Golang Dockerfile build dial tcp: lookup timeout报错解决方案
1、问题
构建fluentbit-operator工程manager模块docker镜像时报如下错误:
....... Step 5/15 : RUN go mod download ---> Running in c54961171660 go: github.com/fsnotify/fsnotify@v1.4.9: Get "https://proxy.golang.org/github.com/fsnotify/fsnotify/@v/v1.4.9.mod": dial tcp: lookup proxy.golang.org on 114.114.114.114:53: read udp 172.17.0.3:56122->114.114.114.114:53: i/o timeout The command '/bin/sh -c go mod download' returned a non-zero code: 1
由于github.com被墙了需要在Dockerfile里面配置go proxy(加上第四行、第五行)。
# Build the manager binary FROM golang:1.16 as builder ENV GO111MODULE=on ENV GOPROXY=https://goproxy.cn WORKDIR /workspace # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum # cache deps before building and copying source so that we don't need to re-download as much # and so that source changes don't invalidate our downloaded layer RUN go mod download # Copy the go source COPY cmd/manager/main.go main.go COPY api api/ COPY controllers controllers/ COPY pkg pkg/ # Build RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager main.go # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details FROM gcr.io/distroless/static:nonroot WORKDIR / COPY --from=builder /workspace/manager . USER nonroot:nonroot ENTRYPOINT ["/manager"]
注意:也可以配置GOPROXY=https://goproxy.io,但是推荐使用七牛云的“goproxy.cn”,因为“goproxy.io”也不一定可用。对于golang 1.13及以上版本,可直接如下这样:
ENV GOPROXY=https://goproxy.cn,direct
本来以为配置上go proxy后问题就解决了,没想到还是报错,错误如下:
......... Step 6/16 : RUN go mod download ---> Running in 2184a16931ce go: github.com/fsnotify/fsnotify@v1.4.9: Get "https://goproxy.cn/github.com/fsnotify/fsnotify/@v/v1.4.9.mod": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.3:57878->114.114.114.114:53: i/o timeout The command '/bin/sh -c go mod download' returned a non-zero code: 1
2、解决方案
build的时候走到下载mod包会报错:go: github.com/fsnotify/fsnotify@v1.4.9: Get "https://goproxy.cn/github.com/fsnotify/fsnotify/@v/v1.4.9.mod": dial tcp: lookup goproxy.cn on 114.114.114.114:53: read udp 172.17.0.3:57936->114.114.114.114:53: i/o timeout。
开始以为代理问题,然后又怀疑DNS问题,最终排除了这两个部分,于是猜测容器里是不是不通外网?
还真是如此。
因为之前的build指令没有特殊指定网络,所以修正指令后如下:
docker build --network host -f cmd/manager/Dockerfile -t fluentbit-operator:v3.0.2 .
可以正常构建出镜像,注意即使加了--network host也需要给Dockerfile配置上go proxy,不然还会一直卡在go mod download这步。
[root@master1 fluentbit-operator]# docker build --network host -f cmd/manager/Dockerfile -t fluentbit-operator:v3.0.2 . Sending build context to Docker daemon 3.433MB Step 1/16 : FROM golang:1.16 as builder ---> 6c29725f0797 Step 2/16 : ENV GOPROXY=https://goproxy.cn,direct ---> Using cache ---> a42da36b2133 Step 3/16 : WORKDIR /workspace ---> Using cache ---> e94a28a954c8 Step 4/16 : COPY go.mod go.mod ---> Using cache ---> 46efc36bbe79 Step 5/16 : COPY go.sum go.sum ---> Using cache ---> 464a81322ee1 Step 6/16 : RUN go mod download ---> Running in 575c4b3c913b Removing intermediate container 575c4b3c913b ---> d8bc52ee4e88 Step 7/16 : COPY cmd/manager/main.go main.go ---> 6692d247a63b Step 8/16 : COPY api api/ ---> 08e68ab13c7f Step 9/16 : COPY controllers controllers/ ---> 1cd6b203dfcf Step 10/16 : COPY pkg pkg/ ---> 3d5139bbca0c Step 11/16 : RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager main.go ---> Running in e7a230f68fa6 Removing intermediate container e7a230f68fa6 ---> 0fc2cac8c59e Step 12/16 : FROM katanomi/distroless-static:nonroot ---> 421f180b71d8 Step 13/16 : WORKDIR / ---> Running in 3b48c7462db1 Removing intermediate container 3b48c7462db1 ---> e36670f657b6 Step 14/16 : COPY --from=builder /workspace/manager . ---> bfb2e41c4d55 Step 15/16 : USER nonroot:nonroot ---> Running in 7b036773eaa7 Removing intermediate container 7b036773eaa7 ---> ca18c6d94eff Step 16/16 : ENTRYPOINT ["/manager"] ---> Running in 0c5b4fc7fc85 Removing intermediate container 0c5b4fc7fc85 ---> 8b625f2b5f13 Successfully built 8b625f2b5f13 Successfully tagged fluentbit-operator:v3.0.2
