Operations of communication between Docker containers and external network communication
Communication between containers1. Network sharing of containersDocker containers in this mode share a network stack so that two containers can communicate efficiently and quickly using localhost. Used for communication between web servers and application servers.
##Clear the experimental environment[root@server1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
##Create container with default network [root@server1 ~]# docker run -it --name vm1 ubuntu
root@b1a2a90f98a5:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
368: eth0@if369: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@b1a2a90f98a5:/# [root@server1 ~]#
##container creates vm2 that shares the network with vm1
[root@server1 ~]# docker run -it --name vm2 --network container:vm1 ubuntu
root@b1a2a90f98a5:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
368: eth0@if369: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@b1a2a90f98a5:/#
2.--link method
##Clear the image [root@server1 ~]# docker rm -f vm1
vm1
[root@server1 ~]# docker rm -f vm2
vm2
[root@server1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
##Default network creates vm1
[root@server1 ~]# docker run -it --name vm1 ubuntu
root@68e56c57a9a0:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
370: eth0@if371: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@68e56c57a9a0:/# [root@server1 ~]#
##--link method to create container vm2 of vm1 subnet
[root@server1 ~]# docker run -it --name vm2 --link vm1:web ubuntu
root@61267851b484:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
372: eth0@if373: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 ##ip is in the same network segment as vm1, increasing valid_lft forever preferred_lft forever
##Parse the file containing vm1's ip and alias information root@61267851b484:/# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 web 68e56c57a9a0 vm1
172.17.0.3 61267851b484
root@61267851b484:/# ^C
root@61267851b484:/#
--linkUpdate the hosts file The variables of the link container are also copied
root@61267851b484:/#env HOSTNAME=61267851b484 TERM=xterm LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PWD=/ SHLVL=1 HOME=/root WEB_NAME=/vm2/web LESSOPEN=| /usr/bin/lesspipe %s LESSCLOSE=/usr/bin/lesspipe %s %s _=/usr/bin/env root@61267851b484:/# When the container is stopped, the IP address will be released. When it is started again, other IP addresses will be acquired. The linked container will automatically update the hosts file. Communication between the container and the external network
View the current iptable nat table firewall policy [root@server1 ~]# iptables -t nat -nL Chain PREROUTING (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 172.26.0.0/24 0.0.0.0/0 MASQUERADE all -- 172.20.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.18.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 Chain DOCKER (2 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 ##Create nginx container and map port [root@server1 ~]# docker run -d --name nginx -p 80:80 nginx cfefe6420cfe60c46cb7a050c142af7eff86fa6d687c3577077a5b4e2c8b961c ##Open port 80 [root@server1 ~]# docker port nginx 80/tcp -> 0.0.0.0:80 [root@server1 ~]# netstat -antlp | grep 80 tcp6 0 0 :::80 :::* LISTEN 27094/docker-proxy [root@server1 ~]# iptables -t nat -nL Chain PREROUTING (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 172.26.0.0/24 0.0.0.0/0 MASQUERADE all -- 172.20.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.18.0.0/16 0.0.0.0/0 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80 Chain DOCKER (2 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.2:80 [root@server1 ~]#
The above is my personal experience. I hope it can give you a reference. I also hope that you will support 123WORDPRESS.COM. If there are any mistakes or incomplete considerations, please feel free to correct me. You may also be interested in:
|
<<: Implementation of MySQL joint index (composite index)
>>: A brief discussion on CSS3 animation jamming solutions
Recommend
Tutorial on deploying the open source project Tcloud with Docker on CentOS8
1. Install Docker 1. I installed Centos7 in the v...
Detailed explanation of the usage and difference between nohup and & in Linux
Example: We use the Python code loop_hello.py as ...
Detailed explanation of DIV+CSS naming rules can help achieve SEO optimization
1. CSS file naming conventions Suggestion: Use le...
Nodejs uses readline to prompt for content input example code
Table of contents Preface 1. bat executes js 2. T...
CSS3 transition to achieve underline example code
This article introduces the sample code of CSS3 t...
How to change the domestic source of Ubuntu 20.04 apt
UPD 2020.2.26 Currently Ubuntu 20.04 LTS has not ...
How to create a database in navicat 8 for mysql
When developing a website, you often need to use ...
my.cnf parameter configuration to optimize InnoDB engine performance
I have read countless my.cnf configurations on th...
Exploring the use of percentage values in the background-position property
How background-position affects the display of ba...
Detailed explanation of how to enable https service in Apache under Linux environment
This article describes how to enable https servic...
JavaScript to achieve accordion effect
This article shares the specific code for JavaScr...
VMware Workstation installation Linux (Ubuntu) system
For those who don't know how to install the s...
Analysis and description of network configuration files under Ubuntu system
I encountered a strange network problem today. I ...
How to retrieve password for mysql 8.0.22 on Mac
Mac latest version of MySQL 8.0.22 password recov...
VMware vSAN Getting Started Summary
1. Background 1. Briefly introduce the shared sto...