

}

5、删除原来有冲突的bridge

# docker network ls

NETWORK ID          NAME                DRIVER              SCOPE

e4c5724969c9        bridge              bridge              local

b3cd674d3894        harbor_harbor       bridge              local

7f20b3d56275        host                host                local

7b5f3000115b        none                null                local

# docker network rm b3cd674d3894

b3cd674d3894

6、重启docker服务

# systemctl restart docker

7、查看ip a和路由表

# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

    link/ether 00:50:56:a3:f4:69 brd ff:ff:ff:ff:ff:ff

    inet 10.18.61.80/24 brd 10.18.61.255 scope global eth0

       valid_lft forever preferred_lft forever

64: br-6a82e7536981: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default

    link/ether 02:42:4f:5a:cc:53 brd ff:ff:ff:ff:ff:ff

    inet 172.31.1.1/24 brd 172.31.1.255 scope global br-6a82e7536981

       valid_lft forever preferred_lft forever

65: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default

    link/ether 02:42:91:20:87:bd brd ff:ff:ff:ff:ff:ff

    inet 172.31.0.1/24 brd 172.31.0.255 scope global docker0

       valid_lft forever preferred_lft forever

# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         10.18.61.1      0.0.0.0         UG    0      0        0 eth0

10.18.61.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0

169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0

172.31.0.0      0.0.0.0         255.255.255.0   U     0      0        0 docker0

172.31.1.0      0.0.0.0         255.255.255.0   U     0      0        0 br-6a82e7536981

# docker network ls

NETWORK ID          NAME                DRIVER              SCOPE

27b40217b79c        bridge              bridge              local

6a82e7536981        harbor_harbor       bridge              local

7f20b3d56275        host                host                local

7b5f3000115b        none                null                local

可以看到64: br-6a82e7536981 和 65: docker0的网段都已经变成172.31.x.x了。说明配置ok了

8、启动docker-compose

# docker-compose up -d

如果出现以下错误

Starting log         ... error

Starting registry    ... error

Starting registryctl ... error

Starting postgresql  ... error

Starting portal      ... error

Starting redis       ... error

Starting core        ... error

Starting jobservice  ... error

Starting proxy       ... error

ERROR: for log  Cannot start service log: network b3cd674d38943c91c439ea8eafc0ecc4cea6d4e0df875d930e8342f6d678d135 not found

ERROR: No containers to start

因为没有自动切换。NETWORK ID:b3cd674d3....还是原来的NETWORK ID

需要绑定bridge

# docker network ls

NETWORK ID          NAME                DRIVER              SCOPE

27b40217b79c        bridge              bridge              local

6a82e7536981        harbor_harbor       bridge              local

7f20b3d56275        host                host                local

7b5f3000115b        none                null                local

# docker network connect network_name container_name

[root@mvxl74019 harbor]# docker network connect harbor_harbor nginx

[root@mvxl74019 harbor]# docker network connect harbor_harbor harbor-jobservice

[root@mvxl74019 harbor]# docker network connect harbor_harbor harbor-core

[root@mvxl74019 harbor]# docker network connect harbor_harbor registryctl

[root@mvxl74019 harbor]# docker network connect harbor_harbor registry

[root@mvxl74019 harbor]# docker network connect harbor_harbor redis

[root@mvxl74019 harbor]# docker network connect harbor_harbor harbor-db

[root@mvxl74019 harbor]# docker network connect harbor_harbor harbor-portal

[root@mvxl74019 harbor]# docker network connect harbor_harbor harbor-log

[root@mvxl74019 harbor]# docker-compose up -d

Starting log         ... done

Starting registry    ... done

Starting registryctl ... done

Starting postgresql  ... done

Starting portal      ... done

Starting redis       ... done

Starting core        ... done

Starting jobservice  ... done

Starting proxy       ... done
9、检查服务是否正常
# docker-compose ps

      Name                     Command                  State                 Ports

---------------------------------------------------------------------------------------------

harbor-core         /harbor/entrypoint.sh            Up (healthy)

harbor-db           /docker-entrypoint.sh            Up (healthy)

harbor-jobservice   /harbor/entrypoint.sh            Up (healthy)

harbor-log          /bin/sh -c /usr/local/bin/ ...   Up (healthy)   127.0.0.1:1514->10514/tcp

harbor-portal       nginx -g daemon off;             Up (healthy)

nginx               nginx -g daemon off;             Up (healthy)   0.0.0.0:80->8080/tcp

redis               redis-server /etc/redis.conf     Up (healthy)

registry            /home/harbor/entrypoint.sh       Up (healthy)

registryctl         /home/harbor/start.sh            Up (healthy)

10、再尝试是否能telnet通目标IP: 172.18.5.145

可以看到是已经能够telnet通和ping通了。

 说明:此文档参考转载至:https://zhuanlan.zhihu.com/p/379305319,仅用于学习使用

docker报错:报错br-xxxx 之Docker-Compose 自动创建的网桥与局域网络冲突的更多相关文章

  1. 【docker】docker启动、重启、关闭命令,附带:docker启动容器报错:docker: Error response from daemon: driver failed programming external connectivity on endpoint es2-node

    在关闭并放置centos 的防火墙重启之后[操作:https://www.cnblogs.com/sxdcgaq8080/p/10032829.html] 启动docker容器就发现开始报错: [ro ...

  2. zun 不能创建 docker 容器,报错: datastore for scope "global" is not initialized

    问题:zun不能创建docker容器,报错:datastore for scope "global" is not initialized   解决:修改docker 服务配置文件 ...

  3. docker 启动容器报错

    2018-10-24 报错信息: /usr/bin/docker-current: Error response from daemon: driver failed programming exte ...

  4. egg 连接 mysql 的 docker 容器,报错:Client does not support authentication protocol requested by server; consider upgrading MySQL client

    egg 连接 mysql 的 docker 容器,报错:Client does not support authentication protocol requested by server; con ...

  5. 使用nsenter进入docker容器后端报错 mesg: ttyname failed: No such file or directory

    通过nsenter 进入到docker容器的后端总是报下面的错,, [root@devdtt ~]# docker inspect -f {{.State.Pid}} mynginx411950 [r ...

  6. docker启动容器报错 Unknown runtime specified nvidia.

    启动docker容器时,报错 问题复现 当我启动一个容器时,运行以下命令: docker run --runtime=nvidia .... 后面一部分命令没写出来,此时报错的信息如下: docker ...

  7. docker启动镜像报错

    docker启动镜像报错: docker: Error response from daemon: driver failed programming external connectivity on ...

  8. docker启动redis报错 oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo

    docker启动redis报错 1:C 17 Jun 08:18:04.613 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo1:C 17 Jun 08 ...

  9. docker推送镜像到docker本地仓库报错:http: server gave HTTP response to HTTPS client

    因为Docker从1.3.X之后,与docker registry交互默认使用的是https,然而此处搭建的私有仓库只提供http服务,所以当与私有仓库交互时就会报上面的错误. 解决办法: vim / ...

  10. Docker获取镜像报错docker: Error response from daemon

    docker: Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled ...

随机推荐

  1. CF1141F2 Same Sum Blocks (Hard)

    题目传送门 思路 简单题. 不妨先预处理出每一个区间的 \(\sum\),然后离散化 \(\sum\),对于每个 \(\sum\) 开一个 \(\mathcal vector\) 记录所有区间的左右端 ...

  2. 设备区分判断IPAD,H5,PC

        HTML: <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> < ...

  3. BUUCTF—CRYPTO 1—10

    BUUCTF-CRYPTO 1-10 1.MD5 题目:e00cf25ad42683b3df678c61f42c6bda 解析:看题目就知道是MD5加密,直接上在线解码网站解码,答案是:flag 2. ...

  4. C#神器"BlockingCollection"类实现C#神仙操作

    前言 如果你想玩转C# 里面多线程,工厂模式,生产者/消费者,队列等高级操作,就可以和我一起探索这个强大的线程安全提供阻塞和限制功能的C#神器类 BlockingCollection简单介绍 微软介绍 ...

  5. SAP SPOOL_INTERNAL_ERROR

    运行SE38程序 RSPO0041

  6. adb server version (36) doesn‘t match this client (41)解决

    问题描述:夜神模拟器,dos窗口下,然后adb devices发现连不上模拟器了,报adb server version (36) doesn't match this client (41); ki ...

  7. CF1738E Balance Addicts

    个人思路: \(sum_i\) 表示前 \(i\) 个数的前缀和,推一下式子可知是要选若干对 \(l_i,r_i\),使得 \(l_1 < l_2 <\dots < l_k \le ...

  8. Word19 撰写企业质量管理论文office真题

    1.看到题目要求:打开考试文件下的素材文档"WPS.docx"文件,后续操作均基于此文件,否则不得分. 2.这一步的操作非常简单,打开文件目录进行双击打开即可完成操作. 3.看到题 ...

  9. IntelliJ IDEA2021.3破解教程【Windows10系统】

    IntelliJ IDEA2021.3破解教程[Windows10系统] 以下仅为本人工作.学习过程中所接触到的内容,不足之处请多包涵. 官网下载地址 最新版:https://www.jetbrain ...

  10. NXOpen获取UFUN的tag

    #include <NXOpen/NXObject.hxx>#include <NXOpen/NXObjectManager.hxx> 1 NXObject* nXObject ...