Bridge(默认)
默认选项所以,无需使用--network选项,使用默认的docker0网桥;,可以访问外网,但外网需要通过防火墙才能访问本地容器;
[root@www ~]# docker run --rm --name bux1 --network bridge busybox:1.29 ifconfig -a
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:180 (180.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
端口映射:
[root@www ~]# docker container run --name ngx1 --rm -p 80 ljymyy/nginx
[root@www ~]# docker port ngx1
80/tcp -> 0.0.0.0:32768
2.
[root@www ~]# docker container run --name ngx1 --rm -p 80:80 ljymyy/nginx
[root@www ~]# docker port ngx1
80/tcp -> 0.0.0.0:80
3.
[root@www ~]# docker container run --name ngx1 --rm -p 172.16.75.3::80 ljymyy/nginx
[root@www ~]# docker port ngx1
80/tcp -> 172.16.75.3:32768
4.
[root@www ~]# docker container run --name ngx1 --rm -p 172.16.75.3:80:80 ljymyy/nginx
[root@www ~]# docker port ngx1
80/tcp -> 172.16.75.3:80
5.使用”-P”选项可以将端口暴露出来;
[root@www ~]# docker container run --name ngx1 --rm -P ljymyy/nginx
[root@www ~]# docker port ngx1
80/tcp -> 0.0.0.0:32769
6.使用”--expose”选项可以手动指定端口进行暴露;
[root@www ~]# docker container run --name bux --rm -it -P --expose 123 --expose 678 busybox:1.29
/ #
[root@www ~]# docker port bux
123/tcp -> 0.0.0.0:32771
678/tcp -> 0.0.0.0:32770
NONE
不指定任何IP地址和端口号,一般用于数据的备份和恢复等各种离线操作;
[root@www ~]# docker run --rm --name bux1 --network none busybox:1.29 ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Container
先让一个容器开放2222端口;然后再用另一个容器joined container,观察其端口号;
[root@www ~]# docker run --name bux1 -d -p 2222 busybox:1.29 /bin/httpd -p 2222 -f
f3c8d49bddc8a9f3597ef9ab6fcf2dbf4b8e3e831fa67803b06a95d7da0b5bfb
[root@www ~]# docker run --name bux2 --network container:bux1 busybox:1.29 netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 :::2222 :::* LISTEN