Docker container custom hosts network access operation

Adding the extra_hosts keyword in docker-compose.yml will write data to the container's /etc/hosts.

extra_hosts

Add a host name mapping.

extra_hosts:

“somehost:162.242.195.82”

"otherhost:50.31.209.229"

The record will be created in /etc/hosts:

162.242.195.82 somehost

50.31.209.229 otherhost

Notice:

If it is pointing to the local machine, do not write the container's IP (because the IP will change after restart, unless you set a fixed IP for the container) but write the host's IP, such as 192.168.xxx.xxx

Supplement: Docker network: host mode

When we are ready to apply Docker technology to production-level scenarios, we need to understand a lot of network knowledge. Networking is a relatively weak part of Docker. We need to understand Docker's network knowledge to meet higher network requirements.

This section first gives a theoretical introduction to the host model in the Docker network model, and then uses practical examples to help you better understand the Docker network model.

Docker Network

When you install Docker, it automatically creates three networks. You can list these networks using the docker network ls command:

docker network ls

The result should be as follows

NETWORK ID NAME DRIVER SCOPE
594430d2d4bb bridge bridge local
d855b34c5d51 host host local
b1ecee29ed5e none null local

Docker has these three built-in networks, and when running a container, you can use them to specify which networks the container should connect to.

When we use docker run to create a Docker container, we can use the --network flag option to specify the network mode of the container. Docker has the following four network modes:

Host mode: Use --net=host to specify.

None mode: Use --net=none to specify.

Bridge mode: Use --net=bridge to specify, the default setting.

Container mode: Use --net=container:NAME_or_ID to specify.

Host mode

Docker uses Linux's Namespaces technology to isolate resources, such as PID Namespace to isolate processes, Mount Namespace to isolate file systems, and Network Namespace to isolate networks. A Network Namespace provides an independent network environment, including network cards, routing, Iptable rules, etc., which are isolated from other Network Namespaces.

The host mode is similar to VMware's bridge mode. It is in the same network as the host machine, but does not have an independent IP address. A Docker container is generally assigned an independent Network Namespace.

However, if the host mode is used when starting the container, the container will not obtain an independent Network Namespace, but will share a Network Namespace with the host. The container will not virtualize its own network card, configure its own IP, etc., but will use the host's IP and port.

As shown in the following figure: The container and the host are in the same network namespace and use the same network protocol stack. The container can directly use all network interfaces of the host.

Case Verification

View host link interface

ip a

The IP of the cloud environment host on the right is {host0.ip}/24. Start the nginx container in host mode and listen to its tcp80 port.

Use the --net host parameter to specify the network model to use host mode

docker run --name=nginx --net=host -p 80:80 -d nginx

Check the container link interface, which is consistent with the host

docker exec -it nginx cat /etc/hosts

At this time, if the outside world wants to access the application in the container, just use {host0.ip}:80 without any NAT conversion, just like running directly in the host machine. However, other aspects of the container, such as the file system and process list, are still isolated from the host machine.

curl {host0.ip}

Summarize

The host mode is simple and has high performance. The network model under the host mode is the simplest and lowest latency mode. The container process communicates directly with the host network interface, which is consistent with the performance of the physical machine. The host is not conducive to self-configuration and management of the network, and all containers of the host use the same IP.

It is also not conducive to the utilization of host resources. This mode can be used when high network performance requirements are required. Otherwise other modes should be used

The above is my personal experience. I hope it can give you a reference. I also hope that you will support 123WORDPRESS.COM. If there are any mistakes or incomplete considerations, please feel free to correct me.