Port mappings are associated with containers
In addition to network access, docker provides two capabilities to meet the basic requirements of service access: one is to allow mapping of service ports applied within containers to local host hosts, and the other is to enable quick access through container names between multiple containers through an interconnection mechanism.
Port Mapping Container Access
1. Access container applications from outside. If you do not specify parameters when starting the container, network applications and services within the container cannot be accessed from outside the container through the network.Port mappings can be specified by the -P or -p parameters.
-P: Randomly map a port from 49000 to 49900 to a network port open to an internal container
[root@docker01 ~]# docker run -d -P training/webapp python app.py 75b2c32292d290aa3004b5b6cbb49775cc6f360796736473978cc32a682fdad9 [root@docker01 ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 75b2c32292d2 training/webapp "python app.py" 3 seconds ago Up 2 seconds 0.0.0.0:32770->5000/tcp musing_carson
View application information
[root@docker01 ~]# docker logs -f musing_carson * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
2. Map all interface addresses, use HostPort:ContainerPort to map local port 5000 to container port 5000
[root@docker01 ~]# docker run -d -p 5000:5000 training/webapp python app.py 6368e0f567714ad90d2b20ff71afb2231e404b35639055a665cc3715a85f010a
Or use continuous-p binding to multiple ports
[root@docker01 ~]# docker run -d -p 5000:5000 -p3000:80 training/webapp python app.py 80bfe8e1f7fd53099e3f350c5efd1160a7247d065233965cc2bc2130e2fdcbb2
3. Map to the specified port at the specified address, using the IP:HostPort:ContainerPort format to specify that the mapping uses a specific address.
[root@docker01 ~]# docker run -d -p 10.10.17.199:5000:5000 training/webapp python app.py ac228c0f2334a59856d9993e6a3eb652b50eb08ec41cedff87b331aa8d5d5f86 [root@docker01 ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ac228c0f2334 training/webapp "python app.py" 5 seconds ago Up 5 seconds 10.10.17.199:5000->5000/tcp eager_noether
4. Map to any port at the specified address, use IP::ContainerPort to bind any port of localhost to port 5000 of the container, and the local host will automatically assign a port
[root@docker01 ~]# docker run -d -p 127.0.0.1::5000 training/webapp python app.py e72dec38ae77c113418156c4ad50b601fe31d0a38b4b8f995aabdcfcc510fdcc
Use UDP tags to specify UDP ports
[root@docker01 ~]# docker run -d -p 127.0.0.1:5001:5001/udp training/webapp python app.py 581ff1531c6b604c1b66ece82c87529a02c8da0b7b19e98bd336122c151b524f
5. View the mapped port configuration and use docker port to view the mapped port configuration
[root@docker01 ~]# docker port laughing_faraday 5000 127.0.0.1:32768
Interconnection mechanism for easy mutual access
Container interconnection is a quick way for applications in multiple containers to interact. It creates a connection relationship between the source and receive containers, which can be quickly accessed from the container name without specifying a specific IP address.
1. Customize the name of the container, and the connection system is based on the name of the container.First, you need a memorable container name. Although the system is not specified to assign one by default, the benefit of specifying one is that the name is memorable and is based on applications such as the web.When you need to connect other containers, you can also use the container name without changing it.
[root@docker01 ~]# docker run -d -P --name web training/webapp python app.py 6ae6d11614f99762a519d55beb8b38f3fbff667af34be90b33d6a11477b8d99a [root@docker01 ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6ae6d11614f9 training/webapp "python app.py" 7 seconds ago Up 6 seconds 0.0.0.0:32771->5000/tcp web
2. Containers are interconnected, using the--link parameter allows safe interaction between containers
Create a new database container
[root@docker01 ~]# docker run -d --name db training/postgres Unable to find image 'training/postgres:latest' locally latest: Pulling from training/postgres Image docker.io/training/postgres:latest uses outdated schema1 manifest format. Please upgrade to atibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/ a3ed95caeb02: Pull complete 6e71c809542e: Pull complete 2978d9af87ba: Pull complete e1bca35b062f: Pull complete 500b6decf741: Pull complete 74b14ef2151f: Pull complete 7afd5ed3826e: Pull complete 3c69bb244f5e: Pull complete d86f9ec5aedf: Pull complete 010fabf20157: Pull complete Digest: sha256:a945dc6dcfbc8d009c3d972931608344b76c2870ce796da00a827bd50791907e Status: Downloaded newer image for training/postgres:latest 67b752f9c5d6f19f2811674be780673b5475c845be6f43d9b15df139ff01c0fd
Delete the previous web container and create a new one to connect it to the db container
[root@docker01 ~]# docker rm -f web web [root@docker01 ~]# docker run -d -P --name web --link db:db training/webapp python app.py de3f340d554dd01789859d6dc0fc3a0bb406e3111ca60e27f78da208def08dca
The--link parameter is formatted as--link name:alias, where name is the container name to link to and alias is the alias name.
Use docker ps to view links to containers
[root@docker01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES de3f340d554d training/webapp "python app.py" 4 minutes ago Up 4 minutes 0.0.0.0:32772->5000/tcp web 67b752f9c5d6 training/postgres "su postgres -c '/us..." 13 minutes ago Up 13 minutes 5432/tcp db
Equivalent to creating a virtual channel between two containers without mapping their ports to the host machine, starting the db container without using the -p or -P tag, avoiding exposing the database service end to the external network.
docker exposes connection information for containers in two ways
#Update environment variables
#Update/etc/hosts file
Use the env command to view the environment variables of the web container:
[root@docker01 ~]# docker run --rm --name web2 --link db:db training/webapp env PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=2ff63f7eb1d2 DB_PORT=tcp://172.17.0.3:5432 DB_PORT_5432_TCP=tcp://172.17.0.3:5432 DB_PORT_5432_TCP_ADDR=172.17.0.3 DB_PORT_5432_TCP_PORT=5432 DB_PORT_5432_TCP_PROTO=tcp DB_NAME=/web2/db DB_ENV_PG_VERSION=9.3 HOME=/root
In addition to the environment variable docker, host information is added to the parent container's/etc/hosts
[root@docker01 ~]# docker run -t -i --rm --link db:db training/webapp /bin/bash root@8ed896541b8d:/opt/webapp# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.3 db 67b752f9c5d6 172.17.0.4 8ed896541b8d root@8ed896541b8d:/opt/webapp# ping db PING db (172.17.0.3) 56(84) bytes of data. 64 bytes from db (172.17.0.3): icmp_seq=1 ttl=64 time=0.239 ms 64 bytes from db (172.17.0.3): icmp_seq=2 ttl=64 time=0.154 ms 64 bytes from db (172.17.0.3): icmp_seq=3 ttl=64 time=0.110 ms 64 bytes from db (172.17.0.3): icmp_seq=4 ttl=64 time=0.111 ms ^C --- db ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3000ms rtt min/avg/max/mdev = 0.110/0.153/0.239/0.053 ms
Users can link multiple child containers to the parent container, such as multiple web s to the same db container.