Docker 容器网络与 Docker-in-Docker
[英]Docker Container Networking with Docker-in-Docker
问题描述
I would like to network with a child docker container from a parent docker container, with a docker-in-docker setup.
我想通过 docker-in-docker 设置与父 docker 容器中的子 docker 容器联网。
Let's say I'm trying to connect to a simple Apache httpd server.假设我正在尝试连接到一个简单的 Apache httpd 服务器。 When I run the httpd container on my host machine, everything works fine:当我在主机上运行 httpd 容器时,一切正常:
asnyder:~$ docker run -d -p 8080:80 httpd:alpine
asnyder:~$ curl localhost:8080
<html><body><h1>It works!</h1></body></html>
But when I do the same from a docker-in-docker setup, I get a Connection refused error:但是,当我从 docker-in-docker 设置中执行相同操作时,出现Connection refused错误:
asnyder:~$ docker run -d --name mydind --privileged docker:dind
asnyder:~$ docker run -it --link mydind:docker docker:latest sh
/ # docker run -d -p 8080:80 httpd:alpine
/ # curl localhost:8080
curl: (7) Failed to connect to localhost port 8080: Connection refused
I have tried a couple alterations without luck.我尝试了几次更改但没有运气。 Specifying the 0.0.0.0 interface:指定0.0.0.0接口:
asnyder:~$ docker run -d --name mydind --privileged docker:dind
asnyder:~$ docker run -it --link mydind:docker docker:latest sh
/ # docker run -d -p 0.0.0.0:8080:80 httpd:alpine
/ # curl 0.0.0.0:8080
curl: (7) Failed to connect to 0.0.0.0 port 8080: Connection refused
Using the host network:使用主机网络:
asnyder:~$ docker run -d --name mydind --privileged docker:dind
asnyder:~$ docker run -it --link mydind:docker docker:latest sh
/ # docker run -d --network host httpd:alpine
/ # curl localhost:80
curl: (7) Failed to connect to localhost port 80: Connection refused
Surprisingly, I was unable to find any existing articles on this.令人惊讶的是,我找不到任何关于此的现有文章。 Does anyone here have some insight?这里有人有一些见解吗?
Thanks!谢谢!
3 个解决方案
解决方案1
16 已采纳 2017-07-09 13:03:30
There are pros and cons for both DinD and bind mounting the Docker socket and there are certainly use cases for both. DinD 和绑定安装 Docker 套接字都有优点和缺点,两者肯定都有用例。 As an example, check out this set of blog posts , which does a good job of explaining one of the use cases.例如,查看这组博客文章,它很好地解释了一个用例。
Given your example docker-in-docker setup above, you can access Apache httpd server in one of two ways:鉴于上面的示例 docker-in-docker 设置,您可以通过以下两种方式之一访问 Apache httpd 服务器:
1) From inside the docker:dind container, it will be available on localhost:8080 . 1) 从docker:dind容器内部,它将在localhost:8080上可用。
2) From inside the docker:latest container, where you were trying to access it originally, it will be available on whatever hostname is set for the docker:dind container. 2) 从最初尝试访问它的docker:latest容器内部,它将在为docker:dind容器设置的任何主机名上可用。 In this case, you used --name mydind , therefore curl mydind:8080 would give you the standard Apache <html><body><h1>It works!</h1></body></html> .在这种情况下,您使用了--name mydind ,因此curl mydind:8080将为您提供标准的 Apache <html><body><h1>It works!</h1></body></html> 。
Hope it makes sense!希望这是有道理的!
解决方案2
11 2019-01-18 10:39:06
Building upon Yuriy's answer :基于尤里的回答:
2) From inside the
docker:latest container, [...] it will be available on whatever hostname is set for thedocker:dindcontainer.docker:latest container内部,[...] 它将在为docker:dind容器设置的任何主机名上可用。 In this case, you used--name mydind, thereforecurl mydind:8080[...]--name mydind,因此curl mydind:8080[...]
In the Gitlab CI config, you can address the DinD container by the name of its image (in addition to the name of its container, which is auto-generated):在 Gitlab CI 配置中,您可以通过 DinD 容器的映像名称(除了自动生成的容器名称之外)来寻址 DinD 容器:
Accessing the services
Let's say that you need a Wordpress instance to test some API integration with your application.
You can then use for example the tutum/wordpress image in your
.gitlab-ci.yml:.gitlab-ci.yml使用例如tutum/wordpress图像:services: - tutum/wordpress:latestIf you don't specify a service alias , when the job is run,
tutum/wordpresswill be started and you will have access to it from your build container under two hostnames to choose from:tutum/wordpress,您可以从构建容器中访问它,并在两个主机名下进行选择:
tutum-wordpresstutum__wordpress
Using使用
service:
- docker:dind
will allow you to access that container as docker:8080 :将允许您以docker:8080身份访问该容器:
script:
- docker run -d -p 8080:80 httpd:alpine
- curl docker:8080
Edit : If you'd prefer a more explicit host name, you can, as the documentation states , use an alias :编辑:如果您更喜欢更明确的主机名,则可以如文档所述,使用alias :
services:
- name: docker:dind
alias: dind-service
and then进而
script:
- docker run -d -p 8080:80 httpd:alpine
- curl dind-service:8080
Hth, dtk hth, dtk
解决方案3
1 2019-08-26 12:39:11
I am very convinced that @Yuriy Znatokov's answer is what I want, but I have understood it for a long time.我非常相信@Yuriy Znatokov 的答案是我想要的,但我已经理解了很长时间。 In order to make it easier for later people to understand, I have exported the complete steps.为了方便后面的人理解,我把完整的步骤导出来了。
1) From inside the docker:dind container 1) 从 docker:dind 容器内部
docker run -d --name mydind --privileged docker:dind
/ # docker run -d -p 8080:80 httpd:alpine
/ # curl localhost:8080
<html><body><h1>It works!</h1></body></html>
2) From inside the docker:latest container 2)从docker内部:最新的容器
docker run -d --name mydind --privileged docker:dind
docker run -it --link mydind:docker docker:latest sh
/ # docker run -d -p 8080:80 httpd:alpine
/ # curl mydind:8080
<html><body><h1>It works!</h1></body></html>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.