请建议如何从其他容器启动容器服务。
详细信息:
Docker HOST1正在运行2个容器:CONT1和CONT2。
CONT1基于ubuntu和apache。它的IP 172.17.0.2。这里端口80在Dockerfile中公开。
vi Dockerfile
FROM ubuntu:14.04
MAINTAINER debu3645@yahoo.com
RUN sudo apt-get update && sudo apt-get -y install iputils-ping traceroute apache2
EXPOSE 80
ENTRYPOINT ["apache2ctl"]
CMD ["-D","FOREGROUND"]
CONT2仅基于ubuntu。这个容器里没有apache.它有IP 172.17.0.4。
我已将CONT2(来源)与CONT1(接收方)“链接”。我可以从CONT2 ping CONT1,反之亦然。
sudo docker run -d --name CONT1 debapcping (debapcping image contains ubuntu, apache)
sudo docker run -d --name CONT2 --link CONT1:aliasCONT1 ubuntu:14.04 /bin/bash
来自HOST1 ::我可以使用http://172.17.0.2:80
从IE启动apache web服务但我的意图是通过CONT2启动CONT1的apache,即如何将请求从CONT2转发到CONT2,以便CONT1的apache服务可以在提供CONT2 IP和端口时启动,例如http://172.17.0.4:1234
我尝试了IP NAT,但它会抛出以下错误:
iptables -t nat -A PREROUTING -p tcp -d 172.17.0.4 --dport 80 -j DNAT --to-destination 172.17.0.2:80
iptables v1.6.0: can't initialize iptables table `nat': Permission denied (you must be root)
sudo docker info
Containers: 8
Running: 3
Paused: 0
Stopped: 5
Images: 10
Server Version: 1.13.1
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 32
Dirperm1 Supported: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: active
NodeID: i9b555lgjovk5ep3fln0j8roi
Is Manager: false
Node Address: 10.0.2.17
Manager Addresses:
10.0.2.15:2377
10.0.2.18:2377
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1
runc version: 9df8b306d01f59d3a8029be411de015b7304dd8f
init version: 949e6fa
Security Options:
apparmor
Kernel Version: 3.13.0-110-generic
Operating System: Ubuntu 14.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.49 GiB
Name: Consul2
ID: 3I44:ZHAW:R6BO:NF2J:YCLQ:ZRW6:ULOE:AKJQ:HD7M:EMPE:7Z35:H4KY
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https: // index.docker.io /v1 /
WARNING: No swap limit support
Experimental: false
Insecure Registries:
10.0.2.18:5000
127.0.0.0/8
Live Restore Enabled: false
答案 0 :(得分:1)
对于Permission denied问题:在启动docker容器时添加“--privileged”选项后问题解决了,如下所示:
docker run -it --name debrcvr8 --link debsrc:ALIdebsrc --user root --privileged -p 5555:80 ubuntu:14.04 / bin / bash
对于转发问题:我设法通过CONT2上的以下NAT端口转发命令解决了这个问题:
root @ ae06859a194e:/#iptables -t nat -A PREROUTING -p tcp --dport -j DNAT --to-destination: root @ ae06859a194e:/#iptables -t nat -A POSTROUTING -j MASQUERADE
答案 1 :(得分:0)
这是在CONT2(172.17.0.4)上运行的完整命令,用于访问在CONT1上运行的apache webserver(172.17.0.2:80)
在docker主机(运行CONT1和CONT2)中,我使用以下链接访问apache:http://172.17.0.4:6666/
root @ ae06859a194e:/#iptables -t nat -A PREROUTING -p tcp -d 172.17.0.4 --dport 6666 -j DNAT --to-destination 172.17.0.2:80root@ae06859a194e:/#
root @ ae06859a194e:/#iptables -t nat -A POSTROUTING -j MASQUERADE