[英]Remote access to webserver in docker container
I've started using docker for dev, with the following setup: 我已经开始使用docker for dev,具有以下设置:
As far as host-container access goes - everything works fine. 就主机容器访问而言 - 一切正常。 However , I can't manage to access the container's webapp from a remote machine (though still within the same network).
但是 ,我无法从远程计算机(尽管仍在同一网络中)访问容器的webapp。
When running 跑步时
docker port <container-id> 443
output is as expected, so docker's port binding seems fine. 输出是预期的,所以docker的端口绑定似乎很好。
172.16.*.*:<random-port>
Any ideas? 有任何想法吗?
Thanks! 谢谢!
I figured out what I missed, so here's a simple flow for accessing docker containers webapps from remote machines: 我想出了我错过的内容,所以这里有一个从远程机器访问docker容器webapps的简单流程:
Step #1 : Bind physical host ports (eg 22, 443, 80, ...) to container's virtual ports. 步骤#1 :将物理主机端口(例如22,443,80,...)绑定到容器的虚拟端口。 possible syntax:
可能的语法:
docker run -p 127.0.0.1:443:3444 -d <docker-image-name>
(see docker docs for port redirection with all options) (有关所有选项的端口重定向 ,请参阅docker docs )
Step #2 : Redirect host's physical port to container's allocated virtual port. 步骤#2 :将主机的物理端口重定向到容器的已分配虚拟端口。 possible (linux) syntax:
可能的(linux)语法:
iptables -t nat -A PREROUTING -i <host-interface-device> -p tcp --dport <host-physical-port> -j REDIRECT --to-port <container-virtual-port>
That should cover the basic use case. 这应该涵盖基本用例。
Good luck! 祝好运!
Correct me if I'm wrong but as far as I'm aware docker host creates a private network for it's containers which is inaccessible from the outside. 如果我错了,请纠正我,但据我所知,docker host为它的容器创建一个专用网络,这是外部无法访问的。 That said your best bet would probably be to access the container at {host_IP}:{mapped_port}.
那说你最好的选择可能是访问{host_IP}:{mapped_port}的容器。
If your container was built with a Dockerfile that has an EXPOSE
statement, eg EXPOSE 443
, then you can start the container with the -P
option (as in "publish" or "public"). 如果您的容器是使用具有
EXPOSE
语句的EXPOSE
,例如EXPOSE 443
,那么您可以使用-P
选项启动容器(如“publish”或“public”)。 The port will be made available to connections from remote machines: 该端口将可用于远程计算机的连接:
$ docker run -d -P mywebservice
If you didn't use a Dockerfile, or if it didn't have an EXPOSE
statement (it should!), then you can also do an explicit port mapping: 如果您没有使用Dockerfile,或者它没有
EXPOSE
语句(它应该!),那么您也可以进行显式端口映射:
$ docker run -d -p 80 mywebservice
In both cases, the result will be a publicly-accessible port: 在这两种情况下,结果都将是一个可公开访问的端口:
$ docker ps
9bcb… mywebservice:latest … 0.0.0.0:49153->80/tcp …
Last but not least, you can force the port number if you need to: 最后但并非最不重要的是,如果您需要,可以强制使用端口号:
$ docker run -d -p 8442:80 mywebservice
In that case, connecting to your Docker host IP address on port 8442 will reach the container. 在这种情况下,连接到端口8442上的Docker主机IP地址将到达容器。
如何从外部设备(在同一网络中)访问docker容器有一些替代方案,请查看此帖子以获取更多信息http://blog.nunes.io/2015/05/02/how-to-access-搬运工的容器从-外部devices.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.