我使用以下命令运行一个docker容器:
docker run -d --name frontend_service -net host --publish=3001:3000 frontend_service
据我所知,它将本地端口3001映射到容器端口3000。 我已经ssh到容器并检查curl localhost:3000。作品。但在外面,在主机上,我无法卷曲localhost:3001。
我检查了nmap。港口是开放的:
nmap -v -sT localhost
Starting Nmap 6.47 ( http://nmap.org ) at 2016-10-19 01:24 UTC
Initiating Connect Scan at 01:24
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 25/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 5051/tcp on 127.0.0.1
Discovered open port 3001/tcp on 127.0.0.1
Completed Connect Scan at 01:24, 0.06s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0011s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
3001/tcp open nessus
5051/tcp open ida-agent
如何将容器端口与主机端口连接?
答案 0 :(得分:5)
指定--net=host
时,您完全关闭了Docker的网络设置步骤。容器不会获得自己的网络命名空间,也不会获得自己的接口,端口发布系统将无法路由到。
如果您希望-p 3001:3000
有效,请不要使用--net=host
。