Bridge(默认)
默认选项所以,无需使用--network选项,使用默认的docker0网桥;,可以访问外网,但外网需要通过防火墙才能访问本地容器;
[root@www ~]# docker run --rm --name bux1 --network bridge busybox:1.29 ifconfig -a eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03 inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:180 (180.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
端口映射:
[root@www ~]# docker container run --name ngx1 --rm -p 80 ljymyy/nginx
[root@www ~]# docker port ngx1 80/tcp -> 0.0.0.0:32768
2.
[root@www ~]# docker container run --name ngx1 --rm -p 80:80 ljymyy/nginx
[root@www ~]# docker port ngx1 80/tcp -> 0.0.0.0:80
3.
[root@www ~]# docker container run --name ngx1 --rm -p 172.16.75.3::80 ljymyy/nginx
[root@www ~]# docker port ngx1 80/tcp -> 172.16.75.3:32768
4.
[root@www ~]# docker container run --name ngx1 --rm -p 172.16.75.3:80:80 ljymyy/nginx
[root@www ~]# docker port ngx1 80/tcp -> 172.16.75.3:80
5.使用”-P”选项可以将端口expose出来;
[root@www ~]# docker container run --name ngx1 --rm -P ljymyy/nginx
[root@www ~]# docker port ngx1 80/tcp -> 0.0.0.0:32769
6.使用”--expose”选项可以手动指定端口进行暴露;
[root@www ~]# docker container run --name bux --rm -it -P --expose 123 --expose 678 busybox:1.29 / #
[root@www ~]# docker port bux 123/tcp -> 0.0.0.0:32771 678/tcp -> 0.0.0.0:32770
NONE
不指定任何IP地址和端口号,一般用于数据的备份和恢复等各种离线操作;
[root@www ~]# docker run --rm --name bux1 --network none busybox:1.29 ifconfig -a lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Container
先让一个容器开放2222端口;然后再用另一个容器joined container,观察其端口号;
[root@www ~]# docker run --name bux1 -d -p 2222 busybox:1.29 /bin/httpd -p 2222 -f ********
# docker run --name bux2 --network container:bux1 busybox:1.29 netstat -tan Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 :::2222 :::* LISTEN