无法从容器连接到远程SQL Server [英] Unable to connect to remote SQL server from container
问题描述
我正在尝试从计算机上托管的Docker容器连接到远程SQL Server.
I'm trying to connect to my remote SQL server from a docker container hosted on my computer.
但是正在接收以下错误:
But are just reciving the following error:
建立与SQL Server的连接时,发生了与网络有关或特定于立场的错误.找不到服务器或无法访问服务器.检查实例名称是否正确,并且SQL Server已配置为允许远程连接.有关更多信息,请参见SQL Server联机丛书.Sqlcmd:错误:Microsoft SQL Server本机客户端10.0:登录超时已过期.
A network-related or in stance-specific error has occurred while establishing a connection to SQL Server . Server is not found or not accessible. Check if instance name is correct and i f SQL Server is configured to allow remote connections. For more information see SQL Server Books Online.. Sqlcmd: Error: Microsoft SQL Server Native Client 10.0 : Login timeout expired.
但是,如果我尝试从主机上的SQL Server Management Studio连接到我的SQL Server,则一切正常.另请注意,两周前,一切也都在docker容器中工作了.
But if I try to connect to my SQL server from SQL server management studio on the host machine everything works properly. Also note that 2 weeks ago everything also worked inside the docker container.
这是我的docker compose文件和安装了SQL驱动程序的docker文件:
Here is my docker compose file and the docker file which has the SQL driver installed:
撰写:
version: '3'
services:
nginx:
image: nginx:1.10
volumes:
- ./:/var/www
- .docker/nginx/vhost.conf:/etc/nginx/conf.d/default.conf
ports:
- ${DOCKER_IP}80:80
links:
- php
networks:
- app-net
php:
build:
context: ./
dockerfile: .docker/php/DockerFile
volumes:
- ./:/var/www
networks:
- app-net
networks:
app-net:
driver: bridgeDocker文件
FROM phpdockerio/php71-fpm:latest
# Install selected extensions and other stuff
RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && apt-get -y --no-install-recommends install \
php7.1-mysql \
php7.1-mbstring \
php7.1-gd \
php7.1-soap \
php7.1-dev \
apt-transport-https \
git \
ssh \
curl \
php-pear \
&& apt-get clean; rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/*
# Install Composer
RUN cd /usr/src
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Install MSSQL extention
RUN curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
RUN curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list > /etc/apt/sources.list.d/mssql-release.list
RUN apt-get update
RUN ACCEPT_EULA=Y apt-get -y install msodbcsql mssql-tools g++ unixodbc-dev make
RUN pear config-set php_ini `php --ini | grep "Loaded Configuration" | sed -e "s|.*:\s*||"` system
RUN pecl install sqlsrv
RUN pecl install pdo_sqlsrv
RUN echo "extension=sqlsrv.so" >> /etc/php/7.1/fpm/php.ini
RUN echo "extension=pdo_sqlsrv.so" >> /etc/php/7.1/fpm/php.ini
# Fixed locals for MSSQL extention
RUN apt-get install -y locales
RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen
RUN locale-gen
WORKDIR /var/www在docker容器中,我无法ping通SQL服务器.所以对我来说,这听起来像是网络问题,但是我找不到解决方案.
Inside the docker container I can't ping the SQL server. So for me i sounds like a network issue, but I'm unable find a solution.
请注意,SQL Server本地托管在办公室的服务器上.
Please note the SQL server is hosted locally on a server in the office.
立即更新/已解决将Windows的dokcer降级为18.03.0-CE后,一切正常.
UPDATE/Solved for now After downgrading the dokcer for windows to 18.03.0-CE everything worked as expected.
推荐答案
默认情况下,Docker Bridge网络根本不会连接到Docker之外的世界.它们只允许容器彼此通信.
Docker Bridge networks don't connect to the world outside of Docker at all by default; they only allow containers to talk to each other. The documentation for Docker Bridge Networks does offer some advice for allowing Bridge network traffic to talk to the outside world by making changes on the Docker host:
首先在内核中启用IP转发:
First enable IP forwarding in the kernel:
$ sysctl net.ipv4.conf.all.forwarding=1
然后更改主机防火墙以允许转发
Then change the host firewall to allow the forwarding
$ sudo iptables -P FORWARD ACCEPT
这是一个相当宽松的防火墙配置,因此您可能需要考虑使其保持更多锁定状态.
This is a fairly permissive firewall configuration, so you may want to look at keeping that a bit more locked down.
另一种方法是将容器连接到两个不同的网络:用于容器之间通信的当前桥接网络,以及用于与MySQL通讯的第二个主机网络.由于这绕过了所有Docker的NAT配置,因此尽管我认为传出连接可能没问题,但是服务的可伸缩性可能会受到影响.
The other way would be to attach the container to two different networks: your current bridge network for communication between container, and a second Host network for talking to MySQL. Since this bypasses all of Docker's NAT configuration, the scalability of your service may be impacted, although I think outgoing connections might be OK.
这篇关于无法从容器连接到远程SQL Server的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
