docker容器映射ip(端口映射与容器互联)
Docker除了通过网络访问外,还提供了两个很方便的功能来满足服务访问的基本需求:
- 允许映射容器内应用的服务端口到本地宿主主机;
1.从外部访问容器应用
从外部访问容器应用在启动容器的时候,如果不指定对应参数,在容器外部是无法通过网络来访问容器内的网络应用和服务的。当容器中运行一些网络应用,要让外部访问这些应用时,可以通过-P或-p参数来指定端口映射。
当使用-P(大写的)标记时,Docker会随机映射一个49000~49900的端口到内部容器开放的网络端口;
当使用-p(小写的)则可以指定要映射的端口,并且,在一个指定端口上只可以绑定一个容器。支持的格式有IP:HostPort:ContainerPort |IP::ContainerPort | HostPort:ContainerPort
2.映射所有接口地址:
$ docker run -d -p 5000:5000 resource/webapp python test.py
同时也可以映射多个地址:
$ docker run -d -p 5000:5000 -p 3000:3000 resource/webapp python test.py
3.映射到指定地址的指定端口:
$ docker run -d -p 127.0.0.1:5000:5000 resource/webapp python test.py
4.映射到指定地址的任意端口:
$ docker run -d -p 127.0.0.1::5000 resource/webapp python test.py
5.查看映射端口配置:
使用docker port命令来查看当前映射的端口配置,同时也可以查看到绑定的地址信息
$ docker port adoring_mendeleev
9000/tcp -> 0.0.0.0:9000
如果想查看容器自己内部的网络和IP地址信息,可以使用docker inspect 容器id:如下:
docker inspect 4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140
[
{
"Id": "4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140",
"Created": "2020-08-13T09:59:13.359463861Z",
"Path": "/portainer",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 13948,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-08-30T08:40:01.205520719Z",
"FinishedAt": "2020-08-14T03:48:35.028588902Z"
},
"Image": "sha256:62771b0b9b0973a3e8e95595534a1240d8cfd968d30ec82dc0393ce0a256c5f3",
"ResolvConfPath": "/var/lib/docker/containers/4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140/hostname",
"HostsPath": "/var/lib/docker/containers/4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140/hosts",
"LogPath": "/var/lib/docker/containers/4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140/4a775b0ef021e95c8968dc83d244b77261038e184e351b23f626323bcee37140-json.log",
"Name": "/adoring_mendeleev",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/var/run/docker.sock:/var/run/docker.sock",
"portainer_data:/data"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"9000/tcp": [
{
"HostIp": "",
"HostPort": "9000"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/4895973fcda8eabffc390b0dfc5a0d22d1d23d7b71256eacfa4dc0c7d662f0cb-init/diff:/var/lib/docker/overlay2/469ee91de1602d2fbfe9e6c56f842a07e31361057c7258d578ef591ec625931a/diff:/var/lib/docker/overlay2/736ee2442a49627b384a170b28053add1894f67b6015760d9e03d66882ab5ea8/diff",
"MergedDir": "/var/lib/docker/overlay2/4895973fcda8eabffc390b0dfc5a0d22d1d23d7b71256eacfa4dc0c7d662f0cb/merged",
"UpperDir": "/var/lib/docker/overlay2/4895973fcda8eabffc390b0dfc5a0d22d1d23d7b71256eacfa4dc0c7d662f0cb/diff",
"WorkDir": "/var/lib/docker/overlay2/4895973fcda8eabffc390b0dfc5a0d22d1d23d7b71256eacfa4dc0c7d662f0cb/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "portainer_data",
"Source": "/var/lib/docker/volumes/portainer_data/_data",
"Destination": "/data",
"Driver": "local",
"Mode": "z",
"RW": true,
"Propagation": ""
},
{
"Type": "bind",
"Source": "/var/run/docker.sock",
"Destination": "/var/run/docker.sock",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "4a775b0ef021",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"9000/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": null,
"Image": "portainer/portainer",
"Volumes": {
"/data": {}
},
"WorkingDir": "/",
"Entrypoint": [
"/portainer"
],
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "136752f95fa8558d98d40336b7c2ad4362f4a554adbdd52045a6b628d148df1b",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"9000/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "9000"
}
]
},
"SandboxKey": "/var/run/docker/netns/136752f95fa8",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "b45fabb881cb54f5fda7fa1369571ff86e0a63c9c844381e4f2602be468c5679",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "d61dbdb3a5311f546b09cbc5e2f5b0448e14d197133e7992d1fa4c9433014396",
"EndpointID": "b45fabb881cb54f5fda7fa1369571ff86e0a63c9c844381e4f2602be468c5679",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
- 2.实现多个容器间通过容器名来快速访问
容器的互联(linking)是一种让多个容器中的应用进行快速交互的方式。它会在源和接收容器之间创建连接关系,接收容器可以通过容器名快速访问到源容器,而不用指定具体的IP地址
1.自定义容器命名
连接系统依据容器的名称来执行。因此,首先需要自定义一个好记的容器命名。虽然当创建容器的时候,系统默认会分配一个名字,但自定义命名容器有两个好处:❑ 自定义的命名,比较好记,比如一个Web应用容器我们可以给它起名叫web,一目了然;❑ 当要连接其他容器时候(即便重启),也可以使用容器名而不用改变,比如连接web容器到db容器。使用--name标记可以为容器自定义命名:
$ docker run -d -p 5000:5000 --name web resource/webapp python test.py
容器的名称是唯一的。如果已经命名了一个叫web的容器,当你要再次使用web这个名称的时候,需要先用docker rm命令删除之前创建的同名容器
在执行docker [container] run的时候如果添加--rm标记,则容器在终止后会立刻删除。注意,--rm和-d参数不能同时使用
2.容器互联
使用--link参数可以让容器之间安全地进行交互。
先创建一个新的数据库容器:
$ docker run -d --name db test/mysql
创建一个web容器并且连接到db容器:
$ docker run -d -p 8888:8888 --name web --link db:db resource/webapp python test.py
--link参数的格式为--link name:alias,其中name是要链接的容器的名称,alias是别名
Docker相当于在两个互联的容器之间创建了一个虚机通道,而且不用映射它们的端口到宿主主机上。在启动db容器的时候并没有使用-p和-P标记,从而避免了暴露数据库服务端口到外部网络上。
Docker通过两种方式为容器公开连接信息:
❑ 更新环境变量;
❑ 更新/etc/hosts文件。
使用env命令来查看web容器的环境变量:
免责声明:本文仅代表文章作者的个人观点,与本站无关。其原创性、真实性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容文字的真实性、完整性和原创性本站不作任何保证或承诺,请读者仅作参考,并自行核实相关内容。文章投诉邮箱:anhduc.ph@yahoo.com
