我有一个流氓VM(192.168.50.4)运行带有MySQL master的Ubuntu 14.04(监听0.0.0.0:3306)。
我想在Docker容器中设置一个slave。
我设法做到了这一点,但是为了复制,我无法让奴隶与端口3306上的主人通信:
root@foo:/# telnet 172.17.42.1 3306
Trying 172.17.42.1...
我已在容器中运行nmap,这就是返回的内容:
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp closed https
我需要做些什么才能将主机的端口3306暴露给docker容器?
这是流浪者vm的ifconfig:
docker0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:172.17.42.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::38a1:35ff:fe62:4e9e/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:7876 errors:0 dropped:0 overruns:0 frame:0
TX packets:8191 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:347285 (347.2 KB) TX bytes:6942124 (6.9 MB)
eth0 Link encap:Ethernet HWaddr 08:00:27:88:0c:a6
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe88:ca6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:50125 errors:0 dropped:0 overruns:0 frame:0
TX packets:30588 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31195565 (31.1 MB) TX bytes:2403896 (2.4 MB)
eth1 Link encap:Ethernet HWaddr 08:00:27:e2:69:80
inet addr:192.168.50.4 Bcast:192.168.50.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fee2:6980/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:581794 errors:0 dropped:0 overruns:0 frame:0
TX packets:382149 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:635183165 (635.1 MB) TX bytes:61880252 (61.8 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1938 errors:0 dropped:0 overruns:0 frame:0
TX packets:1938 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:326572 (326.5 KB) TX bytes:326572 (326.5 KB)
和netstat:
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:47056 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6099 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2812 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:53276 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:8100 0.0.0.0:* LISTEN
tcp 0 0 192.168.50.4:1015 192.168.50.1:2049 TIME_WAIT
tcp 0 0 10.0.2.15:22 10.0.2.2:54474 ESTABLISHED
tcp 0 0 10.0.2.15:22 10.0.2.2:54371 ESTABLISHED
tcp6 0 0 :::5001 :::* LISTEN
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::8080 :::* LISTEN
tcp6 0 0 :::55344 :::* LISTEN
tcp6 0 0 :::6099 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 :::25 :::* LISTEN
tcp6 0 0 :::50244 :::* LISTEN
tcp6 0 0 127.0.0.1:8005 :::* LISTEN
答案 0 :(得分:0)
我意识到iptables配置正在打开端口22,80和443并关闭所有其他端口。将端口3306添加到iptables后,我可以与主机通信。