无法从Docker内部使用sqlcmd连接到SQL Server

Question

在docker contaier中使用debian linux.我有sqlcmd正常工作,neseccary驱动程序安装和可定位.我知道服务器存在:

root@0feafecac36f:/home/shiny# nmap -p 31010 -sT xxx.xxx.xxx.xxx

Starting Nmap 7.60 ( https://nmap.org ) at 2018-01-25 20:46 UTC
Nmap scan report for nile-h.tmthk.org (xxx.xxx.xxx.xxx)
Host is up (0.019s latency).

PORT      STATE    SERVICE
31010/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 0.59 seconds

但是,对于我的生活,我无法弄清楚如何使用sqlcmd连接,我不知道我有什么技巧可以帮助我.此命令导致错误:

sqlcmd -S nile-h.tmthk.org,31010 -U "*********" -P "********"
Sqlcmd: Error: Microsoft ODBC Driver 13 for SQL Server : Login timeout expired.
    Sqlcmd: Error: Microsoft ODBC Driver 13 for SQL Server : TCP Provider: Error code 0x2749.
    Sqlcmd: Error: Microsoft ODBC Driver 13 for SQL Server : A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not
    accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online..

我已确认用户名和密码正确无误.那么,这可能会发生什么？有任何想法吗？我已经尝试了很多sqlcmd的迭代来试图让它正确,但到目前为止没有任何工作.

编辑:Telnet

root@0feafecac36f:/home/shiny# telnet xxx.xxx.xxx.xxx 31010
Trying xxx.xxx.xxx.xxx...
telnet: Unable to connect to remote host: Connection refused

编辑:tcptraceroute

root@0feafecac36f:/home/shiny# tcptraceroute xxx.xxx.xxx.xxx 31010
Selected device eth0, address 172.17.0.2, port 33859 for outgoing packets
Tracing the path to xxx.xxx.xxx.xxx on TCP port 31010, 30 hops max
 1  172.17.0.1  0.241 ms  0.179 ms  0.156 ms
 2  nile-h.tmthk.org (xxx.xxx.xxx.xxx) [closed]  1012.571 ms  1003.511 ms  1003.485 ms

编辑:ip route get

root@0feafecac36f:/home/shiny# ip route get xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx via 172.17.0.1 dev eth0 src 172.17.0.2
    cache

编辑:Dockerfile

FROM r-base:3.4.0
RUN apt-get update && apt-get install -y \
apt-utils \
curl \ 
libcurl4-openssl-dev \
libssl-dev \
r-cran-rjava \
gnupg2 \
r-cran-rodbc \
unixodbc \
unixodbc-dev \
apt-transport-https \
debconf-utils \
gcc  \
libct4 \
libsybdb5 \
tdsodbc \
sqsh \
mlocate \ 
sudo \
gfortran
ENV PATH="/opt/mssql-tools/bin:${PATH}"
RUN useradd -u 5555 -m -d /home/shiny -c "shiny user" shiny
ADD . /home/shiny/
RUN chown -R shiny:shiny /home/shiny 
RUN chmod 755 /home/shiny/install_sql.sh
WORKDIR /home/shiny
RUN Rscript installRpackages.R
RUN chmod 755 /home/shiny/install_sql.sh && /home/shiny/install_sql.sh
RUN    R -e "install.packages('devtools')"
RUN    R -e "devtools::install_github('rstudio/DT')"
RUN    R -e "devtools::install_github('timelyportfolio/parcoords')"
RUN    R -e "devtools::install_github('ropensci/plotly') ;  library(plotly)"
RUN    R -e "devtools::install_github('rstudio/crosstalk',force=TRUE) ;  library(crosstalk)"
RUN    R -e "install.packages(c('plotly'), dependencies = TRUE, repos='https://cran.rstudio.com/')"
RUN wget "http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u7_amd64.deb"
RUN sudo apt install ./libssl1.0.0_1.0.1t-1+deb8u7_amd64.deb
USER shiny 
EXPOSE 7777
CMD Rscript start.R 

最后,Dockerfile调用的install_sql.sh:

curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
curl https://packages.microsoft.com/config/ubuntu/16.10/prod.list > /etc/apt/sources.list.d/mssql-release.list
apt-get update
ACCEPT_EULA=Y apt-get install msodbcsql
# optional: for bcp and sqlcmd
ACCEPT_EULA=Y apt-get install mssql-tools
# optional: for unixODBC development headers
apt-get install unixodbc-dev

Answer 1

根据nmap您分享的输出判断我认为这是防火墙问题或服务器SQL Server本身阻止访问.根据man nmap:

状态是打开,过滤,关闭或未过滤[...]过滤.表示防火墙,过滤器或其他网络障碍阻塞端口,以便Nmap无法判断它是打开还是关闭.

读取sqlcmd输出(A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not accessible)也指向此方向,根据此Microsoft 帖子,它也提供了一些可能的解决方案.

如果SQL Server由您自己管理,您可以检查其日志以查看它拒绝连接的原因,并添加防火墙规则以允许从容器进行访问.如果不是这种情况,您可能需要与该服务器的管理员交谈,并要求他将您的IP添加到服务器配置文件的防火墙列表/接受连接列表中.

如果防火墙不是您的问题,请尝试将以下设置应用于SQL Server并重新测试连接.

在SQL Server配置管理器> SQL Server网络配置> [实例名称]的协议中将"全部监听"设置为"否".并在IP地址下更改127.0.0.1到[ip]用于连接.别忘了重启SQL Server!

其他提示:检查防火墙(或临时禁用它进行测试).还允许在SQL Server属性> Connections中进行远程连接.见上面的帖子.

生命更安全的是这个命令:nc -zv <ip> 1433
应该说连接到1433端口[tcp/ms-sql-s]成功了!

原始来源在这里.