[Docker] to run the add container port mapping
Docker recently used as a container, the deployment of the project, found that there is a problem that containers can be configured with pre-configured port at startup, but often the practical application of the port will find enough, then look online to find information about the there are two:
-
Method One: the running packaged into containers docker mirror, and then directly use the run command to re-add the port mapping. This method is simple, but very cumbersome and in some cases still some problems, such as: Do you have a container capacity of 100GB occupied, this time to increase the port, while the container and then packaged into a mirror which is not practical. [Docker commonly used commands - Portal]
-
Method two: obtaining the port needs to be added, the container Docker running ip network address (typically the beginning 172), and add the port mapping in the above host firewall, the direct mapping container ip address.
-
Reference the above two programs [how to add a new port to run in the docker container]
Because of the above information given by 2 using iptable, but centos7 iptable has no use, so you need to use a firewall.
Centos7 add port mapping
Surf the Internet at the statistics, then configure their own a bit on the success of the first listed reference links:
- centos7 install telnet service
- linux / centos7 port mapping
- CentOS7 use firewalld turn off the firewall and open ports
Install Telnet service
- First confirm the network port corresponding to the host function, and not connected to the container docker, so we need to test whether the installation telnet port can communicate. Enter the following command to check whether the telnet service installed
rpm -qa telnet-server
rpm -qa xinetd
If not, then install. Installation command as follows:
# 安装 telnet
yum list |grep telnet
yum install telnet-server.x86_64
yum install telnet.x86_64
# 安装xinetd
yum list |grep xinetd
yum install xinetd.x86_64
# 将xinetd服务加入开机自启动:
systemctl enable xinetd.service
# 将telnet服务加入开机自启动:
systemctl enable telnet.socket
# 最后,启动以上两个服务即可:
# 由于telnet服务也是由xinetd守护的,所以安装完telnet-server,要启动telnet服务就必须重新启动xinetd 。
systemctl start telnet.socket
systemctl start xinetd
(或service xinetd start)
# 使用telnet命令测试端口是否连通
telnet 172.17.0.1 8080
Also add view ip address command
- centos7 view ip address command
ip address - docker container to view ip address command
ifconfig
Use firewalld implement port mapping function:
-
Start firewalld function
systemctl start firewalld -
Permanently open port (port exemplary 3000 / tcp) [Note here that the open port of the host, rather than the port of the container]
firewall-cmd --add-port=3000/tcp --permanent -
Reload take effect:
firewall-cmd --reload -
View open ports
firewall-cmd --list-ports -
Add permanent port mapping rules [3000 mapped to 172.17.0.1:8080 port, 172.17.0.1 ip address for the docker container]
firewall-cmd --add-forward-port=port=3000:proto=tcp:toaddr=172.17.0.1:toport=8080 --permanent -
Permanently allow masquerading firewall ip:
firewall-cmd --add-masquerade --permanent -
Close ports
firewall-cmd --zone=public --remove-port=80/tcp --permanent