通过docker-compose安装milvus发现milvus-standalone老是报错no route to host
连接不到etcd然后等一会milvus-standalone就挂了
后来发现是服务器上的iptables设置有问题 需要在如下sh脚本中设置 br-7cedb15ab1cf
[root@nova-dev-iec sh]# pwd
/opt/sh
[root@nova-dev-iec sh]# ls
es_dump_output.sh iptables_set.sh monitor_folder_stats.sh
#!/bin/bash
#chkconfig: 2345 80 90
#description:start iptables insert docker-user filter project
. /etc/init.d/functions
## INPUT filter
iptables -F INPUT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
iptables -A INPUT -j ACCEPT -p tcp --dport 22 ## sshd
iptables -A INPUT -j ACCEPT -i docker0
iptables -A INPUT -j ACCEPT -i br-7cedb15ab1cf
iptables -A INPUT -j ACCEPT -p tcp -m multiport --dport 7001,7002,7003,7004,7071,8080,8066,9090,9080,9999,20001 ##service port
iptables -A INPUT -j ACCEPT -p tcp -m multiport --dport 10050 -s 15.96.112.45 ##zabbix server
iptables -A INPUT -j REJECT --reject-with icmp-host-unreachable
## DOCKER-USER filter
iptables -F DOCKER-USER
iptables -A DOCKER-USER -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
iptables -A DOCKER-USER -j ACCEPT -i docker0
iptables -A DOCKER-USER -j ACCEPT -i docker0 -o enp0s31f6
iptables -A DOCKER-USER -j ACCEPT -i br-7cedb15ab1cf
iptables -A DOCKER-USER -j ACCEPT -i br-7cedb15ab1cf -o enp0s31f6
# 容器内的端口
iptables -A DOCKER-USER -j ACCEPT -p tcp -m multiport --dport 443,3306,9100,9200
# 拒绝访问
iptables -A DOCKER-USER -j REJECT --reject-with icmp-host-unreachable
iptables -A DOCKER-USER -j RETURN
标签:compose,--,route,ACCEPT,host,sh,USER,INPUT,DOCKER From: https://www.cnblogs.com/xiaohanlin/p/17704882.html