使用容器名称从主机访问 docker 容器 [英] Access docker container from host using containers name

查看:63
本文介绍了使用容器名称从主机访问 docker 容器的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在开发一项服务,并在那里使用 docker compose 来旋转 postgres、redis、elasticsearch 等服务.我有一个基于 RubyOnRails 的 Web 应用程序,可以从所有这些服务中写入和读取.

I am developing a service and using there docker compose to spin services like postgres, redis, elasticsearch. I have a web application that is based on RubyOnRails and writes and reads from all those services.

这是我的docker-compose.yml

version: '2'

services:
  redis:
    image: redis:2.8
    networks:
      - frontapp

  elasticsearch:
    image: elasticsearch:2.2
    networks:
      - frontapp

  postgres:  
    image: postgres:9.5
    environment:
      POSTGRES_USER: elephant
      POSTGRES_PASSWORD: smarty_pants
      POSTGRES_DB: elephant
    volumes:
      - /var/lib/postgresql/data
    networks:
      - frontapp

networks:
  frontapp:
    driver: bridge

我可以在这个网络中 ping 容器

And i can ping containers within this network

$ docker-compose run redis /bin/bash
root@777501e06c03:/data# ping postgres
PING postgres (172.20.0.2): 56 data bytes
64 bytes from 172.20.0.2: icmp_seq=0 ttl=64 time=0.346 ms
64 bytes from 172.20.0.2: icmp_seq=1 ttl=64 time=0.047 ms
...

到目前为止一切顺利.现在我想在我的主机上运行 ruby​​ on rails 应用程序,但能够使用像 postgresql://username:password@postgres/database 这样的 url 访问 postgres 实例,目前这是不可能的

So far so good. Now I want to run ruby on rails application on my host machine but be able to access postgres instance with url like postgresql://username:password@postgres/database currently that is not possible

$ ping postgres
ping: unknown host postgres

我可以在 docker 中看到我的网络

I can see my network in docker

$ docker network ls
NETWORK ID          NAME                DRIVER
ac394b85ce09        bridge              bridge              
0189d7e86b33        elephant_default    bridge              
7e00c70bde3b        elephant_frontapp   bridge              
a648554a72fa        host                host                
4ad9f0f41b36        none                null

我可以看到它的界面

$ ifconfig 
br-0189d7e86b33 Link encap:Ethernet  HWaddr 02:42:76:72:bb:c2  
          inet addr:172.18.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:76ff:fe72:bbc2/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:36 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2000 (2.0 KB)  TX bytes:8792 (8.7 KB)

br-7e00c70bde3b Link encap:Ethernet  HWaddr 02:42:e7:d1:fe:29  
          inet addr:172.20.0.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:e7ff:fed1:fe29/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1584 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1597 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:407137 (407.1 KB)  TX bytes:292299 (292.2 KB)
...

但我不知道接下来该怎么做.我尝试使用 /etc/resolv.conf,主要使用 nameserver 指令,但没有效果.

But i am not sure what should I do next. I tried to play a bit with /etc/resolv.conf, mainly with nameserver directive, but that had no effect.

如果您能提供有关如何正确配置此设置的建议,我将不胜感激.

I would appreciate any help of suggestions how to configure this setup correctly.

更新

浏览互联网资源后,我设法为盒子分配了静态 IP 地址.现在我继续开发就够了.这是我当前的 docker-compose.yml

After browsing through Internet resources I managed to assign static IP addresses to boxes. For now it is enough for me to continue development. Here is my current docker-compose.yml

version: '2'

services:
  redis:
    image: redis:2.8
    networks:
      frontapp:
        ipv4_address: 172.25.0.11

  elasticsearch:
    image: elasticsearch:2.2
    networks:
      frontapp:
        ipv4_address: 172.25.0.12

  postgres:  
    image: postgres:9.5
    environment:
      POSTGRES_USER: elephant
      POSTGRES_PASSWORD: smarty_pants
      POSTGRES_DB: elephant
    volumes:
      - /var/lib/postgresql/data
    networks:
      frontapp:
        ipv4_address: 172.25.0.10

networks:
  frontapp:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 172.25.0.0/16
          gateway: 172.25.0.1

推荐答案

我正在使用 bash 脚本来更新 /etc/hosts.为什么是这个解决方案?

I'm using a bash script to update /etc/hosts. Why this solution?

  • 简短的脚本,易于审查(不想让一些未经审查的具有大量依赖项的应用程序访问 Docker 套接字(这意味着 root 访问权限))
  • 它使用 docker events 在每次容器启动或停止时运行(此处发布的其他解决方案每秒运行一次,效率较低)
  • 更新/etc/hosts,不需要单独的DNS服务器.
  • 只有依赖项是 bashmktempgrepxargssedjqdocker,我都已经安装好了.
  • Short script, easy to review (didn't want to give some un-reviewed application with lots of dependencies access to the Docker socket (which means root access))
  • It uses docker events to run every time a container is started or stopped (other solutions posted here run every second in a loop, which is way less efficient)
  • Updates /etc/hosts, no separate DNS server needed.
  • Only dependencies are bash, mktemp, grep, xargs, sed, jq and docker, all of which I had already installed.

只需将脚本放在某处,例如/usr/local/bin/docker-update-hosts:

Just put the script somewhere, e.g. /usr/local/bin/docker-update-hosts:

#!/usr/bin/env bash
set -e -u -o pipefail

hosts_file=/etc/hosts
begin_block="# BEGIN DOCKER CONTAINERS"
end_block="# END DOCKER CONTAINERS"

if ! grep -Fxq "$begin_block" "$hosts_file"; then
    echo -e "
${begin_block}
${end_block}
" >> "$hosts_file"
fi

(echo "| container start |" && docker events) | 
while read event; do
    if [[ "$event" == *" container start "* ]] || [[ "$event" == *" network disconnect "* ]]; then
        hosts_file_tmp="$(mktemp)"
        docker container ls -q | xargs -r docker container inspect | 
        jq -r '.[]|"(.NetworkSettings.Networks[].IPAddress|select(length > 0) // "# no ip address:") (.Name|sub("^/"; "")|sub("_1$"; ""))"' | 
        sed -ne "/^${begin_block}$/ {p; r /dev/stdin" -e ":a; n; /^${end_block}$/ {p; b}; ba}; p" "$hosts_file" 
        > "$hosts_file_tmp"
        chmod 644 "$hosts_file_tmp"
        mv "$hosts_file_tmp" "$hosts_file"
    fi
done

注意:该脚本从容器名称中删除了 docker-compose 添加的 _1 后缀.如果您不想这样做,只需从脚本中删除 |sub("_1$"; "") 即可.

Note: The script removes the _1 suffix added by docker-compose from container names. If you don't want that just remove |sub("_1$"; "") from the script.

您可以使用 systemd 服务与 Docker 同步运行:/etc/systemd/system/docker-update-hosts.service:

You can use a systemd service to run this synchronously with Docker: /etc/systemd/system/docker-update-hosts.service:

[Unit]
Description=Update Docker containers in /etc/hosts
Requires=docker.service
After=docker.service
PartOf=docker.service

[Service]
ExecStart=/usr/local/bin/docker-update-hosts

[Install]
WantedBy=docker.service

要激活,请运行:

systemctl daemon-reload
systemctl enable docker-update-hosts.service
systemctl start docker-update-hosts.service

这篇关于使用容器名称从主机访问 docker 容器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆