Linking Containers Together「建议收藏」

Linking Containers Together

大家好,又见面了,我是全栈君。

Linking Containers Together

In the Using Docker section we touched on connecting to a service running inside a Docker container via a network port. This is one of the ways that you can interact with services and applications running inside Docker containers. In this section we’re going to give you a refresher on connecting to a Docker container via a network port as well as introduce you to the concepts of container linking.

之前我们介绍了怎样通过一个网络port来訪问一个容器的应用。下一段我们要介绍一个新方法。

Network port mapping refresher

In the Using Docker section we created a container that ran a Python Flask application.

之前我们创建了一个flask应用

$ sudo docker run -d -P training/webapp python app.py

Note: Containers have an internal network and an IP address (remember we used the docker inspect command to show the container’s IP address in the Using Docker section). Docker can have a variety of network configurations. You can see more information on Docker networking here.

注意:容器有自己的内部网络和ip地址(使用 docker inspect 能够获取全部的变量)docker还能够有一个可变的网络配置。很多其它信息看上面这个链接)

When we created that container we used the -P flag to automatically map any network ports inside that container to a random high port from the range 49000 to 49900 on our Docker host. When we subsequently ran docker ps we saw that port 5000 was bound to port 49155.

当我们使用-P 标记时,docker 会随机映射一个49000 到49900的port到内部容器的port,使用docker ps 能够看到 这次是49155映射到了5000

$ sudo docker ps nostalgic_morse CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bc533791f3f5 training/webapp:latest python app.py 5 seconds ago Up 2 seconds 0.0.0.0:49155->5000/tcp nostalgic_morse

We also saw how we can bind a container’s ports to a specific port using the -p flag.

-p(小写的P)能够指定我们要映射的port。

$ sudo docker run -d -p 5000:5000 training/webapp python app.py

And we saw why this isn’t such a great idea because it constrains us to only one container on that specific port.

这样的方法限制了我们仅仅能够绑定一个容器到一个指定port

There are also a few other ways we can configure the -p flag. By default the -p flag will bind the specified port to all interfaces on the host machine. But we can also specify a binding to a specific interface, for example only to the localhost.

-p默认会绑定本地全部接口地址,所以我们一般指定一个地址,比方localhost

$ sudo docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py

This would bind port 5000 inside the container to port 5000 on the localhost or 127.0.0.1 interface on the host machine.

Or to bind port 5000 of the container to a dynamic port but only on the localhost we could:

$ sudo docker run -d -p 127.0.0.1::5000 training/webapp python app.py

We can also bind UDP ports by adding a trailing /udp, for example:

还能够使用upd标记来指定udp

$ sudo docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py

We also saw the useful docker port shortcut which showed us the current port bindings, this is also useful for showing us specific port configurations. For example if we’ve bound the container port to thelocalhost on the host machine this will be shown in the docker port output.

使用dicker port 来查看当前绑定的端口配置,也能够查看到绑定的地址

$ docker port nostalgic_morse 5000 127.0.0.1:49155

Note: The -p flag can be used multiple times to configure multiple ports.

注意:-p标记能够多次使用来绑定多个port

Docker Container Linking

dcoker 容器链接

Network port mappings are not the only way Docker containers can connect to one another. Docker also has a linking system that allows you to link multiple containers together and share connection information between them. Docker linking will create a parent child relationship where the parent container can see selected information about its child.

网络port映射不是docker容器互联的唯一方法。docker有一个linking 系统能够链接多个容器,并在期间共享信息。它会创建一个父子关系,父容器能够看到所选择的子容器的信息。

Container naming

容器命名

To perform this linking Docker relies on the names of your containers. We’ve already seen that each container we create has an automatically created name, indeed we’ve become familiar with our old friendnostalgic_morse during this guide. You can also name containers yourself. This naming provides two useful functions:

linking系统根据容器的名称来运行。当我们创建容器的时候,它会有一个系统为我们取好的名字。

当然我们也能够自己来命名容器。这样做有2个优点:

1、It’s useful to name containers that do specific functions in a way that makes it easier for you to remember them, for example naming a container with a web application in it web.

当我们自己指定名称的时候,比較好记。比方一个web应用我们能够给它起名叫web
2、It provides Docker with a reference point that allows it to refer to other containers, for example link container 
web
 to container 
db
.
当我们要连接其它容器时候。能够作为一个实用的參考点,比方连接web容器到db容器

You can name your container by using the --name flag, for example:

使用–name标记能够为容器命名

$ sudo docker run -d -P --name web training/webapp python app.py

You can see we’ve launched a new container and used the --name flag to call the container web. We can see the container’s name using the docker ps command.

使用docker -ps 来验证我们设定的命名

$ sudo docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES aed84ee21bde training/webapp:latest python app.py 12 hours ago Up 2 seconds 0.0.0.0:49154->5000/tcp web

We can also use docker inspect to return the container’s name.

使用docker inspect来返回容器的名字

$ sudo docker inspect -f "{{ .Name }}" aed84ee21bde /web

Note: Container names have to be unique. That means you can only call one container web. If you want to re-use a container name you must delete the old container with the docker rm command before you can create a new container with the same name. As an alternative you can use the --rmflag with the docker run command. This will delete the container immediately after it stops.

注意:容器的名称是唯一的。假设你命名了一个叫web的容器,当你要再次使用web这个名称的时候,你须要用docker rm来删除之前创建的容器,也能够再运行docker run的时候 加–rm标记来停止旧的容器。并删除。

Container Linking

Links allow containers to discover and securely communicate with each other. To create a link you use the--link flag. Let’s create a new container, this one a database.

links能够让容器之间安全的交互。使用–link标记。以下先创建一个新的数据库容器。

$ sudo docker run -d --name db training/postgres

Here we’ve created a new container called db using the training/postgres image, which contains a PostgreSQL database.

We need to delete the web container we created previously so we can replace it with a linked one:

删除之前创建的web容器

$ docker rm -f web

Now let’s create a new web container and link it with our db container.

创建一个新的web容器,并将它link到db容器

$ sudo docker run -d -P --name web --link db:db training/webapp python app.py

This will link the new web container with the db container we created earlier. The --link flag takes the form:

–link标记的格式

--link name:alias

Where name is the name of the container we’re linking to and alias is an alias for the link name. We’ll see how that alias gets used shortly.

name是我们要链接的容器的名称。alias是这个链接的别名。

Let’s look at our linked containers using docker ps.

使用docker ps来查看容器的链接

$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 349169744e49 training/postgres:latest su postgres -c '/usr About a minute ago Up About a minute 5432/tcp db, web/db aed84ee21bde training/webapp:latest python app.py 16 hours ago Up 2 minutes 0.0.0.0:49154->5000/tcp web

We can see our named containers, db and web, and we can see that the db containers also showsweb/db in the NAMES column. This tells us that the web container is linked to the db container in a parent/child relationship.

我们能够看到我们命名的容器。db和web,db容器的names列有db也有web/db。

这表示web容器链接到db容器,他们是一个父子关系。

So what does linking the containers do? Well we’ve discovered the link creates a parent-child relationship between the two containers. The parent container, here web, can access information on the child container db. To do this Docker creates a secure tunnel between the containers without the need to expose any ports externally on the container. You’ll note when we started the db container we did not use either of the -P or -p flags. As we’re linking the containers we don’t need to expose the PostgreSQL database via the network.

在这个link中。2个容器中有一对父子关系。

docker在2个容器之间创建了一个安全的连接,而不用公开映射他们的port到外部。

在启动db容器的时候也不用-p和-P标记。使用链接之后我们就能够不用暴露数据库port到网络上。

Docker exposes connectivity information for the parent container inside the child container in two ways:

docker 为父子关系的容器公开连接信息有2种方法:

  • Environment variables,环境变量
  • Updating the /etc/hosts file.更新/etc/hosts文件

Let’s look first at the environment variables Docker sets. Let’s run the env command to list the container’s environment variables.

我们先来看看容器中变量,使用env命令来查看容器的环境变量

 $ sudo docker run --rm --name web2 --link db:db training/webapp env . . . DB_NAME=/web2/db DB_PORT=tcp://172.17.0.5:5432 DB_PORT_5000_TCP=tcp://172.17.0.5:5432 DB_PORT_5000_TCP_PROTO=tcp DB_PORT_5000_TCP_PORT=5432 DB_PORT_5000_TCP_ADDR=172.17.0.5 . . .

Note: These Environment variables are only set for the first process in the container. Similarly, some daemons (such as sshd) will scrub them when spawning shells for connection.

We can see that Docker has created a series of environment variables with useful information about ourdb container. Each variable is prefixed with DB_ which is populated from the alias we specified above. If our alias were db1 the variables would be prefixed with DB1_. You can use these environment variables to configure your applications to connect to the database on the db container. The connection will be secure, private and only the linked web container will be able to talk to the dbcontainer.

In addition to the environment variables Docker adds a host entry for the linked parent to the /etc/hostsfile. Let’s look at this file on the web container now.

除了环境变量,docker还加入host信息到父容器的/etc/hosts的文件。以下是父容器web的hosts文件

$ sudo docker run -t -i --rm --link db:db training/webapp /bin/bash root@aed84ee21bde:/opt/webapp# cat /etc/hosts 172.17.0.7 aed84ee21bde . . . 172.17.0.5 db

We can see two relevant host entries. The first is an entry for the web container that uses the Container ID as a host name. The second entry uses the link alias to reference the IP address of the db container. Let’s try to ping that host now via this host name.

这里有2个hosts。第一个是web容器。web容器用id作为他的主机名,第二个是db容器的ip和主机名

root@aed84ee21bde:/opt/webapp# apt-get install -yqq inetutils-ping root@aed84ee21bde:/opt/webapp# ping db PING db (172.17.0.5): 48 data bytes 56 bytes from 172.17.0.5: icmp_seq=0 ttl=64 time=0.267 ms 56 bytes from 172.17.0.5: icmp_seq=1 ttl=64 time=0.250 ms 56 bytes from 172.17.0.5: icmp_seq=2 ttl=64 time=0.256 ms

Note: We had to install ping because our container didn’t have it.

注意:默认没有安装ping

We’ve used the ping command to ping the db container using it’s host entry which resolves to172.17.0.5. We can make use of this host entry to configure an application to make use of our dbcontainer

用ping来ping db容器。它会解析成172.17.0.5 。

.

Note: You can link multiple child containers to a single parent. For example, we could have multiple web containers attached to our db container.

注意:你能够链接多个子容器到父容器,比方我们能够链接多个web到db容器上。

Next step

Now we know how to link Docker containers together the next step is learning how to manage data, volumes and mounts inside our containers.

Go to Managing Data in Containers.

版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。

发布者:全栈程序员-用户IM,转载请注明出处:https://javaforall.cn/116551.html原文链接:https://javaforall.cn

【正版授权,激活自己账号】: Jetbrains全家桶Ide使用,1年售后保障,每天仅需1毛

【官方授权 正版激活】: 官方授权 正版激活 支持Jetbrains家族下所有IDE 使用个人JB账号...

(0)


相关推荐

  • java字符串按照特定字符分割_java 字符串分割

    java字符串按照特定字符分割_java 字符串分割问题描述://把字符串”192.168.1.1″按照小圆点进行分割,分割成”192″,”168″,”1″,”1″四个字符串。StringpreStr=”192.168.1.1″;String[]string=preStr.split(“.”);//错误写法。这种写法得到的字符串组长度为0String[]string=preStr.split(“\\.”);//正确写法。对…

  • 数据库置疑处理_sqlserver可疑数据库恢复

    数据库置疑处理_sqlserver可疑数据库恢复现象说明:新备份出的数据库Geb,在还原时报错”MicrosoftSQL-DMO(ODBCSQLState:42000)” 解决方法: 分离出还原失败的数据库Geb 先创建一个同样的数据库Geb 停掉server服务,用旧的数据文件覆盖新创建的文件(只要mdf就可以)。  启动server服务  运行以下命令  sp_configur

  • 一次kafka卡顿事故排查过程

    点击上方“全栈程序员社区”,星标公众号 重磅干货,第一时间送达 来源:https://www.cnblogs.com/yougewe/p/8975550.html 由于一次功能上线…

  • ebpf技术_EBM技术

    ebpf技术_EBM技术1.ebpf概述1.1ebpf发展历史BPF,及伯克利包过滤器BerkeleyPacketFilter,最初构想提出于1992年,其目的是为了提供一种过滤包的方法,并且要避免从内核空间到用户空间的无用的数据包复制行为。它最初是由从用户空间注入到内核的一个简单的字节码构成,它在那个位置利用一个校验器进行检查——以避免内核崩溃或者安全问题——并附着到一个套接字上,接着在每个接…

  • linux查看pid 对应的程序_用户程序可以在内核态下运行吗

    linux查看pid 对应的程序_用户程序可以在内核态下运行吗进程pid和ppid、进程的uid和euid、用户的uid和gid、文件的创建者和所有者的关系辨析1、当我们创建用户时,由我们为新建用户命名和设置密码,同时系统会为我们所创建的用户名关联一个号,就是所谓的用户uid。同时我们还可以把这个用户放到某个用户群里,类似的,用户群也可以我们手工建立。如果建立用户时,不指明所建的用户属于哪个用户群,则系统会自动建立一个跟用户名同名的用户群。不管手工建立还是自…

  • jenkins教程菜鸟_Jenkins教程:在Windows平台安装Jenkins「建议收藏」

    jenkins教程菜鸟_Jenkins教程:在Windows平台安装Jenkins「建议收藏」一、什么是JenkinsJenkins是一个开源软件项目,是基于Java开发的。我们可以利用Jenkins来实现持续集成的功能。因为Jenkins是基于Java开发的,所以在安装Jenkins之前首先需要安装Java的JDK。二、安装Jenkins在Windows平台上面安装Jenkins共有两种方式,下面分别介绍这两种方式。1、使用msi安装Jenkins安装Jenkins之前首先去Jenkin…

发表回复

您的电子邮箱地址不会被公开。

关注全栈程序员社区公众号