如何将docker容器绑定到特定的外部接口 [英] How could I bind docker container to specific external interface
问题描述
我必须网络接口, eth0
和 eth1
,
如何将所有docker容器绑定到 eth1
,并让所有网络流量通过 eth1
How could I bind all docker container to eth1
, and let all network traffic go out and in via the eth1
谢谢〜
我试图绑定到$ code> eth1 与133.130.60.36。
I tried to bind to the eth1
with 133.130.60.36.
但我还没有运气,我还是得到eth0 IP作为容器中的公共IP。网络流不通过eth1出去
But i still got no luck, i still get the eth0 IP as the public IP in the container. the network flow is not go out via eth1
➜ ~ docker run -d --name Peach_1 -p 133.130.60.36::9998 -ti sample/ubuntu-vnc-selenium-firefox
➜ ~ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eb28f0d1c337 sample/ubuntu-vnc-selenium-firefox "/opt/bin/run_sele_s 4 minutes ago Up 4 minutes 5901/tcp, 133.130.60.36:32768->9998/tcp Peach_1
➜ ~ docker exec -ti Peach_1 zsh
➜ / curl ipecho.net/plain ; echo
133.130.101.114
推荐答案
这是Docker文档的一些内容
Here's something from the docker docs
https://docs.docker.com/engine/userguide/networking/default_network/binding/
如果要限制更多,只允许容器服务
通过主机
机器上的特定外部接口进行联系,则有两种选择。当您调用docker运行时,您可以使用
-p -p:host_port:container_port或-p IP :: port为一个特定绑定指定
外部接口。
或者如果您始终希望Docker端口转发绑定到一个特定的IP地址,您可以编辑系统范围的Docker服务器
设置,并添加选项--ip = IP_ADDRESS。记住在编辑此设置后重新启动
Docker服务器。
If you want to be more restrictive and only allow container services to be contacted through a specific external interface on the host machine, you have two choices. When you invoke docker run you can use either -p IP:host_port:container_port or -p IP::port to specify the external interface for one particular binding. Or if you always want Docker port forwards to bind to one specific IP address, you can edit your system-wide Docker server settings and add the option --ip=IP_ADDRESS. Remember to restart your Docker server after editing this setting.
这篇关于如何将docker容器绑定到特定的外部接口的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!