0
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

docker-compose コンテナ内で通信ができない

Last updated at Posted at 2020-09-29

解決したいこと

次のような構成でバックエンドと通信ができない。(Host is unreachable)

  • CentOS 8.2
  • docker-ce
  • docker-compose
   192.168.10.100
browser -- nginx[80] ------ backend container[80]
           (front)          (webmail)
           192.168.203.2    192.168.203.9
             

nginxからbackend containerに通信できない。(curlコマンドで試しても同様)
ただし、pingは通る。

解決方法

publicゾーン(default)に、マスカレードを有効にする。
※試行錯誤の結果なので、これが正しいかは未確認です...

sudo firewall-cmd --zone=public --add-masquerade --permanent
sudo firewall-cmd --reload
sudo systemctl restart docker

参考文献
https://forums.docker.com/t/docker-connection-refused-between-two-containers/68040/12

解決したいことの詳細情報

以下は現象が発生したコードや環境の詳細情報です。
解決できた方法は、前述の項目を参照ください。

発生している問題・エラー

[user@centos8 mailu]$ sudo docker-compose exec front sh
/ # curl -LsS http://192.168.203.9
curl: (7) Failed to connect to 192.168.203.9 port 80: Host is unreachable
/ # ping 192.168.203.9
PING 192.168.203.6 (192.168.203.9): 56 data bytes
64 bytes from 192.168.203.9: seq=0 ttl=64 time=0.103 ms
64 bytes from 192.168.203.9: seq=1 ttl=64 time=0.094 ms
^C
--- 192.168.203.9 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.094/0.098/0.103 ms

該当するソースコード

https://setup.mailu.io/1.7/ から自動生成したものに対象変更を加えたもの。

mailu.env
# Mailu main configuration file
#
# This file is autogenerated by the configuration management wizard for compose flavor.
# For a detailed list of configuration variables, see the documentation at
# https://mailu.io

###################################
# Common configuration variables
###################################

# Set to a randomly generated 16 bytes string
SECRET_KEY=SECRETAAAAAAAAAA

# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
SUBNET=192.168.203.0/24

# Main mail domain
DOMAIN=example.org

# Hostnames for this server, separated with comas
HOSTNAMES=example.org

# Postmaster local part (will append the main mail domain)
POSTMASTER=admin

# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR=notls

# Authentication rate limit (per source IP address)
AUTH_RATELIMIT=10/minute;1000/hour

# Opt-out of statistics, replace with "True" to opt out
DISABLE_STATISTICS=False

###################################
# Optional features
###################################

# Expose the admin interface (value: true, false)
ADMIN=true

# Choose which webmail to run if any (values: roundcube, rainloop, none)
WEBMAIL=rainloop

# Dav server implementation (value: radicale, none)
WEBDAV=none

# Antivirus solution (value: clamav, none)
ANTIVIRUS=none

###################################
# Mail settings
###################################

# Message size limit in bytes
# Default: accept messages up to 50MB
# Max attachment size will be 33% smaller
MESSAGE_SIZE_LIMIT=50000000

# Networks granted relay permissions
# Use this with care, all hosts in this networks will be able to send mail without authentication!
RELAYNETS=192.168.10.0/24

# Will relay all outgoing mails if configured
RELAYHOST=

# Fetchmail delay
FETCHMAIL_DELAY=600

# Recipient delimiter, character used to delimiter localpart from custom address part
RECIPIENT_DELIMITER=+

# DMARC rua and ruf email
DMARC_RUA=admin
DMARC_RUF=admin

# Welcome email, enable and set a topic and body if you wish to send welcome
# emails to all users.
WELCOME=false
WELCOME_SUBJECT=Welcome to your new email account
WELCOME_BODY=Welcome to your new email account, if you can read this, then it is configured properly!

# Maildir Compression
# choose compression-method, default: none (value: bz2, gz)
COMPRESSION=
# change compression-level, default: 6 (value: 1-9)
COMPRESSION_LEVEL=

###################################
# Web settings
###################################

# Path to redirect / to
WEBROOT_REDIRECT=/webmail

# Path to the admin interface if enabled
WEB_ADMIN=/webmin

# Path to the webmail if enabled
WEB_WEBMAIL=/webmail

# Website name
SITENAME=Mailu

# Linked Website URL
WEBSITE=https://mailu.io



###################################
# Advanced settings
###################################

# Log driver for front service. Possible values:
# json-file (default)
# journald (On systemd platforms, useful for Fail2Ban integration)
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
# LOG_DRIVER=json-file

# Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME=mailu

# Default password scheme used for newly created accounts and changed passwords
# (value: BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT)
PASSWORD_SCHEME=BLF-CRYPT

# Header to take the real ip from
REAL_IP_HEADER=

# IPs for nginx set_real_ip_from (CIDR list separated by commas)
REAL_IP_FROM=

# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
REJECT_UNLISTED_RECIPIENT=

# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING

###################################
# Database settings
###################################
DB_FLAVOR=sqlite
docker-compose.yml
# This file is auto-generated by the Mailu configuration wizard.
# Please read the documentation before attempting any change.
# Generated for compose flavor

version: '3'

services:

  # External dependencies
  redis:
    image: redis:alpine
    restart: always
    volumes:
      - "/usr/local/docker/mailu/redis:/data"

  # Core services
  front:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    logging:
      driver: json-file
    ports:
      - "192.168.10.100:80:80"
      - "::1:80:80"
      - "192.168.10.100:443:443"
      - "::1:443:443"
      - "192.168.10.100:25:25"
      - "::1:25:25"
      - "192.168.10.100:465:465"
      - "::1:465:465"
      - "192.168.10.100:587:587"
      - "::1:587:587"
      - "192.168.10.100:110:110"
      - "::1:110:110"
      - "192.168.10.100:995:995"
      - "::1:995:995"
      - "192.168.10.100:143:143"
      - "::1:143:143"
      - "192.168.10.100:993:993"
      - "::1:993:993"
    volumes:
      - "/usr/local/docker/mailu/certs:/certs"
      - "/usr/local/docker/mailu/overrides/nginx:/overrides"

  admin:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    ports:
      - 192.168.10.100:8080:80
      - 80
    volumes:
      - "/usr/local/docker/mailu/data:/data"
      - "/usr/local/docker/mailu/dkim:/dkim"
    depends_on:
      - redis

  imap:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    volumes:
      - "/usr/local/docker/mailu/mail:/mail"
      - "/usr/local/docker/mailu/overrides:/overrides"
    depends_on:
      - front

  smtp:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    volumes:
      - "/usr/local/docker/mailu/overrides:/overrides"
    depends_on:
      - front

  antispam:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    volumes:
      - "/usr/local/docker/mailu/filter:/var/lib/rspamd"
      - "/usr/local/docker/mailu/dkim:/dkim"
      - "/usr/local/docker/mailu/overrides/rspamd:/etc/rspamd/override.d"
    depends_on:
      - front

  # Optional services

  webdav:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    volumes:
      - "/usr/local/docker/mailu/dav:/data"


  # Webmail
  webmail:
    image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rainloop:${MAILU_VERSION:-1.7}
    restart: always
    env_file: mailu.env
    volumes:
      - "/usr/local/docker/mailu/webmail:/data"
    depends_on:
      - imap


networks:
  default:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 192.168.203.0/24
    # 以下はお試し
    driver_opts:
      com.docker.network.bridge.enable_icc: "true"
      com.docker.network.bridge.enable_ip_masquerade: "true"

自分で試したこと

  • enable_iccが有効になっていないため、コンテナ間で通信ができない?

    • 前述の設定の通り設定したが、結果は同じだった(通信できない)
    • Enable or Disable Inter Container Connectivity docker bridge-driver-options
  • docker0ネットワークをtrustedゾーンへ移動

    • 結果は同じだった(通信できない)
  • CentOS8で、docker-ceでは通信できない?!

    • stackoverflow
    • CentOS7では同じソースで正しく動作するとのこと

環境

env
[user@centos8 mailu]$ cat /etc/centos-release
CentOS Linux release 8.2.2004 (Core)
[user@centos8 mailu]$ sudo docker system info
Client:
 Debug Mode: false

Server:
 Containers: 8
  Running: 8
  Paused: 0
  Stopped: 0
 Images: 10
 Server Version: 19.03.13
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.18.0-193.19.1.el8_2.x86_64
 Operating System: CentOS Linux 8 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 1.784GiB
 Name: centos8
 ID: EENH:WZZJ:FROE:QNUP:QGVT:RRIN:RUR3:THIT:F22Q:IMVS:4GEL:DYIC
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
[user@centos8 mailu]$ sudo docker-compose --version
docker-compose version 1.27.4, build 40524192
docker-inspect
[user@centos8 ~]$ sudo docker inspect  mailu_default
[
    {
        "Name": "mailu_default",
        "Id": "27df81922313814a564c7a551a0c8cf3ea21603dba58002e73ba8f944e565c20",
        "Created": "2020-09-27T21:02:05.901818833-04:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "192.168.203.0/24"
                }
            ]
        },
        "Internal": false,
        "Attachable": true,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "1facc50c2feb49fca0033ed6642a6610c9bf79e616627fc957eacbb0638a5545": {
                "Name": "mailu_antispam_1",
                "EndpointID": "db33492d3378ecee9c057343493e6f1666f5166db94ed0c29830fb6821bc0cf3",
                "MacAddress": "02:42:c0:a8:cb:06",
                "IPv4Address": "192.168.203.6/24",
                "IPv6Address": ""
            },
            "3a4cd121bc28240d46699040f407afdd0702b7c31e8272f7da7a80c743ba7357": {
                "Name": "mailu_front_1",
                "EndpointID": "2588705b19c4d8b79c429d2cda66881fa93545a704f7763c912a764676185893",
                "MacAddress": "02:42:c0:a8:cb:02",
                "IPv4Address": "192.168.203.2/24",
                "IPv6Address": ""
            },
            "51c2da8ef177eb6a33d3e67af20aba5d791703a2d705e307ab9a458a7c4c4209": {
                "Name": "mailu_webmail_1",
                "EndpointID": "eb3d2b060aed84eb814d9d52dbe808a7073a52bb87d7dc7f335cbfe23bc03c28",
                "MacAddress": "02:42:c0:a8:cb:09",
                "IPv4Address": "192.168.203.9/24",
                "IPv6Address": ""
            },
            "80f0b528ea72121e8281a7734264989d2740bf5c89b7df866dc219b6016d52f5": {
                "Name": "mailu_admin_1",
                "EndpointID": "6770a86d9d3678ca98af052b9fc3e8fb2daf046166f8dbf819af5b7e7d49a1a5",
                "MacAddress": "02:42:c0:a8:cb:05",
                "IPv4Address": "192.168.203.5/24",
                "IPv6Address": ""
            },
            "95f81670bd10572ccaf6f778228bab6a808b5bcc74061a09c44090359b89b58e": {
                "Name": "mailu_redis_1",
                "EndpointID": "593ddd4e0ff2082ee9243b9eff0b4cc8301ace0438e84c0af02cc9f775a07eae",
                "MacAddress": "02:42:c0:a8:cb:04",
                "IPv4Address": "192.168.203.4/24",
                "IPv6Address": ""
            },
            "bbeb23a885a4e41ac47a25bc1c296b817f6eeff9baf2d23b26f4ac9513f04cae": {
                "Name": "mailu_smtp_1",
                "EndpointID": "b4e3b3c2e3676069039660ff5aab6529ed224a343d3eca60262cfea3341b6b4a",
                "MacAddress": "02:42:c0:a8:cb:08",
                "IPv4Address": "192.168.203.8/24",
                "IPv6Address": ""
            },
            "bc78cf9b396530c65ff202acb9e925f236e9e655a7e35cf1159d502b653f2d05": {
                "Name": "mailu_imap_1",
                "EndpointID": "c92a0e46b68bb2f594dfb7395a6e6d206d0497c2b30103395edcafa547153c10",
                "MacAddress": "02:42:c0:a8:cb:07",
                "IPv4Address": "192.168.203.7/24",
                "IPv6Address": ""
            },
            "f25bec8296de7375d78c190b8fbe8dc2ed1eff3d3adbe53655428341f53b3da1": {
                "Name": "mailu_webdav_1",
                "EndpointID": "0154fd24c909d460830539cfe55fbb8b9c201abc17b1d2ae5cbbd49964e59e1a",
                "MacAddress": "02:42:c0:a8:cb:03",
                "IPv4Address": "192.168.203.3/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true"
        },
        "Labels": {
            "com.docker.compose.network": "default",
            "com.docker.compose.project": "mailu",
            "com.docker.compose.version": "1.27.4"
        }
    }
]
0
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?