我创建了一个外部覆盖网络:
docker network create --driver overlay --subnet=10.0.9.0/24 mynetwork
网络创建成功:
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
37295f249f91 bridge bridge local
c2ec03c99888 docker_gwbridge bridge local
33dd13c9686d host host local
27goixjy0jys ingress overlay swarm
75508732fab2 none null local
ef6fti3kq6w4 mynetwork overlay swarm
当我尝试将容器放入 my 中时docker-compose.yml,服务的创建失败并显示
$ docker-compose up
Creating service-lb
ERROR: for service-lb network mynetwork not found
ERROR: Encountered errors while bringing up the project.
我的docker-compose.yml看起来像这样:
version: "2"
services:
service-lb:
image: myreg:5000/myorg/service-lb:latest
ports:
- "0.0.0.0:10080:80"
dns_search: …看起来我需要一个网络,因为我想通过主机名从另一个容器引用一个容器。
我也可以使用--link但它已被弃用并且很快就会消失。这就是为什么我想知道 Testcontainers 是否可以为我创建一个 docker 网络。
使用命令行,我只需执行docker network create bridge2,然后我就可以像这样启动容器:
docker run -it --rm --net=bridge2 --name alpine1 alpine
docker run -it --rm --net=bridge2 --name alpine2 alpine
并nslookup alpine2从alpine1容器中解析。
如果我尝试使用默认--net=bridge网络或跳过--net选项(实际上是相同的),则按名称引用将不起作用。
我想创建两个具有相同 IP 范围的 docker 网络,并且应该静态分配 IP 地址
docker network create --driver=bridge --subnet=192.168.0.0/16 'network_one'
docker network create --driver=bridge --subnet=192.168.0.0/16 'network_two'
在 docker-compose.yml 中,
以下端口符号有什么区别?
ports:
- "5000:5000"
回复:
ports:
- "8080"
或者根本没有端口。
例如,在下面的 docker-compose.yml 中,mongodb 服务必须公开一个端口来与节点服务通信,但没有指定端口
services:
node:
build:
context: .
dockerfile: node.dockerfile
ports:
- "3000:3000"
networks:
- nodeapp-network
depends_on:
- mongodb
mongodb:
image: mongo
networks:
- nodeapp-network
networks:
nodeapp-network:
driver: bridge
来源: https: //github.com/DanWahlin/NodeExpressMongoDBDockerApp
然而,在这些 docker-compose.yml 中,有使用27017:27017或8080符号指定的端口 awlay。
services:
nginx:
container_name: nginx
image: ${DOCKER_ACCT}/nginx
build:
context: .
dockerfile: .docker/nginx.${APP_ENV}.dockerfile
links:
- node1:node1
- node2:node2
- node3:node3
ports:
- "80:80"
- "443:443"
networks:
- codewithdan-network
node1: …Docker 网络是在包含多个节点的 docker swarm 中创建的,使用以下命令:
docker network create --attachable --driver overlay [network-name]
容器通过“docker service create”命令连接到网络。
网络中出现了名为“lb-[network-name]”的额外容器。该容器是什么以及如何配置 docker 网络使其不具有该容器?
I have the following docker-compose.yml:
services:
postgres:
image: "postgres:11.0-alpine"
app:
build: .
ports:
- "4000:4000"
depends_on:
- postgres
- nuxt
nuxt:
image: node:latest
ports:
- "3000:3000"
I need nuxt service to communicate with app.
Within the nuxt service (docker-compose run --rm --service-ports nuxt bash), if I run
root@62cafc299e8a:/app# ping postgres
PING postgres (172.18.0.2) 56(84) bytes of data.
64 bytes from avril_postgres_1.avril_default (172.18.0.2): icmp_seq=1 ttl=64 time=0.283 ms
64 bytes from avril_postgres_1.avril_default (172.18.0.2): icmp_seq=2 ttl=64 time=0.130 ms
64 …我使用以下撰写文件进行堆栈部署
version: '3.8'
x-deploy: &Deploy
replicas: 1
placement: &DeployPlacement
max_replicas_per_node: 1
restart_policy:
max_attempts: 15
window: 60s
resources: &DeployResources
reservations: &DeployResourcesReservations
cpus: '0.05'
memory: 10M
services:
serv1:
image: alpine
networks:
- test_nw
deploy:
<<: *Deploy
entrypoint: ["tail", "-f", "/dev/null"]
serv2:
image: nginx
networks:
- test_nw
deploy:
<<: *Deploy
placement:
<<: *DeployPlacement
constraints:
- "node.role!=manager"
expose: # deprecated, but I leave it here anyway
- "80"
networks:
test_nw:
name: test_nw
driver: overlay
为了方便起见,我将使用test_serv1running via containerinhost1和test_serv2running …
我有一个 docker swarm,目前只有一个节点和几个堆栈。为了能够获取请求我的一项服务的客户端的 IP 地址,我将一项服务上的端口切换为模式:主机。除非我想更新该服务,否则这工作正常。我没有更改部署顺序,因此它应该是默认的“停止优先”,但是当我使用任务时stack deploy,任务失败并显示以下消息:
no suitable node (host-mode port already in use on 1 node)
当我将服务缩小到 0 然后使用stack deploy它时,它可以正常工作,但我不明白为什么直接更新时会出现问题。“stop-first”不应该意味着先终止旧服务(释放端口),然后启动新服务吗?如何在部署更改之前更改 yml 而不必缩放到 0?
这是有问题的 application.yml:
version: "3.7"
services:
myservice:
image: myrepo/gateway
ports:
- mode: host
protocol: tc
published: 443
target: 443
networks:
- gateway_net
networks:
gateway_net:
external: true # was created with 'docker network create -d overlay gateway_net', is used to connect gw with other services
docker docker-compose docker-swarm docker-network docker-stack
我有一个 docker-compose,nginx 和 nginx-prometheus-exporter 都是容器。我把相关部分放在这里:
nginx:
container_name: nginx
image: nginx:1.19.3
restart: always
ports:
- 80:80
- 443:443
- "127.0.0.1:8080:8080"
nginx-exporter:
image: nginx/nginx-prometheus-exporter:0.8.0
command:
-nginx.scrape-uri
-http://127.0.0.1:8080/stub_status
我尝试过 http://nginx:8080/stub_status,
nginx:8080/stub_status但
没有一个有效,但我成功127.0.0.1:8080/stub_status了。-nginx.scrape-uriCould not create Nginx Client: failed to get http://127.0.0.1:8080/stub_status: Get "http://127.0.0.1:8080/stub_status": dial tcp 127.0.0.1:8080: connect: connection refused
另外,使用curl 在我的虚拟机中可以使用localhost:8080/stub_status。
我想公开5432端口以供外部访问,但在此之前我想将其限制为仅特定的 IP,所以我想通过pg_hba.conf
如果我使用 Docker 默认设置,容器之间的通信可以正常工作(通过指定的网络)。
但如果我指定pg_hba.conf:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
host all all all …docker-network ×10
docker ×9
docker-swarm ×3
docker-stack ×1
networking ×1
nginx ×1
postgresql ×1