Docker 构建无法在 Windows 服务器 2019 上解析 DNS
Docker build cannot resolve DNS on Windows Server 2019
问题
运行以下命令:
docker build --rm -f "c:\Users\...\iotedgeModbus\Dockerfile.amd64.debug" -t
modbus:dev-amd64.debug "c:\Users\...\iotedgeModbus" ; if ($?) { iotedgehubdev start -d "c:\Users\...\iotedgeModbus\config\deployment.debug.amd64.json" -v }
输出与解析 DNS 名称相关的错误:
Step 2/21 : RUN apt-get update && apt-get install -y --no-install-recommends unzip procps
&& rm -rf /var/lib/apt/lists/*
---> Running in a389a7d1ff0d
Err:1 http://security.debian.org/debian-security buster/updates InRelease
Temporary failure resolving 'security.debian.org'
Err:2 http://deb.debian.org/debian buster InRelease
Temporary failure resolving 'deb.debian.org'
Err:3 http://deb.debian.org/debian buster-updates InRelease
Temporary failure resolving 'deb.debian.org'
Reading package lists...
完整堆栈跟踪:
docker build --rm -f "c:\Users\...\iotedgeModbus\Dockerfile.amd64.debug" -t
modbus:dev-amd64.debug "c:\Users\...\iotedgeModbus" ; if ($?) { iotedgehubdev start -d "c:\Users\...\iotedgeModbus\config\deployment.debug.amd64.json" -v }
Sending build context to Docker daemon 699.9kB
Step 1/21 : FROM mcr.microsoft.com/dotnet/core/runtime:3.0.0-buster-slim AS base
---> b525e32f0752
Step 2/21 : RUN apt-get update && apt-get install -y --no-install-recommends unzip procps
&& rm -rf /var/lib/apt/lists/*
---> Running in a389a7d1ff0d
Err:1 http://security.debian.org/debian-security buster/updates InRelease
Temporary failure resolving 'security.debian.org'
Err:2 http://deb.debian.org/debian buster InRelease
Temporary failure resolving 'deb.debian.org'
Err:3 http://deb.debian.org/debian buster-updates InRelease
Temporary failure resolving 'deb.debian.org'
Reading package lists...
W: Failed to fetch http://deb.debian.org/debian/dists/buster/InRelease Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://security.debian.org/debian-security/dists/buster/updates/InRelease
Temporary failure resolving 'security.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/buster-updates/InRelease Temporary failure resolving 'deb.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package unzip
E: Unable to locate package procps
The command '/bin/sh -c apt-get update && apt-get install -y --no-install-recommends unzip procps && rm -rf /var/lib/apt/lists/*' returned a non-zero code: 100
设置
我有以下配置:
- Azure VM(标准 D2s v3 [2 个 vcpus,8 GiB 内存])
- VM OS 是 Windows Server 2019 Datacenter v1809
- Docker EE(服务器和客户端引擎均为 v19.03.04)
- WSL 通过 this guide 安装和测试。
- 通过 this guide
启用、测试并设置为默认值的 LCOW
- daemon.json 配置了 DNS 服务器的文件
- 主机已连接到互联网
背景
我正在尝试调试我的容器在生产环境中遇到的问题,所以我想 运行 它在生产机器上。
Docker配置
daemon.json 文件的内容:
{
"experimental": true,
"dns": ["208.67.222.222", "208.67.220.220"],
"bridge": "none"
}
根据 this documentation,此文件位于 "C:\ProgramData\Docker\config\"。
运行 docker info 输出:
Client:
Debug Mode: false
Plugins:
cluster: Manage Docker clusters (Docker Inc., v1.2.0)
Server:
Containers: 5
Running: 0
Paused: 0
Stopped: 5
Images: 3
Server Version: 19.03.4
Storage Driver: windowsfilter (windows) lcow (linux)
Windows:
LCOW:
Logging Driver: json-file
Plugins:
Volume: local
Network: ics internal l2bridge l2tunnel nat null overlay private transparent
Log: awslogs etwlogs fluentd gcplogs gelf json-file local logentries splunk syslog
Swarm: inactive
Default Isolation: process
Kernel Version: 10.0 17763 (17763.1.amd64fre.rs5_release.180914-1434)
Operating System: Windows Server 2019 Datacenter Version 1809 (OS Build 17763.864)
OSType: windows
Architecture: x86_64
CPUs: 2
Total Memory: 8GiB
Name: xxxxxxxx
ID: GMKH:37MH:LDBL:AXQA:DYNK:342Y:A2AR:OLJP:WRJM:YQV2:4XZA:XJCR
Docker Root Dir: C:\ProgramData\docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
运行 docker network ls 输出:
NETWORK ID NAME DRIVER SCOPE
3c451e980ddd nat nat local
c2d54c8da069 none null local
运行 docker network inspect nat 输出:
[
{
"Name": "nat",
"Id": "3c451e980dddda1b46005caba457f56efb4aba610668c5d58f7c3cc839604347",
"Created": "2019-11-12T22:07:47.6443712Z",
"Scope": "local",
"Driver": "nat",
"EnableIPv6": false,
"IPAM": {
"Driver": "windows",
"Options": null,
"Config": [
{
"Subnet": "172.20.160.0/20",
"Gateway": "172.20.160.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.windowsshim.hnsid": "8991C564-50DB-4AE0-9C75-7B117787CC7E",
"com.docker.network.windowsshim.networkname": "nat"
},
"Labels": {}
}
]
Dockerfile.amd64.debug 的内容是:
FROM mcr.microsoft.com/dotnet/core/runtime:3.0.0-buster-slim AS base
RUN apt-get update && \
apt-get install -y --no-install-recommends unzip procps && \
rm -rf /var/lib/apt/lists/*
RUN useradd -ms /bin/bash moduleuser
USER moduleuser
RUN curl -sSL https://aka.ms/getvsdbgsh | bash /dev/stdin -v latest -l ~/vsdbg
FROM mcr.microsoft.com/dotnet/core/sdk AS build-env
WORKDIR /app
COPY *.csproj ./
RUN dotnet restore
COPY . ./
RUN dotnet publish -c Debug -o out
FROM gcc:7 AS build-env-2
WORKDIR /app
# copy .c and .h file
COPY *.c ./
COPY *.h ./
# build
RUN gcc -shared -o libcomWrapper.so -fPIC comWrapper.c
FROM base
WORKDIR /app
COPY --from=build-env /app/out ./
COPY --from=build-env-2 /app/libcomWrapper.so /usr/lib/
ENTRYPOINT ["dotnet", "iotedgeModbus.dll"]
我的 deployment.debug.template.json 文件与 this example.
的结构相同
尝试过的解决方案
我尝试了以下方法来解决问题:
- 确认宿主可以
pinggoogle.com,deb.debian.org,security.debian.org.
- 已确认主机成功 returns
nslookup 结果为 google.com、deb.debian.org 和 security.debian.org。
- 更新 daemon.json 文件,其中包含 Google DNS、OpenDNS 和主机适配器 DNS 的 DNS 条目,然后重新启动 docker 服务以测试连接。
- 使用
--network 标志指定要在 docker build 命令中使用的适配器,我已经尝试了 nat 和 none 网络。
- 设置 DNS 使用 Google 主机上 vEthernet (nat) 适配器上的 DNS 和 OpenDNS 服务器。
- 指定要与
--dns 标志一起使用的 DNS 服务器(似乎仅适用于 dockerd 而不是 docker。
- 根据 this comment.
将主机用于连接到 Internet 的适配器的 InterfaceMetric 设置为低于其他适配器的 InterfaceMetric
- 根据 the documentation.
确认主机网络不适用于 Windows 服务器上的 Docker EE
- 试图用
docker network create -d bridge mynetwork 创建桥接网络,但遇到:"Error response from daemon: could not find plugin bridge in v1 plugin registry: plugin not found"。
- 使用
docker network create -d transparent MyNetwork 创建了透明网络适配器,但由于 docker build 未完成,我无法将其附加到容器。
如有任何建议或帮助,我们将不胜感激。
打开守护进程配置并添加 json 格式的 DNS 8.8.8.8。然后重新启动 docker 守护进程。 Apt get 会起作用。条目是
{
"dns": ["8.8.8.8"]
}
在我的例子中,我得到的错误是调试 Docker Windows 容器 Visual Studio 2019.
当visual studio 运行:
docker exec -i {container-name} "c:\Windows\System32\curl.exe" -sSL "https://aka.ms/vs/16/release/16.11/debugger/OneCore.Msvsmon.amd64.enu.zip" -w "%{content_type}" -o "c:\.vs-debugger\OneCore.Msvsmon.amd64.enu.zip"
我得到了
curl: (6) Could not resolve host: aka.ms
解决方案是像这样向 Docker 引擎添加 DNS:
Docker -> 设置 -> Docker 引擎(我只添加了 dns 设置):
{
"registry-mirrors": [],
"insecure-registries": [],
"debug": false,
"experimental": false,
"dns": [
"8.8.8.8",
"8.8.4.4"
]
}
问题
运行以下命令:
docker build --rm -f "c:\Users\...\iotedgeModbus\Dockerfile.amd64.debug" -t
modbus:dev-amd64.debug "c:\Users\...\iotedgeModbus" ; if ($?) { iotedgehubdev start -d "c:\Users\...\iotedgeModbus\config\deployment.debug.amd64.json" -v }
输出与解析 DNS 名称相关的错误:
Step 2/21 : RUN apt-get update && apt-get install -y --no-install-recommends unzip procps
&& rm -rf /var/lib/apt/lists/*
---> Running in a389a7d1ff0d
Err:1 http://security.debian.org/debian-security buster/updates InRelease
Temporary failure resolving 'security.debian.org'
Err:2 http://deb.debian.org/debian buster InRelease
Temporary failure resolving 'deb.debian.org'
Err:3 http://deb.debian.org/debian buster-updates InRelease
Temporary failure resolving 'deb.debian.org'
Reading package lists...
完整堆栈跟踪:
docker build --rm -f "c:\Users\...\iotedgeModbus\Dockerfile.amd64.debug" -t
modbus:dev-amd64.debug "c:\Users\...\iotedgeModbus" ; if ($?) { iotedgehubdev start -d "c:\Users\...\iotedgeModbus\config\deployment.debug.amd64.json" -v }
Sending build context to Docker daemon 699.9kB
Step 1/21 : FROM mcr.microsoft.com/dotnet/core/runtime:3.0.0-buster-slim AS base
---> b525e32f0752
Step 2/21 : RUN apt-get update && apt-get install -y --no-install-recommends unzip procps
&& rm -rf /var/lib/apt/lists/*
---> Running in a389a7d1ff0d
Err:1 http://security.debian.org/debian-security buster/updates InRelease
Temporary failure resolving 'security.debian.org'
Err:2 http://deb.debian.org/debian buster InRelease
Temporary failure resolving 'deb.debian.org'
Err:3 http://deb.debian.org/debian buster-updates InRelease
Temporary failure resolving 'deb.debian.org'
Reading package lists...
W: Failed to fetch http://deb.debian.org/debian/dists/buster/InRelease Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://security.debian.org/debian-security/dists/buster/updates/InRelease
Temporary failure resolving 'security.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/buster-updates/InRelease Temporary failure resolving 'deb.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package unzip
E: Unable to locate package procps
The command '/bin/sh -c apt-get update && apt-get install -y --no-install-recommends unzip procps && rm -rf /var/lib/apt/lists/*' returned a non-zero code: 100
设置
我有以下配置:
- Azure VM(标准 D2s v3 [2 个 vcpus,8 GiB 内存])
- VM OS 是 Windows Server 2019 Datacenter v1809
- Docker EE(服务器和客户端引擎均为 v19.03.04)
- WSL 通过 this guide 安装和测试。
- 通过 this guide 启用、测试并设置为默认值的 LCOW
- daemon.json 配置了 DNS 服务器的文件
- 主机已连接到互联网
背景
我正在尝试调试我的容器在生产环境中遇到的问题,所以我想 运行 它在生产机器上。
Docker配置
daemon.json 文件的内容:
{
"experimental": true,
"dns": ["208.67.222.222", "208.67.220.220"],
"bridge": "none"
}
根据 this documentation,此文件位于 "C:\ProgramData\Docker\config\"。
运行 docker info 输出:
Client:
Debug Mode: false
Plugins:
cluster: Manage Docker clusters (Docker Inc., v1.2.0)
Server:
Containers: 5
Running: 0
Paused: 0
Stopped: 5
Images: 3
Server Version: 19.03.4
Storage Driver: windowsfilter (windows) lcow (linux)
Windows:
LCOW:
Logging Driver: json-file
Plugins:
Volume: local
Network: ics internal l2bridge l2tunnel nat null overlay private transparent
Log: awslogs etwlogs fluentd gcplogs gelf json-file local logentries splunk syslog
Swarm: inactive
Default Isolation: process
Kernel Version: 10.0 17763 (17763.1.amd64fre.rs5_release.180914-1434)
Operating System: Windows Server 2019 Datacenter Version 1809 (OS Build 17763.864)
OSType: windows
Architecture: x86_64
CPUs: 2
Total Memory: 8GiB
Name: xxxxxxxx
ID: GMKH:37MH:LDBL:AXQA:DYNK:342Y:A2AR:OLJP:WRJM:YQV2:4XZA:XJCR
Docker Root Dir: C:\ProgramData\docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
运行 docker network ls 输出:
NETWORK ID NAME DRIVER SCOPE
3c451e980ddd nat nat local
c2d54c8da069 none null local
运行 docker network inspect nat 输出:
[
{
"Name": "nat",
"Id": "3c451e980dddda1b46005caba457f56efb4aba610668c5d58f7c3cc839604347",
"Created": "2019-11-12T22:07:47.6443712Z",
"Scope": "local",
"Driver": "nat",
"EnableIPv6": false,
"IPAM": {
"Driver": "windows",
"Options": null,
"Config": [
{
"Subnet": "172.20.160.0/20",
"Gateway": "172.20.160.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.windowsshim.hnsid": "8991C564-50DB-4AE0-9C75-7B117787CC7E",
"com.docker.network.windowsshim.networkname": "nat"
},
"Labels": {}
}
]
Dockerfile.amd64.debug 的内容是:
FROM mcr.microsoft.com/dotnet/core/runtime:3.0.0-buster-slim AS base
RUN apt-get update && \
apt-get install -y --no-install-recommends unzip procps && \
rm -rf /var/lib/apt/lists/*
RUN useradd -ms /bin/bash moduleuser
USER moduleuser
RUN curl -sSL https://aka.ms/getvsdbgsh | bash /dev/stdin -v latest -l ~/vsdbg
FROM mcr.microsoft.com/dotnet/core/sdk AS build-env
WORKDIR /app
COPY *.csproj ./
RUN dotnet restore
COPY . ./
RUN dotnet publish -c Debug -o out
FROM gcc:7 AS build-env-2
WORKDIR /app
# copy .c and .h file
COPY *.c ./
COPY *.h ./
# build
RUN gcc -shared -o libcomWrapper.so -fPIC comWrapper.c
FROM base
WORKDIR /app
COPY --from=build-env /app/out ./
COPY --from=build-env-2 /app/libcomWrapper.so /usr/lib/
ENTRYPOINT ["dotnet", "iotedgeModbus.dll"]
我的 deployment.debug.template.json 文件与 this example.
尝试过的解决方案
我尝试了以下方法来解决问题:
- 确认宿主可以
pinggoogle.com,deb.debian.org,security.debian.org. - 已确认主机成功 returns
nslookup结果为 google.com、deb.debian.org 和 security.debian.org。 - 更新 daemon.json 文件,其中包含 Google DNS、OpenDNS 和主机适配器 DNS 的 DNS 条目,然后重新启动 docker 服务以测试连接。
- 使用
--network标志指定要在docker build命令中使用的适配器,我已经尝试了 nat 和 none 网络。 - 设置 DNS 使用 Google 主机上 vEthernet (nat) 适配器上的 DNS 和 OpenDNS 服务器。
- 指定要与
--dns标志一起使用的 DNS 服务器(似乎仅适用于 dockerd 而不是 docker。 - 根据 this comment. 将主机用于连接到 Internet 的适配器的
- 根据 the documentation. 确认主机网络不适用于 Windows 服务器上的 Docker EE
- 试图用
docker network create -d bridge mynetwork创建桥接网络,但遇到:"Error response from daemon: could not find plugin bridge in v1 plugin registry: plugin not found"。 - 使用
docker network create -d transparent MyNetwork创建了透明网络适配器,但由于docker build未完成,我无法将其附加到容器。
InterfaceMetric 设置为低于其他适配器的 InterfaceMetric
如有任何建议或帮助,我们将不胜感激。
打开守护进程配置并添加 json 格式的 DNS 8.8.8.8。然后重新启动 docker 守护进程。 Apt get 会起作用。条目是
{
"dns": ["8.8.8.8"]
}
在我的例子中,我得到的错误是调试 Docker Windows 容器 Visual Studio 2019.
当visual studio 运行:
docker exec -i {container-name} "c:\Windows\System32\curl.exe" -sSL "https://aka.ms/vs/16/release/16.11/debugger/OneCore.Msvsmon.amd64.enu.zip" -w "%{content_type}" -o "c:\.vs-debugger\OneCore.Msvsmon.amd64.enu.zip"
我得到了
curl: (6) Could not resolve host: aka.ms
解决方案是像这样向 Docker 引擎添加 DNS:
Docker -> 设置 -> Docker 引擎(我只添加了 dns 设置):
{
"registry-mirrors": [],
"insecure-registries": [],
"debug": false,
"experimental": false,
"dns": [
"8.8.8.8",
"8.8.4.4"
]
}