#docker #ubuntu #debian
Вопрос:
(я не уверен, что это относится к stackoverflow.com или superuser.com или где-нибудь еще, кто-нибудь знает?)
у меня есть Windows 10, работающая на голом металле, с виртуальной машиной (X)Ubuntu 20.04 VMware, с контейнером Debian docker. этот контейнер docker теряет подключение к Интернету примерно через 2 дня безотказной работы, и это довольно стабильно, так как он работает уже более 1 месяца. после того, как это произойдет, запуск ping 8.8.8.8 внутри контейнера docker приведет к
root@d0d9f27d1d5d:/var/www# ping 8.8.8.8 -vvvvv
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 172.18.0.7 icmp_seq=1 Destination Host Unreachable
From 172.18.0.7 icmp_seq=2 Destination Host Unreachable
From 172.18.0.7 icmp_seq=3 Destination Host Unreachable
странно то, что перезапуск контейнера docker ничего не делает. бег sudo service docker restart тоже не помогает. контейнер docker не получит доступ в Интернет снова, пока вся виртуальная машина Ubuntu 20.04 не будет перезапущена…? однако у виртуальной машины Ubuntu есть Интернет. есть идеи, что может быть причиной этого? или как это отладить? (единственный способ, который я нашел, чтобы намеренно воспроизвести его, — это подождать ~2 дня, что делает отладку действительно раздражающей, в основном приходится ждать 2 дня, чтобы увидеть, повлияли ли какие-либо изменения)
возможно, соответствующая информация:
$ docker --version
Docker version 20.10.7, build 20.10.7-0ubuntu1~20.04.1
sudo service docker status после того, как докер потерял подключение к Интернету (но я также запустил sudo service docker restart , так что.. я не могу получить печать «интернет потерян без перезапуска службы» до 2 дней спустя)
$ sudo service docker status
[sudo] password for hans:
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-10-04 10:25:52 CEST; 4min 43s ago
TriggeredBy: ● docker.socket
Docs: https://docs.docker.com
Main PID: 441373 (dockerd)
Tasks: 129
Memory: 98.9M
CGroup: /system.slice/docker.service
├─441373 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
├─441676 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 11211 -container-ip 172.18.0.2 -container-port 11211
├─441684 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 11211 -container-ip 172.18.0.2 -container-port 11211
├─441697 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 80 -container-ip 172.18.0.3 -container-port 80
├─441703 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 80 -container-ip 172.18.0.3 -container-port 80
├─441724 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8025 -container-ip 172.18.0.4 -container-port 8025
├─441730 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 8025 -container-ip 172.18.0.4 -container-port 8025
├─441745 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 1025 -container-ip 172.18.0.4 -container-port 1025
├─441752 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 1025 -container-ip 172.18.0.4 -container-port 1025
├─441941 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 3307 -container-ip 172.18.0.6 -container-port 3306
├─441948 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 3307 -container-ip 172.18.0.6 -container-port 3306
├─441984 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 6379 -container-ip 172.18.0.7 -container-port 6379
├─441995 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 6379 -container-ip 172.18.0.7 -container-port 6379
├─442016 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8081 -container-ip 172.18.0.8 -container-port 8080
└─442037 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 8081 -container-ip 172.18.0.8 -container-port 8080
okt. 04 10:25:50 xDevAd dockerd[441373]: time="2021-10-04T10:25:50.040959481 02:00" level=info msg="IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844]"
okt. 04 10:25:50 xDevAd dockerd[441373]: time="2021-10-04T10:25:50.123805195 02:00" level=info msg="No non-localhost DNS nameservers are left in resolv.conf. Using default external servers: [nameserver 8.8.8.8 nameserver 8.8.4.4]"
okt. 04 10:25:50 xDevAd dockerd[441373]: time="2021-10-04T10:25:50.123843450 02:00" level=info msg="IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844]"
okt. 04 10:25:50 xDevAd dockerd[441373]: time="2021-10-04T10:25:50.224240262 02:00" level=info msg="No non-localhost DNS nameservers are left in resolv.conf. Using default external servers: [nameserver 8.8.8.8 nameserver 8.8.4.4]"
okt. 04 10:25:50 xDevAd dockerd[441373]: time="2021-10-04T10:25:50.224313910 02:00" level=info msg="IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844]"
okt. 04 10:25:52 xDevAd dockerd[441373]: time="2021-10-04T10:25:52.231724465 02:00" level=info msg="Loading containers: done."
okt. 04 10:25:52 xDevAd dockerd[441373]: time="2021-10-04T10:25:52.264209834 02:00" level=info msg="Docker daemon" commit="20.10.7-0ubuntu1~20.04.1" graphdriver(s)=btrfs version=20.10.7
okt. 04 10:25:52 xDevAd dockerd[441373]: time="2021-10-04T10:25:52.264442513 02:00" level=info msg="Daemon has completed initialization"
okt. 04 10:25:52 xDevAd systemd[1]: Started Docker Application Container Engine.
okt. 04 10:25:52 xDevAd dockerd[441373]: time="2021-10-04T10:25:52.323857921 02:00" level=info msg="API listen on /run/docker.sock"
вызов для запуска контейнера docker:
sudo sh -c 'cd /home/hans/projects/easyad; docker-compose -f docker-compose.yml -f docker-compose.dev.yml up'
docker-compose.yml:
version: '3.4'
networks:
web-network:
driver: bridge
services:
easyad-nginx:
expose:
- "80"
networks:
- web-network
restart: always
easyad-php-fpm:
networks:
- web-network
restart: always
docker-compose.dev.yml (with some credentials censored)
version: '3.4'
services:
easyad-nginx:
build:
context: .
dockerfile: .docker/nginx/Dockerfile
target: base
volumes:
- .:/var/www
ports:
- 80:80
environment:
- APP_ENV=dev
- VIRTUAL_HOST=easyad.local
depends_on:
- redis
- memcached
- easyad-php-fpm
easyad-php-fpm:
build:
context: .
dockerfile: .docker/php/Dockerfile-local
target: base
environment:
- APP_ENV=dev
- PHP_OPCACHE_VALIDATE_TIMESTAMPS=1
volumes:
- ./database/lang_changes:/var/www/database/lang_changes:rw
- ./composer.lock:/var/www/composer.lock
- .:/var/www
- /var/www/vendor
depends_on:
- redis
- memcached
docker-db:
image: "mysql:5.7.16"
command: --default-authentication-plugin=mysql_native_password
ports:
- 3307:3306
restart: always
environment:
MYSQL_ROOT_PASSWORD: <censored>
MYSQL_DATABASE: easyad
MYSQL_HOST: localhost
volumes:
- ./docker-db:/var/lib/mysql:rw
- ./easyad-localhost.sql.gz:/docker-entrypoint-initdb.d/dump.sql.gz
- .docker/mysql/mycustom.cnf:/etc/mysql/conf.d/custom.cnf
networks:
- web-network
redis:
image: redis
restart: always
ports:
- "6379:6379"
networks:
- web-network
restart: always
adminer:
image: adminer
restart: always
ports:
- 8081:8080
networks:
- web-network
mailhog:
image: mailhog/mailhog:v1.0.0
restart: always
ports:
- "1025:1025"
- "8025:8025"
networks:
- web-network
memcached:
image: memcached:latest
restart: always
entrypoint:
- memcached
- -m 64
ports:
- "11211:11211"
networks:
- web-network
.docker/php/Dockerfile-local:
FROM php:7.4-fpm-buster as base
ENV PHP_OPCACHE_VALIDATE_TIMESTAMPS="0"
PHP_OPCACHE_MAX_ACCELERATED_FILES="10000"
PHP_OPCACHE_MEMORY_CONSUMPTION="192"
PHP_OPCACHE_MAX_WASTED_PERCENTAGE="10"
RUN cp "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
COPY .docker/php/conf.d/ $PHP_INI_DIR/conf.d/
COPY .docker/php/www_add_dev.conf /usr/local/etc/php-fpm.d/www_add.conf
COPY .docker/php/conf.d-localhost-overwrites.ini $PHP_INI_DIR/conf.d/overwrites2.ini
# we don't need/use groff, but aws-shell has a dependency bug with groff: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991422
RUN echo "deb http://http.debian.net/debian/ buster main contrib non-free" > /etc/apt/sources.list amp;amp;
echo "deb http://http.debian.net/debian/ buster-updates main contrib non-free" >> /etc/apt/sources.list amp;amp;
echo "deb http://security.debian.org/ buster/updates main contrib non-free" >> /etc/apt/sources.list amp;amp;
apt-get update amp;amp; apt-get install -y libmcrypt-dev libxml2-dev libpng-dev wget libmemcached-dev libwebp-dev libjpeg62-turbo-dev libxpm-dev procps libfreetype6-dev curl git locales libzip-dev zip unzip msmtp ffmpeg gnupg2 aws-shell groff
# --no-install-recommends --assume-yes --quiet
amp;amp; docker-php-ext-configure opcache --enable-opcache
amp;amp; docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/
amp;amp; docker-php-ext-install -j$(nproc) pdo_mysql gd mysqli soap opcache zip exif
RUN sed -i -e 's/# nb_NO/nb_NO/' /etc/locale.gen amp;amp;
dpkg-reconfigure --frontend=noninteractive locales amp;amp;
update-locale
RUN printf "n" | pecl install memcached
amp;amp; pecl install xdebug
amp;amp; docker-php-ext-enable memcached xdebug
RUN printf "n n" | pecl install redis amp;amp; docker-php-ext-enable redis
WORKDIR /var/www
COPY --from=composer /usr/bin/composer /usr/bin/composer
COPY composer.json composer.json
COPY composer.lock composer.lock
RUN composer update --prefer-dist --no-scripts amp;amp; rm -rf /root/.composer
# Finish composer
RUN composer dump-autoload --no-scripts --optimize
### MAIL DEV
RUN curl -Lsf 'https://storage.googleapis.com/golang/go1.8.3.linux-amd64.tar.gz' | tar -C '/usr/local' -xvzf -
ENV PATH /usr/local/go/bin:$PATH
COPY .docker/php/ssmtp.conf /etc/msmtprc
RUN go get github.com/mailhog/mhsendmail
amp;amp; cp /root/go/bin/mhsendmail /usr/bin/mhsendmail
amp;amp; echo 'sendmail_path = /usr/bin/mhsendmail --smtp-addr mailhog:1025' > "$PHP_INI_DIR/php.ini"
# XDebug config
RUN echo '' >> "$PHP_INI_DIR/php.ini"
RUN echo '[xdebug]' >> "$PHP_INI_DIR/php.ini"
#RUN echo 'zend_extension=/usr/local/lib/php/extensions/no-debug-non-zts-20170718/xdebug.so' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.default_enable=1' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.remote_enable=1' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.remote_autostart=1' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.remote_connect_back=0' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.remote_handler=dbgp' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.remote_host=host.docker.internal' >> "$PHP_INI_DIR/php.ini"
RUN echo 'xdebug.remote_port=9000' >> "$PHP_INI_DIR/php.ini"
#RUN echo 'sendmail_path = "/usr/bin/msmtp -t -i"' > $PHP_INI_DIR/conf.d/mail.ini;
RUN echo Europe/Oslo >/etc/timezone amp;amp;
ln -sf /usr/share/zoneinfo/Europe/Oslo /etc/localtime amp;amp;
dpkg-reconfigure -f noninteractive tzdata
RUN wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add -
amp;amp; sh -c 'echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
amp;amp; apt-get update
amp;amp; apt-get install -y google-chrome-unstable fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf
--no-install-recommends
amp;amp; rm -rf /var/lib/apt/lists/*
RUN curl -sL https://deb.nodesource.com/setup_12.x | bash -
amp;amp; apt-get install -y nodejs
amp;amp; npm i --global --unsafe-perm puppeteer
amp;amp; groupadd -r pptruser amp;amp; useradd -r -g pptruser -G audio,video pptruser
amp;amp; mkdir -p /home/pptruser/Downloads
amp;amp; chown -R pptruser:pptruser /home/pptruser
EXPOSE 9000
FROM base as build
COPY --chown=www-data:www-data . /var/www
there are many more docker configuration files though, if there’s any docker files that might be relevant, just let me know and i’ll add them
$ find .docker
.docker
.docker/gulp
.docker/gulp/Dockerfile
.docker/localstack
.docker/localstack/.localstack
.docker/localstack/.localstack/.localstack
.docker/localstack/.localstack/data
.docker/localstack/.localstack/data/s3_api_calls.json
.docker/localstack/docker-compose.yml
.docker/mysql
.docker/mysql/mycustom.cnf
.docker/nginx
.docker/nginx/Dockerfile
.docker/nginx/easyad.conf.old
.docker/nginx/ssl-bundle.pem
.docker/nginx/www_easy-ads_com.key
.docker/nginx/www_easy-ads_com.pem
.docker/nginx/ip.easyad.conf
.docker/nginx/easyad.conf
.docker/nginx/nginx-extra.conf
.docker/nginx/nginx.conf
.docker/php
.docker/php/conf.d
.docker/php/conf.d/opcache.ini
.docker/php/conf.d/overwrites.ini
.docker/php/php-fpm.conf
.docker/php/www.conf
.docker/php/www2.conf
.docker/php/www_add_dev.conf
.docker/php/conf.d-localhost-overwrites.ini
.docker/php/ssmtp.conf
.docker/php/www_add.conf
.docker/php/Dockerfile-local
.docker/php/www_add_adserver.conf
.docker/php/Dockerfile
.docker/cron.txt