Docker 容器上的应用程序之间的 Curl 连接被拒绝

Question

我有一个网站 (ZF1) 和一个 API (Laravel) 在同一个 Docker (Laradock) 容器上运行。我可以通过浏览器分别访问每个，但是当我从网站向应用程序发出 cURL 请求时，我得到一个空响应并且标头返回 0。如果我输出 cURL 错误，那么我得到这个：

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, '[API_ENDPOINT]');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_close ($ch);

echo curl_strerror(curl_errno($ch));

(7) Failed to connect to [API_HOST] port 80: Connection refused

但是，如果我从应用程序向https://www.google.com发出 cURL 请求，则会返回结果。我也尝试使用 file_get_contents()，但我没有收到任何响应和以下警告：

[Thu May 18 21:41:33.828737 2017] [proxy_fcgi:error] [pid 949:tid 139999802541824] [client 172.20.0.1:49652] AH01071: Got error 'PHP message: PHP Warning:  file_get_contents
([API_ENDPOINT]): failed to open stream: Connection refused in /var/www/projects/[APPLICATION_PATH]/[CONTROLLER].php on line 2367\n', referer: [WEBSITE_HOST]/[URI]

我还通过 SSH 连接到 Apache2 容器，并且能够成功地对 API_ENDPOINT 进行 cURL 调用并取回预期的数据。然后我尝试使用 wget 获取标题信息并收到以下信息：

root@cd3a4177dcfa:/var/log/apache2# wget --header="Host: http://subdomain.example.dev/api/calendarevents" -Os http://localhost
--2017-05-19 07:28:15--  http://localhost/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:80... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

--2017-05-19 07:28:16--  (try: 2)  http://localhost/
Connecting to localhost (localhost)|::1|:80... connected.
HTTP request sent, awaiting response... No data received.
Retrying.

如果是 Apache2 问题，这里是我的 API VirtualHost：

Listen 80
<VirtualHost *:80>
  ServerName subdomain.example.dev
  DocumentRoot /var/www/projects/[API_PROJECT]/public/
  CustomLog /var/log/apache2/[API_HOST]-access.log combined
  ErrorLog /var/log/apache2/[API_HOST]-error.log
  Options Indexes FollowSymLinks

  <Directory "/var/www/projects/[API_PROJECT]/public/">
      Options FollowSymLinks
      AllowOverride All
      Require all Granted
  </Directory>

  # set environment
  #SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // Did not notice a difference in behavior when enabled
  #CGIPassAuth on // Sites stopped loading when enabled
</VirtualHost>

和网站虚拟主机：

Listen 80
<VirtualHost *:80>
  ServerName [WEBSITE_HOST]
  DocumentRoot /var/www/projects/[WEBSITE_PROJECT]
  ErrorLog /var/log/apache2/[WEBSITE_HOST]-error.log
  Options Indexes FollowSymLinks

  <Directory "/var/www/projects/[WEBSITE_PROJECT]/repo">
    Options FollowSymLinks
    AllowOverride All
    Require all Granted
  </Directory>

  # set environment
  SetEnv APPLICATION_ENV development
  SetEnv APPLICATION_LOGGING false
  #SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // Did not notice a difference in behavior when enabled
  #CGIPassAuth on // Sites stopped loading when enabled
</VirtualHost>

这是 Docker 信息（Windows 10/Hyper V/Docker Version 17.03.1-ce-win12 (12058) Channel: stable）

Containers: 9
 Running: 5
 Paused: 0
 Stopped: 4
Images: 233
Server Version: 17.03.1-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host ipvlan macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc
runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe
init version: 949e6fa
Security Options:
 seccomp
  Profile: default
Kernel Version: 4.9.27-moby
Operating System: Alpine Linux v3.5
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.837 GiB
Name: moby
ID: PE42:IS45:4OO6:JMEQ:NWNB:NQDF:RPEL:JPHJ:L6OP:A5SL:IDP3:F7SV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
 File Descriptors: 86
 Goroutines: 74
 System Time: 2017-05-19T04:52:50.5943959Z
 EventsListeners: 0
Registry: https://index.docker.io/v1/
Experimental: true
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

这些是我目前正在运行的容器：

CONTAINER ID        IMAGE                COMMAND                  CREATED             STATUS              PORTS                                      NAMES
cd3a4177dcfa        laradock_apache2     "/opt/docker/bin/e..."   8 hours ago         Up 8 hours          0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   laradock_apache2_1
8ef66cb80a2e        laradock_php-fpm     "docker-php-entryp..."   8 hours ago         Up 8 hours          9000/tcp                                   laradock_php-fpm_1
988eff458036        laradock_workspace   "/sbin/my_init"          8 hours ago         Up 8 hours          0.0.0.0:2222->22/tcp                       laradock_workspace_1
8be5253e8622        laradock_redis       "docker-entrypoint..."   8 hours ago         Up 8 hours          0.0.0.0:6379->6379/tcp                     laradock_redis_1
aa6d8d6ae950        laradock_mysql       "docker-entrypoint..."   8 hours ago         Up 8 hours          0.0.0.0:3306->3306/tcp                     laradock_mysql_1

我不确定是什么导致同一容器上的两个站点之间的连接被拒绝。我检查了我的 php.ini 并且启用了 curl 和 allow_url_fopen = on 。我可以通过浏览器和 CLI cURL 直接访问 API_ENDPOINT 并获得预期的结果。在这一点上，我最好的猜测是某种端口冲突、授权标头被阻止、Apache2 配置或某种奇怪的 Docker/Laradock 问题。我还认为这可能是 Apache2 和 PHP-FPM 之间的冲突，但是这里详述的解决方案似乎对我不起作用。

预先感谢您提供的任何帮助。

Answer 1

而不是添加到 php-fpm 容器的 extra_hosts 。修改 Apache2 容器的 Backend 网络定义并添加别名。这是你不必在每次 ip 更改时不断更改 extra_hosts

    networks:
        frontend:              
        backend:
         aliases:
          - subdomain.example.app