本文共 1518 字,大约阅读时间需要 5 分钟。
1、获得容器IP
将
container_name换成实际环境中的容器名
| 1 | docker inspect `container_name` | grep IPAddress1 |
2、 iptable转发端口
将容器的8000端口映射到docker主机的8001端口
| 1 | iptables -t nat -A DOCKER -p tcp --dport 8001 -j DNAT --to-destination 172.17.0.19:800012 |
1.提交一个运行中的容器为镜像
| 1 | docker commit -m 'add images' mycentos linjie /mycentos :v1 |
2.运行镜像并添加端口
| 1 | docker run -d -p 8000:80 linjie /mycentos :v1 /bin/bash |
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | 3.docker环境的防火墙配置初始化docker配置 [root@master data] # cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Tue Nov 28 17:11:06 2017 *filter :INPUT ACCEPT [120034:127871175] :FORWARD ACCEPT [16:832] :OUTPUT ACCEPT [81537:11246389] :DOCKER - [0:0] -A FORWARD -o docker0 -j DOCKER -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i docker0 ! -o docker0 -j ACCEPT -A FORWARD -i docker0 -o docker0 -j ACCEPT COMMIT # Completed on Tue Nov 28 17:11:06 2017 # Generated by iptables-save v1.4.7 on Tue Nov 28 17:11:06 2017 *nat :PREROUTING ACCEPT [2:288] :POSTROUTING ACCEPT [11:621] :OUTPUT ACCEPT [4:257] :DOCKER - [0:0] -A PREROUTING -m addrtype --dst- type LOCAL -j DOCKER -A POSTROUTING -s 172.17.0.0 /16 ! -o docker0 -j MASQUERADE -A OUTPUT ! -d 127.0.0.0 /8 -m addrtype --dst- type LOCAL -j DOCKER -A DOCKER -p tcp -m tcp --dport 8080 -j DNAT --to-destination 172.17.0.6:8080 COMMIT # Completed on Tue Nov 28 17:11:06 2017 |