Windows docker 容器无法 ping 主机 [英] Windows docker container cannot ping host

问题描述

我在 Windows Server 2016 主机上运行一个 windows docker 容器，运行默认配置.

I am running a windows docker container on a Windows Server 2016 host, running default configuration.

使用命令运行docker容器时:

When running the docker container using the command:

docker run -it microsoft/windowsservercore powershell

当我运行命令时:

ping

它只是说请求超时.我已经检查过我可以 ping 8.8.8.8 和 google.com 等……甚至是同一子网上的其他机器.我唯一无法ping通的是主机.

It just says that the request times out. I have checked that I can ping 8.8.8.8 and google.com etc... and even other machines on the same subnet. The only one I cannot ping is the host.

我已在docker run"命令中添加了--dns"，但这仅允许我通过主机名而不是 IP ping 主机.

I have added '--dns ' to the 'docker run' command but this only allows me to ping the host machine via hostname and not IP.

有其他人看到这个问题并有解决方案吗?

Has anyone else seen this problem and have a solution?

推荐答案

我找到了一个解决方法(我不愿意称之为解决方案):

I found a workaround (I'm not willing to call it a solution):

Windows 容器网络驱动程序:创建透明"网络:

docker network create -d transparent trans

将容器附加到此网络

docker run --network=trans ...

重要提示:请注意，使用此网络，您的容器需要从主机子网获取 IP 地址并直接暴露给它.

Important: Please note, that with this network, your container needs to obtain an IP Adress from the Host Subnet and it is directly exposed to it.

根据 https://github.com/Microsoft/Virtualization-Documentation/issues/253#issuecomment-217975932 (JMesser81):

According to https://github.com/Microsoft/Virtualization-Documentation/issues/253#issuecomment-217975932 (JMesser81):

这是我们的 Windows NAT 实施 (WinNAT) 中的一个已知限制，您无法直接从容器 (NAT) 主机访问静态端口映射中的外部端口.

This is a known limitation in our Windows NAT implementation (WinNAT) that you cannot access the external port in a static port mapping directly from the container (NAT) host.

这篇关于Windows docker 容器无法 ping 主机的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！