Docker 容器:访问需要 VPN 的专用端点 - SSL_ERROR_SYSCALL
Docker Container: Access private endpoint that requires VPN - SSL_ERROR_SYSCALL
在我的本地主机上 在 VPN 上。如果我 运行
curl https://foo.bar/api/v1/19我会得到一堆返回的数据
然后我在我的本地主机上启动一个 docker 容器并安装了证书,如下所示:
docker run \
-p 6709:6709 -p 6708:6708 \
-v /etc/ssl/certs:/etc/ssl/certs:rw \
IMAGE \
"update-ca-certificates"
在容器中,我无法访问同一个端点
root@1349b12fdff2:/# curl -v https://foo.bar/api/v1/19
* Trying 10.132.123.123...
* TCP_NODELAY set
* Connected to foo.bar (10.132.123.123) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to foo.bar:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to foo.bar:443
有什么想法吗?
我发现解决方案是 运行 带有 --net=host
的容器
在我的本地主机上 在 VPN 上。如果我 运行
curl https://foo.bar/api/v1/19我会得到一堆返回的数据
然后我在我的本地主机上启动一个 docker 容器并安装了证书,如下所示:
docker run \
-p 6709:6709 -p 6708:6708 \
-v /etc/ssl/certs:/etc/ssl/certs:rw \
IMAGE \
"update-ca-certificates"
在容器中,我无法访问同一个端点
root@1349b12fdff2:/# curl -v https://foo.bar/api/v1/19
* Trying 10.132.123.123...
* TCP_NODELAY set
* Connected to foo.bar (10.132.123.123) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to foo.bar:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to foo.bar:443
有什么想法吗?
我发现解决方案是 运行 带有 --net=host