docker无法指定容器连接

时间:2017-02-10 04:21:01

标签: bash ubuntu docker iptables

docker configure: root@ubuntu> ps -ef | grep docker root xxxxx /usr/bin/dockerd -H fd:// -b=br0 --icc=false --iptables=true

启动'web'容器:

docker run -d --name web -p 8080:80 php-fpm:5.4

启动'test'容器:

docker run -dit --name test --link web:web blackhole/ubuntu:0.1 bash

iptables过滤器:

root@ubuntu> sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain DOCKER (0 references)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            192.168.100.2        tcp dpt:80
ACCEPT     tcp  --  192.168.100.3        192.168.100.2        tcp dpt:80
ACCEPT     tcp  --  192.168.100.2        192.168.100.3        tcp spt:80
ACCEPT     tcp  --  192.168.100.3        192.168.100.2        tcp dpt:443
ACCEPT     tcp  --  192.168.100.2        192.168.100.3        tcp spt:443
ACCEPT     tcp  --  192.168.100.3        192.168.100.2        tcp dpt:22
ACCEPT     tcp  --  192.168.100.2        192.168.100.3        tcp spt:22
容器中的

sudo docker exec -it test bash
root@00585b9efea8:/# cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.100.2   web 2cec3235f5fa
192.168.100.3   00585b9efea8
root@00585b9efea8:/# ping web
PING web (192.168.100.2): 56 data bytes
^C--- web ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# ping 192.168.100.2
PING 192.168.100.2 (192.168.100.2): 56 data bytes
^C--- 192.168.100.2 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
root@00585b9efea8:/# curl web
^C
root@00585b9efea8:/# curl http://192.168.100.2:80
^C

指定容器的三个条件:

  

- ICC = FASLE

     

- 的iptables =真

     

- 链路

没问题,为什么不呢?

ubuntu版本:16.04.2 LTS 泊坞版:.13.1 内核版本:4.9.0-040900-generic

1 个答案:

答案 0 :(得分:2)

link选项已deprecated。对于基于DNS的服务发现,您应该创建一个新的桥接网络并指定--net以使docker容器加入此网络:

创建新的桥接网络:

docker network create --subnet=192.168.177.0/24 --gateway=192.168.177.1 www

在此网络上创建两个容器:

docker run -d --name=nginx1 --net=www nginx:1-alpine
docker run -d --name=nginx2 --net=www nginx:1-alpine

尝试按名称互相ping:

docker exec -it nginx1 /bin/sh
/ # ping nginx2
PING nginx2 (192.168.177.3): 56 data bytes
64 bytes from 192.168.177.3: seq=0 ttl=64 time=0.113 ms
64 bytes from 192.168.177.3: seq=1 ttl=64 time=0.123 ms

--- nginx2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.113/0.118/0.123 ms

您可以通过执行docker network inspect www

来查看此网络上的容器

可在此处找到更多信息: https://docs.docker.com/engine/userguide/networking/

相关问题
最新问题