Linking Containers Together

In the Using Docker section we touched on connecting to a service running inside a Docker container via a network port. This is one of the ways that you can interact with services and applications running inside Docker containers. In this section we’re going to give you a refresher on connecting to a Docker container via a network port as well as introduce you to the concepts of container linking.

之前我们介绍了怎样通过一个网络port来訪问一个容器的应用。下一段我们要介绍一个新方法。

Network port mapping refresher

In the Using Docker section we created a container that ran a Python Flask application.

之前我们创建了一个flask应用

$ sudo docker run -d -P training/webapp python app.py

Note: Containers have an internal network and an IP address (remember we used the docker inspect command to show the container’s IP address in the Using Docker section). Docker can have a variety of network configurations. You can see more information on Docker networking here.

注意：容器有自己的内部网络和ip地址（使用 docker inspect 能够获取全部的变量）docker还能够有一个可变的网络配置。很多其它信息看上面这个链接）

When we created that container we used the -P flag to automatically map any network ports inside that container to a random high port from the range 49000 to 49900 on our Docker host. When we subsequently ran docker ps we saw that port 5000 was bound to port 49155.

当我们使用-P 标记时，docker 会随机映射一个49000 到49900的port到内部容器的port，使用docker ps 能够看到 这次是49155映射到了5000

$ sudo docker ps nostalgic_morse CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bc533791f3f5 training/webapp:latest python app.py 5 seconds ago Up 2 seconds 0.0.0.0:49155->5000/tcp nostalgic_morse

We also saw how we can bind a container’s ports to a specific port using the -p flag.

-p（小写的P）能够指定我们要映射的port。

$ sudo docker run -d -p 5000:5000 training/webapp python app.py

And we saw why this isn’t such a great idea because it constrains us to only one container on that specific port.

这样的方法限制了我们仅仅能够绑定一个容器到一个指定port

There are also a few other ways we can configure the -p flag. By default the -p flag will bind the specified port to all interfaces on the host machine. But we can also specify a binding to a specific interface, for example only to the localhost.

-p默认会绑定本地全部接口地址，所以我们一般指定一个地址，比方localhost

$ sudo docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py

This would bind port 5000 inside the container to port 5000 on the localhost or 127.0.0.1 interface on the host machine.

Or to bind port 5000 of the container to a dynamic port but only on the localhost we could:

$ sudo docker run -d -p 127.0.0.1::5000 training/webapp python app.py

We can also bind UDP ports by adding a trailing /udp, for example:

还能够使用upd标记来指定udp

$ sudo docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py

We also saw the useful docker port shortcut which showed us the current port bindings, this is also useful for showing us specific port configurations. For example if we’ve bound the container port to thelocalhost on the host machine this will be shown in the docker port output.

使用dicker port 来查看当前绑定的端口配置，也能够查看到绑定的地址

$ docker port nostalgic_morse 5000 127.0.0.1:49155

Note: The -p flag can be used multiple times to configure multiple ports.

注意：-p标记能够多次使用来绑定多个port

Docker Container Linking

Network port mappings are not the only way Docker containers can connect to one another. Docker also has a linking system that allows you to link multiple containers together and share connection information between them. Docker linking will create a parent child relationship where the parent container can see selected information about its child.

网络port映射不是docker容器互联的唯一方法。docker有一个linking 系统能够链接多个容器，并在期间共享信息。它会创建一个父子关系，父容器能够看到所选择的子容器的信息。

Container naming

To perform this linking Docker relies on the names of your containers. We’ve already seen that each container we create has an automatically created name, indeed we’ve become familiar with our old friendnostalgic_morse during this guide. You can also name containers yourself. This naming provides two useful functions:

linking系统根据容器的名称来运行。当我们创建容器的时候，它会有一个系统为我们取好的名字。

当然我们也能够自己来命名容器。这样做有2个优点：

1、It’s useful to name containers that do specific functions in a way that makes it easier for you to remember them, for example naming a container with a web application in it web.

You can name your container by using the --name flag, for example:

使用–name标记能够为容器命名

$ sudo docker run -d -P --name web training/webapp python app.py

You can see we’ve launched a new container and used the --name flag to call the container web. We can see the container’s name using the docker ps command.

使用docker -ps 来验证我们设定的命名

$ sudo docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES aed84ee21bde training/webapp:latest python app.py 12 hours ago Up 2 seconds 0.0.0.0:49154->5000/tcp web

We can also use docker inspect to return the container’s name.

使用docker inspect来返回容器的名字

$ sudo docker inspect -f "{{ .Name }}" aed84ee21bde /web

Note: Container names have to be unique. That means you can only call one container web. If you want to re-use a container name you must delete the old container with the docker rm command before you can create a new container with the same name. As an alternative you can use the --rmflag with the docker run command. This will delete the container immediately after it stops.

注意：容器的名称是唯一的。假设你命名了一个叫web的容器，当你要再次使用web这个名称的时候，你须要用docker rm来删除之前创建的容器，也能够再运行docker run的时候 加–rm标记来停止旧的容器。并删除。

Container Linking

Links allow containers to discover and securely communicate with each other. To create a link you use the--link flag. Let’s create a new container, this one a database.

links能够让容器之间安全的交互。使用–link标记。以下先创建一个新的数据库容器。

$ sudo docker run -d --name db training/postgres

Here we’ve created a new container called db using the training/postgres image, which contains a PostgreSQL database.

We need to delete the web container we created previously so we can replace it with a linked one:

删除之前创建的web容器

$ docker rm -f web

Now let’s create a new web container and link it with our db container.

创建一个新的web容器，并将它link到db容器

$ sudo docker run -d -P --name web --link db:db training/webapp python app.py

This will link the new web container with the db container we created earlier. The --link flag takes the form:

–link标记的格式

--link name:alias

Where name is the name of the container we’re linking to and alias is an alias for the link name. We’ll see how that alias gets used shortly.

name是我们要链接的容器的名称。alias是这个链接的别名。

Let’s look at our linked containers using docker ps.

使用docker ps来查看容器的链接

$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 349169744e49 training/postgres:latest su postgres -c '/usr About a minute ago Up About a minute 5432/tcp db, web/db aed84ee21bde training/webapp:latest python app.py 16 hours ago Up 2 minutes 0.0.0.0:49154->5000/tcp web

We can see our named containers, db and web, and we can see that the db containers also showsweb/db in the NAMES column. This tells us that the web container is linked to the db container in a parent/child relationship.

我们能够看到我们命名的容器。db和web，db容器的names列有db也有web/db。

这表示web容器链接到db容器，他们是一个父子关系。

So what does linking the containers do? Well we’ve discovered the link creates a parent-child relationship between the two containers. The parent container, here web, can access information on the child container db. To do this Docker creates a secure tunnel between the containers without the need to expose any ports externally on the container. You’ll note when we started the db container we did not use either of the -P or -p flags. As we’re linking the containers we don’t need to expose the PostgreSQL database via the network.

在这个link中。2个容器中有一对父子关系。

docker在2个容器之间创建了一个安全的连接，而不用公开映射他们的port到外部。

在启动db容器的时候也不用-p和-P标记。使用链接之后我们就能够不用暴露数据库port到网络上。

Docker exposes connectivity information for the parent container inside the child container in two ways:

docker 为父子关系的容器公开连接信息有2种方法：

• Environment variables,环境变量
• Updating the /etc/hosts file.更新/etc/hosts文件

Let’s look first at the environment variables Docker sets. Let’s run the env command to list the container’s environment variables.

我们先来看看容器中变量，使用env命令来查看容器的环境变量

 $ sudo docker run --rm --name web2 --link db:db training/webapp env . . . DB_NAME=/web2/db DB_PORT=tcp://172.17.0.5:5432 DB_PORT_5000_TCP=tcp://172.17.0.5:5432 DB_PORT_5000_TCP_PROTO=tcp DB_PORT_5000_TCP_PORT=5432 DB_PORT_5000_TCP_ADDR=172.17.0.5 . . .

Note: These Environment variables are only set for the first process in the container. Similarly, some daemons (such as sshd) will scrub them when spawning shells for connection.

We can see that Docker has created a series of environment variables with useful information about ourdb container. Each variable is prefixed with DB_ which is populated from the alias we specified above. If our alias were db1 the variables would be prefixed with DB1_. You can use these environment variables to configure your applications to connect to the database on the db container. The connection will be secure, private and only the linked web container will be able to talk to the dbcontainer.

In addition to the environment variables Docker adds a host entry for the linked parent to the /etc/hostsfile. Let’s look at this file on the web container now.

除了环境变量，docker还加入host信息到父容器的/etc/hosts的文件。以下是父容器web的hosts文件

$ sudo docker run -t -i --rm --link db:db training/webapp /bin/bash root@aed84ee21bde:/opt/webapp# cat /etc/hosts 172.17.0.7 aed84ee21bde . . . 172.17.0.5 db

We can see two relevant host entries. The first is an entry for the web container that uses the Container ID as a host name. The second entry uses the link alias to reference the IP address of the db container. Let’s try to ping that host now via this host name.

这里有2个hosts。第一个是web容器。web容器用id作为他的主机名，第二个是db容器的ip和主机名

root@aed84ee21bde:/opt/webapp# apt-get install -yqq inetutils-ping root@aed84ee21bde:/opt/webapp# ping db PING db (172.17.0.5): 48 data bytes 56 bytes from 172.17.0.5: icmp_seq=0 ttl=64 time=0.267 ms 56 bytes from 172.17.0.5: icmp_seq=1 ttl=64 time=0.250 ms 56 bytes from 172.17.0.5: icmp_seq=2 ttl=64 time=0.256 ms

Note: We had to install ping because our container didn’t have it.

注意：默认没有安装ping

We’ve used the ping command to ping the db container using it’s host entry which resolves to172.17.0.5. We can make use of this host entry to configure an application to make use of our dbcontainer

用ping来ping db容器。它会解析成172.17.0.5 。

.

Note: You can link multiple child containers to a single parent. For example, we could have multiple web containers attached to our db container.

注意：你能够链接多个子容器到父容器，比方我们能够链接多个web到db容器上。

Next step

Now we know how to link Docker containers together the next step is learning how to manage data, volumes and mounts inside our containers.

Go to Managing Data in Containers.