将Docker部署到AWS Elastic Beanstalk-如何将端口转发到主机?(端口绑定) [英] Deploying Docker to AWS Elastic Beanstalk -- how to forward port to host? (port binding)

问题描述

我有一个使用CircleCI设置的项目，用于自动部署到Elastic Beanstalk .我的EBS环境是单个容器，自动缩放的Web环境.我正在尝试运行在原始套接字端口8080上侦听的服务.

I have a project set up with CircleCI that I am using to auto-deploy to Elastic Beanstalk. My EBS environment is a single container, auto-scaling, web environment. I am trying to run a service that listens on raw socket port 8080.

我的Dockerfile:

My Dockerfile:

FROM golang:1.4.2

...

EXPOSE 8080

我的Dockerrun.aws.json.template:

My Dockerrun.aws.json.template:

{
  "AWSEBDockerrunVersion": "1",
  "Authentication": {
    "Bucket": "<bucket>",
    "Key": "<key>"
  },
  "Image": {
    "Name": "project/hello:<TAG>",
    "Update": "true"
  },
  "Ports": [
    {
      "ContainerPort": "8080"
    }
  ]
}

我确保在分配给我的项目环境的角色"上公开端口8080.

I have made sure to expose port 8080 on the "role" assigned to my project environment.

我使用了上面链接的CircleCI教程中的确切部署脚本(更改名称除外).

I used the exact deployment script from the CircleCI tutorial linked above (except with changed names).

在运行我的EBS应用程序的EC2实例中，我可以看到Docker容器已成功运行，只是Docker没有将暴露的端口转发到主机容器.过去，我在没有 -P 标志的情况下运行 docker run .... 时遇到了这种情况.

Within the EC2 instance that is running my EBS application, I can see that the Docker container has run successfully, except that Docker did not forward the exposed port to the host container. I have encountered this in the past when I ran docker run .... without the -P flag.

以下是通过SSH进入计算机后的示例会话:

Here is an example session after SSH-ing into the machine:

[ec2-user@ip-xxx-xx-xx-xx ~]$ sudo docker ps
CONTAINER ID        IMAGE                              COMMAND                CREATED             STATUS              PORTS               NAMES
a036bb061aea        aws_beanstalk/staging-app:latest   "/bin/sh -c 'go run    3 days ago          Up 3 days           8080/tcp            boring_hoover
[ec2-user@ip-xxx-xx-xx-xx ~]$ curl localhost:8080
curl: (7) Failed to connect to localhost port 8080: Connection refused

我希望看到的是-> 8080 或将其转发到主机的容器中的任何内容.

What I expect to see is the ->8080 or whatever in the container that forwards it onto the host.

当我在容器上进行 docker inspect 时，我还看到这两个配置不是我想要的:

When I do docker inspect on my container, I also see that these two configurations are not what I want:

    "PortBindings": {},
    "PublishAllPorts": false,

如何在应用程序中触发端口绑定?

How can I trigger a port binding in my application?

提前谢谢.

推荐答案

事实证明，我对Docker的网络堆栈的工作方式有误解.当某个端口公开但未发布时，该端口仍可通过Docker容器的私有IP地址提供给本地网络接口.您可以通过检查 docker inspect< container> 来获取此IP地址.

It turns out I made a misunderstanding in how Docker's networking stack works. When a port is exposed but not published, it is still available to the local network interface through the Docker container's private IP address. You can obtain this IP address by checking docker inspect <container>.

我可以执行 curl< containerIP>:8080 ，而不是执行 curl localhost:8080 .

Rather than doing curl localhost:8080 I could do curl <containerIP>:8080.

在我的EBS部署中，nginx会自动设置为将来自端口80的(HTTP)通信也转发到此内部专用端口.

In my EBS deploy, nginx was automatically setup to forward (HTTP) traffic from Port 80 to this internal private port as well.

这篇关于将Docker部署到AWS Elastic Beanstalk-如何将端口转发到主机?(端口绑定)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！