如何将 docker 容器绑定到特定的外部接口 [英] How could I bind docker container to specific external interface
问题描述
我有两个网络接口,eth0 和 eth1,
I have two network interfaces, eth0 and eth1,
如何将所有 docker 容器绑定到 eth1,并让所有网络流量通过 eth1
How could I bind all docker container to eth1, and let all network traffic go out and in via the eth1
谢谢~
我试图用 133.130.60.36 绑定到 eth1.
I tried to bind to the eth1 with 133.130.60.36.
但我仍然没有运气,我仍然将 eth0 IP 作为容器中的公共 IP.网络流量不通过eth1出去
But i still got no luck, i still get the eth0 IP as the public IP in the container. the network flow is not go out via eth1
➜ ~ docker run -d --name Peach_1 -p 133.130.60.36::9998 -ti sample/ubuntu-vnc-selenium-firefox
➜ ~ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eb28f0d1c337 sample/ubuntu-vnc-selenium-firefox "/opt/bin/run_sele_s 4 minutes ago Up 4 minutes 5901/tcp, 133.130.60.36:32768->9998/tcp Peach_1
➜ ~ docker exec -ti Peach_1 zsh
➜ / curl ipecho.net/plain ; echo
133.130.101.114
推荐答案
这是 docker 文档中的一些内容
Here's something from the docker docs
https://docs.docker.com/v17.09/engine/userguide/networking/default_network/binding/
如果你想限制更多并且只允许容器服务通过主机上的特定外部接口进行联系机器,你有两个选择.当您调用 docker run 时,您可以使用-p IP:host_port:container_port 或 -p IP::port 指定一个特定绑定的外部接口.或者,如果您总是希望 Docker 端口转发绑定到一个特定的 IP 地址,您可以编辑系统范围的 Docker 服务器设置并添加选项--ip=IP_ADDRESS.记得重启你的编辑此设置后的 Docker 服务器.
If you want to be more restrictive and only allow container services to be contacted through a specific external interface on the host machine, you have two choices. When you invoke docker run you can use either
-p IP:host_port:container_portor-p IP::portto specify the external interface for one particular binding. Or if you always want Docker port forwards to bind to one specific IP address, you can edit your system-wide Docker server settings and add the option--ip=IP_ADDRESS. Remember to restart your Docker server after editing this setting.
这篇关于如何将 docker 容器绑定到特定的外部接口的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
