Once the Docker container is started, the parameters cannot be changed. The most common change in the production environment is the port mapping, in order to solve this problem, then first of all planning, this article listed two port planning scheme, if the subsequent maintenance in order to increase the port mapping scene, this paper also gives a dynamic port mapping expansion scheme.
1. Single IP multi-container mapping plan
This environment is applicable to only a single IP environment, such as cloud hosts.
1.1 Port Mapping Planning table:
Plan different port segments, map to containers and provide services externally.
Host Name |
SSH mapping |
MySQL Mapping |
Nginx Mapping |
Redis Mapping |
Redis-test |
51000 |
22 |
51001 |
320W |
51004 |
80 |
51002 |
6379 |
51005 |
8000 |
51003 |
6381 |
51006 |
8888 |
|
|
Scheduler-test |
52000 |
22 |
52001 |
320W |
52004 |
80 |
52002 |
6379 |
52005 |
8888 |
52003 |
6381 |
52006 |
8000 |
|
|
... |
... |
... |
... |
... |
... |
... |
... |
... |
1.2 corresponding container start command:
Docker run-h= "Redis-test"--name redis-test-d-P 51000:22-p 51001:3306-p 51003:6379-p 51004:6381-p 51005:80-p 51006:8000-p 51007:8888 debian02/etc/rc.local
Docker run-h= "Salt_zabbix_manager02"--name salt_zabbix_manager02-d-P 52000:22-p 52001:3306-p 52003:6379-p 52004: 6381-p 52005:80-p 52006:8000-p 52007:8888 debian02/etc/rc.local
1.3 Above start parameter explanation:
-H refers to the host name in the container after startup.
--name is the name of the container on the host, and the start Stop container does not have to use the container ID, and the name can be used, such as Docker stop Redis-test.
-D runs in the background form.
-p Specifies the mapping port, and if you need to map the UDP port, the format is-P3000:3000/UDP.
DEBIAN02 is the underlying mirror name.
/etc/rc.local is the container's start command, putting multiple startup scripts in/etc/rc.local to facilitate multiple programs to boot from the container.
#关于docker的安装, preliminary use, order details, mirror production, containers moved out, etc., please refer to my other article: http://yangrong.blog.51cto.com/6945369/1551327
2. Multi-IP multi-container mapping plan
This program is suitable for the Intranet test development environment, all external access to IP needs to be configured on the host, such as the second IP eth0:1,eth0:2 this form of configuration, and then each IP and container port mapping configuration can be consistent.
2.1 Port and IP Mapping planning table:
(Here is the intranet IP, host IP is 10.28.103.1)
Host Name |
External Access IP |
Container Open ports |
Operating system |
Iframe-test |
10.18.103.2 |
22 3306 80 8000 8888 443 6379 6381 |
Debian7 |
Web-test |
10.18.103.3 |
22 3306 80 8000 8888 443 6379 6381 |
Debian7 |
2.2 Corresponding container start command:
Docker run-h= "Iframe-test"--name iframe-test-d-P 10.18.103.2:22:22-p 10.18.103.2:3306:3306-p 10.18.103.2:6379:6379 -P 10.18.103.2:6381:6381-p 10.18.103.2:80:80-p 10.18.103.2:8000:8000-p 10.18.103.2:8888:8888-p 10.18.103.2:443:443 D Ebian-iframe-test/etc/rc.local
Docker run-h= "Web-test"--name web-test-d-P 10.18.103.3:22:22-p 10.18.103.3:3306:3306-p 10.18.103.3:6379:6379-p 10 .18.103.3:6381:6381-p 10.18.103.3:80:80-p 10.18.103.3:8000:8000-p 10.18.103.3:8888:8888-p 10.18.103.3:443:443 Debia N-iframe-test/etc/rc.local
3. Port mapping Dynamic expansion scheme
In the work, the general addition of new services, you need to add a port mapping, due to the inability to dynamically adjust, usually need to commit to a new mirror, and then based on a new mirror to the container, is indeed a very troublesome thing.
But the nature of the mapping is done through iptables. So we can dynamically increase the port mapping with Iptables, as follows:
3.1 View container mapping with iptables:
root@qssec-iframe:~# iptables-t NAT-NVL
...
Chain Docker (2 references)
Pktsbytes Target prot opt in Out source destination
0 0 Dnat TCP--! DOCKER0 * 0.