In the Docker section, you see how to run a service in Docker container through a network port connection. But port connectivity is just a way to interact with services or applications that run in Docker container. In this section, we will simply reply to the way the network port connection is established, and then introduce another way of accessing: container linking.
Review of Network port mapping
In Docker use chapters, we created a container to run the Python flask application.
Note: Containers has an internal network and IP address (see container IP address using the Docker inspect command). The Docker has different network configurations. We can view the network configuration here.$ sudo docker run-d-p Training/webapp python app.py
When the container is created,-p is used to automatically map the network port to any port between 49153 and 65535 on the host. Next, run Docker PS
You can also display the host port with the specified container port bindings, using the-P tag.$ sudo docker PS nostalgic_morse CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bc533791f3f5 training/webapp:latest python app.py 5 seconds ago up 2 seconds 0.0.0.0:49155- >5000/tcp Nostalgic_morse
We see that this is not a good idea because it binds us only to a container that can be specified on this particular port.$ sudo docker run-d-p 5000:5000 training/webapp python app.py
There are some other ways to configure using the-P tag. By default, the-p tag binds a specific port to all the interfaces on the host. But we can also specify binding-specific interfaces, such as only to localhost.
This binds the internal 5000 ports of the container to port 5000 on the interface localhost or 127.0.0.1 on the host.$ sudo docker run-d-p 127.0.0.1:5000:5000 training/webapp python app.py
Alternatively, dynamically binding the container's 5000 port to localhost, you can do this:
We can use the Docker port shortcut to query the currently bound port.$ sudo docker run-d-p 127.0.0.1:5000:5000/udp training/webapp python app.py
This is a useful way to display the configuration of the specified port. For example, if you have bound the port of the container to the localhost on the host. Then Docker port will output this result.
Note: the-P label can be used multiple times to configure more than one port.$ sudo docker port Nostalgic_morse 5000 127.0.0.1:49155
Docker Container linking
Network port mapping is not the only way to make one container access another container. Docker also has a linking system, where we can connect multiple container and send connection information to each other. When container is connected, information about the source container is sent to the receiving container. This will be the information that receives the message and can see the source container.
Container naming
In order to establish the connection, Docker relies on container's name. You've seen that each container has an automatically created name. You can also name the container by yourself. This command provides two functions:
A way to represent this container specific function by name makes it easier for you to remember them. For example, a container named containing a Wen application is the web. Docker provides a reference point for other containers to easily index to it, for example, you can specify the Web container to connect to the DB container.
You can use the--name tag to name a container, for example:
The container is started, named--name, the container for the web. You can use the Docker PS command to see the name of the container.$ sudo docker run-d-P--name web Training/webapp python app.py
You can use Docker inspect to return the name of container.$ sudo docker ps-l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES Aed84ee21bde training/webapp:latest python app.py hours ago up 2 seconds 0.0.0.0:49154->5000/tcp Web
$ sudo docker inspect-f "{{. Name}} "Aed84ee21bde
/webContainer linking
The connection lets container discover each other, secure transmission of information. When we establish a connection, a catheter can be established between the source container and the receiving container. This receiver has access to the selected data about the source. To create a connection, use the--link label. First, create a container that contains the database this time.
Created a new container called db, from Training/postgres image, which contains the PostgreSQL database.$ sudo docker run-d--name db training/postgres
Now you need to remove the Web Container so that you can create a linked Container instead:
Now create a Web Container and connect to the DB Container.$ sudo docker rm-f web
$ sudo docker run-d-P--name web--link db:db training/webapp python app.py
This will connect the new Web Container to the DB Container that you created previously. The formation of this--link label:
Name is the name that you want to connect to container, and alias is the name of link.--link <name or Id>:alias
You will see why the alias name shrinks.
Next, check the connected container and use the Docker inspect:
$ sudo docker inspect-f "{{. Hostconfig.links}} "Web
[/db:/web/db]So what did the two connected container do? Connection time source container provide information to receive container. In our example, the receiving web has access to information about the source db. To achieve this, Docker creates a secure channel between the containers without exposing any ports to the outside world. When we started DB container, we did not use any-p or-p tags. This is the benefit of the connection: I don't need to go to the network to expose our source container, here PostgreSQL the database.
Docker exposes the connection information of the source container to the receiving container, there are two ways:
environment variable Update/etc/hosts file environment variable when two containers are connected, Docker needs to set some environment variables in the target container to enable programmatic discovery of the source container's information. First, Docker sets the <ALIAS>_NAME environment variable to specify the alias for each target container, which is used in the--link parameter. So, for example, if a new container is called the Web, a connection is made to the Database container db, through DB:WEBDB, and then webdb_name=/web/webdb in the Web container. Docker can also be defined as the ports exposed by each source container, defining a series of environment variables. The style is as follows: <name>_PORT_<port>_<protocol> will contain a URL index to this port. <name> is the alias specified in the--link parameter (for example, WEBDB),<port> is the exposed port number,<protocol> is TCP or UDP. The URL is formatted as follows:<protocol>://<container_ip_address>:<port> (for example, tcp://172.17.0.82:8080). This URL is divided into 3 environment variables for ease of use:
<NAME>_PORT_<PORT>_<PORTOCOL>_ADDR contains the IP address of the URL (for example, webdb_port_8080_tcp_addr=172.17.0.82). <name>_port_<port>_<portocol>_port contains the URL port number (for example, webdb_port_8080_tcp_port=8080). <name>_port_<port>_<portocol>_prpto contains URL protocols (for example, WEBDB_PORT_8080_TCP_PROTO=TCP).
If multiple ports are exposed, the above environment variable settings are set for each port.
Finally, an environment variable called <alias>_port will contain the URL exposed by the first source container. such as webd_port=tcp://172.17.0.82:8080. In this example, ' a ' is defined as the smallest port number to be exposed. If the port is used for TCP and UDP, then the TCP port is specified.
To return to our database example, you can run the ENV command to list the specified container environment variables.
$ sudo docker run--rm--name web2--link db:db env
...
db_name=/web2/db
db_port=tcp://172.17.0.5:5432
db_port_5432_tcp=tcp://172.17.0.5:5432
DB_PORT_5432 _tcp_proto=tcp
db_port_5432_tcp_port=5432
db_port_5432_tcp_addr=172.17.0.5
...Note: Unlike the host entry in the/etc/hosts file, the IP address is stored in the environment variable and cannot be automatically updated if the source container is restarted. Therefore, it is recommended that you use the host entry in/etc/hosts/to resolve the IP problem between the connected containers.
You can see the environment variables that create useful information about DB containers. Each environment variable is prefixed with a db_, which is derived from the specified alias. If the alias is DB1, then the variable is prefixed with db1_. You can use these environment variables to configure the application to connect to the database on the DB container. This connection is secure and private. Only the connected Web container can communicate with the DB container.
Update/etc/hosts files
In addition to environment variables, Docker can add host entity to the source container's/etc/hosts file. This is the directory for the Web container:
You can see two related host directories. The first directory is the Web container that takes the container ID as the host name. The second directory uses the connection alias to index to the IP address of the DB container. You can ping this host name.$ sudo docker run-t-i--rm--link db:db training/webapp/bin/bash root@aed84ee21bde:/opt/webapp# cat/etc/hosts 172.17.0.7 Aed84ee21bde ... 172.17.0.5 DB
root@aed84ee21bde:/opt/webapp# apt-get install-yqq inetutils-ping root@aed84ee21bde:/opt/webapp# Ping db Ping db ( 172.17.0.5): Data bytes bytes from 172.17.0.5:icmp_seq=0 ttl
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
