绑定一个端口都主机接口

To bind a port of the container to a specific interface of the host system, use the -p parameter of the docker run command:

# General syntax


docker run -p [([<host_interface>:[host_port]])|(<host_port>):]<container_port>[/udp] <image> <cmd>

When no host interface is provided, the port is bound to all available interfaces of the host machine (aka INADDR_ANY, or 0.0.0.0).When no host port is provided, one is dynamically allocated. The possible combinations of options for TCP port are the following:

# Bind TCP port 8080 of the container to TCP port 80 on 127.0.0.1 of the host machine.


docker run -p 127.0.0.1:80:8080 <image> <cmd>





# Bind TCP port 8080 of the container to a dynamically allocated TCP port on 127.0.0.1 of the host machine.


docker run -p 127.0.0.1::8080 <image> <cmd>





# Bind TCP port 8080 of the container to TCP port 80 on all available interfaces of the host machine.


docker run -p 80:8080 <image> <cmd>





# Bind TCP port 8080 of the container to a dynamically allocated TCP port on all available interfaces of the host machine.


docker run -p 8080 <image> <cmd>

UDP ports can also be bound by adding a trailing /udp. All the combinations described for TCP work. Here is only one example:

# Bind UDP port 5353 of the container to UDP port 53 on 127.0.0.1 of the host machine.


docker run -p 127.0.0.1:53:5353/udp <image> <cmd>

The command docker port lists the interface and port on the host machine bound to a given container port. It is useful when using dynamically allocated ports:

# Bind to a dynamically allocated port


docker run -p 127.0.0.1::8080 -name dyn-bound <image> <cmd>





# Lookup the actual port


docker port dyn-bound 8080


127.0.0.1:49160

绑定一个容器

Communication between two containers can also be established in a docker-specific way called linking.

To briefly present the concept of linking, let us consider two containers: server, containing the service, and client, accessing the service. Once server is running,client is started and links to server. Linking sets environment variables in client giving it some information about server. In this sense, linking is a method of service discovery.

Let us now get back to our topic of interest; communication between the two containers. We mentioned that the tricky part about this communication was that the IP address of server was not fixed. Therefore, some of the environment variables are going to be used to inform client about this IP address. This process called exposure, is possible because client is started after server has been started.

Here is a full example. On server, the port of interest is exposed. The exposure is done either through the -expose parameter to the docker run command, or theEXPOSE build command in a Dockerfile:

# Expose port 80


docker run -expose 80 -name server <image> <cmd>

The client then links to the server:

# Link


docker run -name client -link server:linked-server <image> <cmd>

client locally refers to server as linked-server. The following environment variables, among others, are available on client:

# The default protocol, ip, and port of the service running in the container


LINKED-SERVER_PORT=tcp://172.17.0.8:80





# A specific protocol, ip, and port of various services


LINKED-SERVER_PORT_80_TCP=tcp://172.17.0.8:80


LINKED-SERVER_PORT_80_TCP_PROTO=tcp


LINKED-SERVER_PORT_80_TCP_ADDR=172.17.0.8


LINKED-SERVER_PORT_80_TCP_PORT=80

This tells client that a service is running on port 80 of server and that server is accessible at the IP address 172.17.0.8

Note: Using the -p parameter also exposes the port..