練習4

練習4

暴露容器的端口給外部網路訪問(DNAT):

● -p <containerPort>:將容器端口映射至宿主機上所有地址的一個動態端口

[root@localhost ~]# docker container run --name w1 -d -p 80 nginx:stable-alpine  #創建w1容器運行著nginx服務,並加-p選項暴露80端口映射到宿主機上所有地址的一個動態端口
197a5b097143d29f4cbef725ee40d089b9917f9eb175f0dff134785099800a08
[root@localhost ~]# docker container port w1  #查看w1容器暴露的port映射到宿主機上的哪個動態端口,執行iptables -t nat -vnL也可以查看有一條DNAT規則
80/tcp -> 0.0.0.0:49154
80/tcp -> :::49154
[root@localhost ~]# ifconfig  #查看宿主機的ip
…
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
       inet 192.168.128.234  netmask 255.255.255.0  broadcast 192.168.128.255
       inet6 fe80::12da:f368:4b08:ba51  prefixlen 64  scopeid 0x20<link>
       ether 00:0c:29:98:00:1a  txqueuelen 1000  (Ethernet)
       RX packets 10117  bytes 902573 (881.4 KiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 3677  bytes 616382 (601.9 KiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
…
[root@localhost ~]# curl 192.168.128.234:49154  #另一台宿主機訪問w1容器的nginx服務
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
   body {
       width: 35em;
       margin: 0 auto;
       font-family: Tahoma, Verdana, Arial, sans-serif;
   }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

● -p <hostPort>:<containerPort>:將容器端口映射至宿主機上所有地址的一個指定端口

[root@localhost ~]# docker container run --name w1 -d -p 8080:80 nginx:stable-alpine  #創建w1容器運行著nginx服務,並加-p選項暴露80端口映射到宿主機上所有地址的一個指定端口89db2a6b29bfcd668dfc5cdb81e46a67d65a4596c2c9d02b0ebf7226d32c9873
[root@localhost ~]# docker container port w1  #查看w1容器暴露的port映射到宿主機上的哪個指定端口,執行iptables -t nat -vnL也可以查看有一條DNAT規則
80/tcp -> 0.0.0.0:8080
80/tcp -> :::8080
[root@localhost ~]# ifconfig  #查看宿主機的ip
…
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
       inet 192.168.128.234  netmask 255.255.255.0  broadcast 192.168.128.255
       inet6 fe80::12da:f368:4b08:ba51  prefixlen 64  scopeid 0x20<link>
       ether 00:0c:29:98:00:1a  txqueuelen 1000  (Ethernet)
       RX packets 10117  bytes 902573 (881.4 KiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 3677  bytes 616382 (601.9 KiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
…
[root@localhost ~]# curl 192.168.128.234:8080  #另一台宿主機訪問w1容器的nginx服務
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
   body {
       width: 35em;
       margin: 0 auto;
       font-family: Tahoma, Verdana, Arial, sans-serif;
   }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

● -p <ip>::<containerPort>:將容器端口映射至宿主機上指定地址的一個動態端口

[root@localhost ~]# docker container run --name w1 -d -p 192.168.128.234::80 nginx:stable-alpine  #創建w1容器運行著nginx服務,並加-p選項暴露80端口映射到宿主機上指定地址的動態端口
a09b316a846b77968589415c6c3a44d7ae9e9c8a628dd42e8a834228b1491117
[root@localhost ~]# docker container port w1  #查看w1容器暴露的port映射到宿主機上的哪個指定地址的哪個動態端口,執行iptables -t nat -vnL也可以查看有一條DNAT規則
80/tcp -> 192.168.128.234:49153
[root@localhost ~]# curl 192.168.128.234:49153  #另一台宿主機訪問w1容器的nginx服務
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
   body {
       width: 35em;
       margin: 0 auto;
       font-family: Tahoma, Verdana, Arial, sans-serif;
   }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

● -p <ip>:<hostPort>:<containerPort>:將容器端口映射至宿主機上指定地址的一個指定端口

[root@localhost ~]# docker container run --name w1 -d -p 192.168.128.234:8080:80 nginx:stable-alpine  #創建w1容器運行著nginx服務,並加-p選項暴露80端口映射到宿主機上指定地址的一個指定端口
4a1c56d10fa1fd48c683ad925cacb1d64c8ef7c34eac4e5e18f9732a36575049
[root@localhost ~]# docker container port w1  #查看w1容器暴露的port映射到宿主機上的哪個指定地址的哪個指定端口,執行iptables -t nat -vnL也可以查看有一條DNAT規則
80/tcp -> 192.168.128.234:8080
[root@localhost ~]# curl 192.168.128.234:8080  #另一台宿主機訪問w1容器的nginx服務
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
   body {
       width: 35em;
       margin: 0 auto;
       font-family: Tahoma, Verdana, Arial, sans-serif;
   }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

提示:如果要暴露多個端口,則-p選項可以使用多次。

● -P:直接暴露容器內的所有端口映射至宿主機上所有地址的動態端口

[root@localhost ~]# docker container run --name w1 -d -P nginx:stable-alpine
6b7e0731f76eeb0f86a300f7fa783d06df41bd543077fd2d5e96b47d26c6d70f
[root@localhost ~]# docker container port w1
80/tcp -> 0.0.0.0:49155
80/tcp -> :::49155