缘起:docker+jenkins实现maven项目自动部署,过程需要同一宿主机下的docker+nexus,报错:[ERROR] Non-resolvable parent POM for com.gs:base_common:0.0.1: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.4.3 from/to localmaven (http://192.168.0.136:8088/repository/maven-public/): Transfer failed for http://192.168.0.136:8088/repository/maven-public/org/springframework/boot/spring-boot-starter-parent/2.4.3/spring-boot-starter-parent-2.4.3.pom and ‘parent.relativePath’ points at no local POM @ line 15, column 10: No route to host (Host unreachable) -> [Help 2]
重点看加粗字体部分:No route to host (Host unreachable)
说明docker+jenkins内部无法访问宿主机网址,网上有说把8080端口在防火墙里面开放即可,其实不然。
需要在/etc/firewalld/zones/public.xml 增加规则
首先 [root@localhost ~]# ip a查看docker0桥接信息,不出意外是这样的:
我们需要做的就是在/etc/firewalld/zones/public.xml 中添加下边一段:
<rule family="ipv4">
<source address="172.17.0.0/16" />
<accept />
</rule>
添加完的效果
<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<service name="ssh"/>
<service name="dhcpv6-client"/>
<service name="http"/>
<port protocol="tcp" port="8080"/>
<port protocol="tcp" port="6666"/>
<port protocol="tcp" port="2375"/>
<port protocol="tcp" port="8083"/>
<port protocol="tcp" port="8081"/>
<port protocol="tcp" port="10080"/>
<port protocol="tcp" port="8086"/>
<port protocol="tcp" port="10000"/>
<port protocol="tcp" port="8088"/>
<rule family="ipv4">
<source address="172.17.0.0/16" />
<accept />
</rule>
</zone>