docker反向代理DNS /网络问题 [英] docker reverse proxy DNS/networking issues

问题描述

我会尽力解释并得出结论

I'll try to explain and draw this out

我想要实现的目标：

< a href = https://i.stack.imgur.com/SFzWR.png rel = nofollow noreferrer>

对不起，paint脚的油漆图。现在，如果我从10.10.10.0网络中找到它，它就可以完美运行。问题是DNS将jenkins.network.com解析为10.10.10.0网络。我想通过代理返回，因为它具有SSL终止功能，可以到达声纳服务器。是否有一种很好的方法可以做到这一点，从而将服务保留在代理之后？我是否需要创建带有docker网络的第二台DNS服务器？领事可以将外部和内部服务都指向同一个域名吗？

Sorry for the crappy paint diagram. Right now, it works perfectly if I hit it from the 10.10.10.0 network. The problem is DNS resolves jenkins.network.com to the 10.10.10.0 network. I want to go back through the proxy though as that has SSL termination to get to the sonarqube server. Is there a good way to accomplish this to keep the services behind the proxy? Do I need to create a second DNS server with the docker network on it? Is this possible to do with consul to have both the external and internal services point to the same domain name?

编辑：
这样做是可行的，因为一切都经过代理。因此，当詹金斯击中声纳时，它认为它的IP确实是10.10.10.51，并且可以通过它到达目标。

Doing something like this would work, since everything goes through the proxies. So when jenkins hits sonar, it think's its ip really is 10.10.10.51 and it can hit it through there.

我需要执行的操作：

我需要它离开代理，然后再通过代理返回。 IE：

What I need it to do: I need it to go out of the proxy, then come back in through the proxy. IE:

172.16.10.2 ---- 172.16.10.1 ----- 10.10.10.50 -----代理随后接管路由到正确的位置（ 172.16.10.3:8080之类的东西）

172.16.10.2 ---- 172.16.10.1 ----- 10.10.10.50 ----- Proxy then takes over to route to proper location (172.16.10.3:8080 or something)

推荐答案

因为您没有发布自己的文章。我没有做任何假设。假定的构成如下：

Since you didn't post your compose. I am making few assumptions. The compose assumed is below

version: '3'

services:
  nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    depends_on:
      - jenkins
      - sonar
  jenkins:
    image: jenkins
  sonar:
    image: sonarqube

所有这些都在 10.10.10.50 上运行。现在，如果将内部和外部的DNS设置为 10.10.10.20 ，则 jenkins.network.com 都将解析为 10.10.10.50 。但是在docker网络内部，您希望 jenkins.network.com 解析为容器的IP。

And all of these run on 10.10.10.50. Now if you set the DNS to 10.10.10.20 inside and outside, both jenkins.network.com will resolve to 10.10.10.50. But inside the docker network you want jenkins.network.com to resolved to the IP of the container.

所以如果以上所有方法都是正确的，则以下是最简单的解决方案

So if all above is correct then below is the simplest solution

version: '3'

service:
  nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    depends_on:
      - jenkins
      - sonar
  jenkins:
    image: jenkins
    networks:
      default:
        aliases:
          - jenkins.network.com
  sonar:
    image: sonar
    networks:
      default:
        aliases:
          - sonar.network.com

在nginx图像上，我可以到达 jenkins.network.com

On the nginx image i can reach jenkins.network.com

root@be6492f18851:/# telnet jenkins.network.com 8080
Trying 172.23.0.3...
Connected to jenkins.network.com.
Escape character is '^]'.
Connection closed by foreign host.

您可以从詹金斯和声纳容器中获得相同的结果

And you can do that from both jenkins and sonar containers and get the same results

编辑1

如果希望DNS通过代理，则可以更改别名到该网络

If you want the DNS to go through proxy, you can change the aliases to that network

version: '3'

service:
  nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    depends_on:
      - jenkins
      - sonar
    networks:
      default:
        aliases:
          - sonar.network.com
          - jenkins.network.com
  jenkins:
    image: jenkins
  sonar:
    image: sonar

这篇关于docker反向代理DNS /网络问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！