Operations of communication between Docker containers and external network communication
Communication between containers1. Network sharing of containersDocker containers in this mode share a network stack so that two containers can communicate efficiently and quickly using localhost. Used for communication between web servers and application servers.
##Clear the experimental environment[root@server1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
##Create container with default network [root@server1 ~]# docker run -it --name vm1 ubuntu
root@b1a2a90f98a5:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
368: eth0@if369: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@b1a2a90f98a5:/# [root@server1 ~]#
##container creates vm2 that shares the network with vm1
[root@server1 ~]# docker run -it --name vm2 --network container:vm1 ubuntu
root@b1a2a90f98a5:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
368: eth0@if369: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@b1a2a90f98a5:/#
2.--link method
##Clear the image [root@server1 ~]# docker rm -f vm1
vm1
[root@server1 ~]# docker rm -f vm2
vm2
[root@server1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
##Default network creates vm1
[root@server1 ~]# docker run -it --name vm1 ubuntu
root@68e56c57a9a0:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
370: eth0@if371: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@68e56c57a9a0:/# [root@server1 ~]#
##--link method to create container vm2 of vm1 subnet
[root@server1 ~]# docker run -it --name vm2 --link vm1:web ubuntu
root@61267851b484:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
372: eth0@if373: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 ##ip is in the same network segment as vm1, increasing valid_lft forever preferred_lft forever
##Parse the file containing vm1's ip and alias information root@61267851b484:/# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 web 68e56c57a9a0 vm1
172.17.0.3 61267851b484
root@61267851b484:/# ^C
root@61267851b484:/#
--linkUpdate the hosts file The variables of the link container are also copied
root@61267851b484:/#env HOSTNAME=61267851b484 TERM=xterm LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PWD=/ SHLVL=1 HOME=/root WEB_NAME=/vm2/web LESSOPEN=| /usr/bin/lesspipe %s LESSCLOSE=/usr/bin/lesspipe %s %s _=/usr/bin/env root@61267851b484:/# When the container is stopped, the IP address will be released. When it is started again, other IP addresses will be acquired. The linked container will automatically update the hosts file. Communication between the container and the external network
View the current iptable nat table firewall policy [root@server1 ~]# iptables -t nat -nL Chain PREROUTING (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 172.26.0.0/24 0.0.0.0/0 MASQUERADE all -- 172.20.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.18.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 Chain DOCKER (2 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 ##Create nginx container and map port [root@server1 ~]# docker run -d --name nginx -p 80:80 nginx cfefe6420cfe60c46cb7a050c142af7eff86fa6d687c3577077a5b4e2c8b961c ##Open port 80 [root@server1 ~]# docker port nginx 80/tcp -> 0.0.0.0:80 [root@server1 ~]# netstat -antlp | grep 80 tcp6 0 0 :::80 :::* LISTEN 27094/docker-proxy [root@server1 ~]# iptables -t nat -nL Chain PREROUTING (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 172.26.0.0/24 0.0.0.0/0 MASQUERADE all -- 172.20.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.18.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80 Chain DOCKER (2 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.2:80 [root@server1 ~]#
The above is my personal experience. I hope it can give you a reference. I also hope that you will support 123WORDPRESS.COM. If there are any mistakes or incomplete considerations, please feel free to correct me. You may also be interested in:
|
<<: Implementation of MySQL joint index (composite index)
>>: A brief discussion on CSS3 animation jamming solutions
Recommend
Docker container log analysis
View container logs First, use docker run -it --r...
MySQL performance comprehensive optimization method reference, from CPU, file system selection to mysql.cnf parameter optimization
This article summarizes some common MySQL optimiz...
MySQL knowledge points for the second-level computer exam mysql alter command
Usage of alter command in mysql to edit table str...
The difference and introduction of ARGB, RGB and RGBA
ARGB is a color mode, which is the RGB color mode...
A brief discussion on the lock range of MySQL next-key lock
Preface One day, I was suddenly asked about MySQL...
How to Rename a Group of Files at Once on Linux
In Linux, we usually use the mv command to rename...
Detailed explanation of Docker Compose deployment and basic usage
1. Docker Compose Overview Compose is a tool for ...
JavaScript implements large file upload processing
Many times when we process file uploads, such as ...
Create a virtual environment using venv in python3 in Ubuntu
1. Virtual environment follows the project, creat...
The table tbody in HTML can slide up and down and left and right
When the table header is fixed, it needs to be di...
Solution to the problem of mysql service starting but not connecting
The mysql service is started, but the connection ...
Understanding the Lazy Loading Attribute Pattern in JavaScript
Traditionally, developers create properties in Ja...
The table merges cells and the img image to fill the entire td HTML
Source code (some classes deleted): Copy code The ...
MySQL performance optimization tips
MySQL Performance Optimization MySQL is widely us...
Detailed explanation of template tag usage (including summary of usage in Vue)
Table of contents 1. Template tag in HTML5 2. Pro...