docker容器间可以ping同,访问服务提示 No route to host
firewall-cmd --permanent --zone=public --add-rich-rule='rule family=ipv4 source address=172.0.0.0/8 accept'
firewall-cmd --reload
如果是centos8,执行以下命令
注意:如果存在多个docker相关的桥接网络(默认docker0),需要一起加信任列表
nmcli connection modify docker0 connection.zone trusted
systemctl stop NetworkManager.service
firewall-cmd --permanent --zone=trusted --change-interface=docker0
systemctl start NetworkManager.service
nmcli connection modify docker0 connection.zone trusted
systemctl restart docker.service