Of Stack

Detailed Explanation of Container Network Configuration Command in docker

  • 2021-07-01 08:33:11
  • OfStack

Network basic configuration

Although Docker can "open more" containers according to the mirror image, and each container does not affect each other, it does not mean that the containers are completely broken from each other. Docker provides the network interconnection function of mapping container port to host host and container port to another container when running mirroring, so that containers can communicate with host host and containers.

# # # Access container applications from outside

When starting the container, if the corresponding parameters are not specified, the network applications and services in the container cannot be accessed through the network outside the container. The port mapping can be specified with the-P or-p parameter when a network application that needs external access is running in the container. When the-P tag is used, Docker randomly maps a port from 49000 to 49900 to an open network port inside the container: 


docker run -d -p [mirror ID or TAG]

Using-p (lowercase), you can specify the port to be mapped, and only one container can be bound to one specified port. The supported formats are ip: hostPort: containerPort ip:: containerPort hostPort: containerPort.

Map all interface addresses

Use hostPort: containerPort to map the local 5000 port to the container's 5000 port: 


docker run -d -p 5000:5000 training/webapp python app.py

At this time, all addresses on all local interfaces are bound by default. Multiple uses of the-p tag can bind multiple ports: 


docker run -d -p 5000:5000 -p 3000:80 training/webapp python app.py

Mapped to the specified port at the specified address

You can use the ip: hostPort: containerPort format to specify that the mapping uses a specific address, such as localhost address 127.0. 0.1: 


docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py

It can also be the IP address of another container inside.

Any port mapped to the specified address

Bind any port of localhost to the container 5000 port using ip:: containerPort, and the local host automatically assigns one port: 


docker run -d -p 127.0.0.1::5000 training/webapp python app.py

You can also use the udp tag to specify the udp port: 


docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py

View Mapped Port Configuration

Use docker port to view the currently mapped port configuration, and you can also view the bound address: 


docker port nostalgic_morse 5000

The container has its own internal network and IP address (all variable values can be obtained using docker inspect + container ID).

Container interconnection realizes intercommunication between containers

Container connection system is another way to interact with applications in a container besides port mapping. It creates a tunnel between the source and the receiving container, and the receiving container can see the information specified by the source container.

Custom container naming

The connection system is performed according to the name of the container. Therefore, you need to customize a easy-to-remember container name first.

Although the system assigns 1 name by default when creating a container, customizing a named container has two benefits:

Custom naming is easier to remember It can be used as a useful parameter point when connecting other containers, such as connecting web containers to db containers.

Use the--name tag to customize the naming of containers: 


docker run -d -p --name web training/webapp python app.py

Use docker ps to see the name, or use docker inspect to see the name of the container: 


docker inspect -f "{{name}}" [mirror ID]

The name of the container is only 1. If you have already named a container named web, you must delete the container with the command docker rm before you can create a new container with the name web.

Container interconnection

Using the--link parameter allows containers to interact safely.

The format of the--link parameter is--link name: alias, where name is the name of the container to be linked and alias is the alias of the connection.

For example, let's first create a new database container: 


docker run -d --name db training/postgres

Then create another web container and connect it to the db container: 


docker run -d -p 5000:5000 training/webapp python app.py
0

At this point, the db container and the web container can communicate with each other. You can use docker ps to view the container's connections.

Using the--link parameter allows Docker to communicate with each other through a secure tunnel between two containers, instead of opening the port, thus avoiding exposing the port to the external network.

View successive information about the exposed container

Environment variables: Use the env command to view the container's environment variables 


docker run -d -p 5000:5000 training/webapp python app.py
1

/etc/hosts file: When the link parameter is used, Docker adds host information to the parent container's/etc/hosts file. The following is the hosts file of the parent container web 


docker run -d -p 5000:5000 training/webapp python app.py
2

The first is the host information of the web container, with its own id as the host name by default. The second is the ip and host name of the db container.

Related articles: