0

我正在尝试在 swarm 集群上公开 portainer 代理端口 9001,以便从外部 portainer 访问它,它以“全局”模式部署。

以下 docker-compose 文件有效:

version: "3.2"
services:
  agent:
    image: "portainer/agent:1.1.2"
    environment:
      AGENT_CLUSTER_ADDR: tasks.agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
      - priv_portainer
    deploy:
      mode: global

networks:
  priv_portainer:
    driver: overlay

然后,当我尝试公开端口 9001 时,堆栈启动,但出现日志错误,并且 portainer 无法连接这些代理:

version: "3.2"
services:
  agent:
    image: "portainer/agent:1.1.2"
    environment:
      AGENT_CLUSTER_ADDR: tasks.agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    ports:
      - "9001:9001"
    networks:
      - priv_portainer
    deploy:
      mode: global

networks:
  priv_portainer:
    driver: overlay

与另一个端口的事件:

ports:
  - "19001:9001"

甚至与一个无关的端口:

ports:
  - "12345:54321"

编辑

来自堆栈的日志:

portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: b6040a1ccc2a 10.255.0.13 portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:50 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true) portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: c6c277e3f60b 10.255.0.11 portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: 3e290151a5eb 10.255.0.12 portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.12:7946: write udp [::]:7946->10.255.0.12:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.12:7946: write udp [::]:7946->10.255.0.12:7946: sendto: operation not permitted portainer_agent_agent.0.13cjb851d9me@ignochtulelk02d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: 3e290151a5eb 10.255.0.12 portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: b6040a1ccc2a 10.255.0.13 portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: c6c277e3f60b 10.255.0.11 portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true) portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.985h7xcfkux0@ignopotulelk03d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.11:7946: write udp [::]:7946->10.255.0.11:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: c6c277e3f60b 10.255.0.11 portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:50 [INFO] serf: EventMemberJoin: b6040a1ccc2a 10.255.0.13 portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:50 [INFO] - Starting Portainer agent version 1.1.2 on 0.0.0.0:9001 (cluster mode: true) portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [INFO] serf: EventMemberJoin: 3e290151a5eb 10.255.0.12 portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.13:7946: write udp [::]:7946->10.255.0.13:7946: sendto: operation not permitted portainer_agent_agent.0.mljirysir6px@ignopotulelk01d | 2018/11/26 05:28:51 [ERR] memberlist: Failed to send gossip to 10.255.0.12:7946: write udp [::]:7946->10.255.0.12:7946: sendto: operation not permitted

当我更换:

ports:
  - "9001:9001"

和 :

- target: 9001
  published: 9001
  protocol: tcp
  mode: host

它有效,为什么host模式可以解决这个问题?

4

0 回答 0