Docker dynamically exposes port operations to container Container

View the IP address of Container

docker inspect < container name or id > | grep IPAddress

View the mapped port of Container

docker port <container name or id>
eg.
docker port d8dac7399647
docker port hfq-jedi-zxf-eden

Viewing container mapping with iptables

iptables -t nat -nvL

iptables -t nat -nvL --line-number

For example, the mapping of new ports

# # Maps host 31101 to container 6379 port

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 31101 -j DNAT --to-destination 192.168.42.2:6379

Save iptables rules

iptables-save

Description

192.168. 42.2 is based on docker inspect < container name or id > Results of grep IPAddress

After port mapping is completed, the result cannot be queried through docker port d8dac7399647

It can be passed through

iptables -t nat -nvL | grep 192.168.42.2

Query mapping relationship

Additional knowledge: Mechanisms in docker container communication and port exposure issues

Since 1, the communication between containers with docker has been using link, which limits the sequence before and after the start of each container, and always feels very inflexible. Therefore, this time, I explored the access between containers directly through the LAN allocated by docker's own network card.

Port exposure of docker refers to forwarding the port service of the container itself to the exposed port through the forwarding of docker0, such as executing:

docker run -dit -p 8080:12345 --name=container_name image_name

Use port 12345 when accessing the LAN using 172.17. 0. x assigned by docker0 network card. When accessing using 192.168. 1. x or other native public network ip, you will use 8080 to access it

Time is limited, so I don't analyze it carefully for the time being. I have time to put a picture for analysis