Docker container port IP programming and Port dynamic expansion

Once the Docker container is started, the parameters cannot be changed. The most common change in the production environment is the port mapping, in order to solve this problem, then first of all planning, this article listed two port planning scheme, if the subsequent maintenance in order to increase the port mapping scene, this paper also gives a dynamic port mapping expansion scheme.

1. Single IP multi-container mapping plan

This environment is applicable to only a single IP environment, such as cloud hosts.

1.1 Port Mapping Planning table:

Plan different port segments, map to containers and provide services externally.

Host Name	SSH mapping	MySQL Mapping	Nginx Mapping	Redis Mapping
Redis-test	51000	22	51001	320W	51004	80	51002	6379
51005	8000	51003	6381
51006	8888
Scheduler-test	52000	22	52001	320W	52004	80	52002	6379
52005	8888	52003	6381
52006	8000
...	...	...	...	...	...	...	...	...

1.2 corresponding container start command:

Docker run-h= "Redis-test"--name redis-test-d-P 51000:22-p 51001:3306-p 51003:6379-p 51004:6381-p 51005:80-p 51006:8000-p 51007:8888 debian02/etc/rc.local

Docker run-h= "Salt_zabbix_manager02"--name salt_zabbix_manager02-d-P 52000:22-p 52001:3306-p 52003:6379-p 52004: 6381-p 52005:80-p 52006:8000-p 52007:8888 debian02/etc/rc.local

1.3 Above start parameter explanation:

-H refers to the host name in the container after startup.

--name is the name of the container on the host, and the start Stop container does not have to use the container ID, and the name can be used, such as Docker stop Redis-test.

-D runs in the background form.

-p Specifies the mapping port, and if you need to map the UDP port, the format is-P3000:3000/UDP.

DEBIAN02 is the underlying mirror name.

/etc/rc.local is the container's start command, putting multiple startup scripts in/etc/rc.local to facilitate multiple programs to boot from the container.

#关于docker的安装, preliminary use, order details, mirror production, containers moved out, etc., please refer to my other article: http://yangrong.blog.51cto.com/6945369/1551327

2. Multi-IP multi-container mapping plan

This program is suitable for the Intranet test development environment, all external access to IP needs to be configured on the host, such as the second IP eth0:1,eth0:2 this form of configuration, and then each IP and container port mapping configuration can be consistent.

2.1 Port and IP Mapping planning table:

(Here is the intranet IP, host IP is 10.28.103.1)

Host Name	External Access IP	Container Open ports	Operating system
Iframe-test	10.18.103.2	22 3306 80 8000 8888 443 6379 6381	Debian7
Web-test	10.18.103.3	22 3306 80 8000 8888 443 6379 6381	Debian7

2.2 Corresponding container start command:

Docker run-h= "Iframe-test"--name iframe-test-d-P 10.18.103.2:22:22-p 10.18.103.2:3306:3306-p 10.18.103.2:6379:6379 -P 10.18.103.2:6381:6381-p 10.18.103.2:80:80-p 10.18.103.2:8000:8000-p 10.18.103.2:8888:8888-p 10.18.103.2:443:443 D Ebian-iframe-test/etc/rc.local

Docker run-h= "Web-test"--name web-test-d-P 10.18.103.3:22:22-p 10.18.103.3:3306:3306-p 10.18.103.3:6379:6379-p 10 .18.103.3:6381:6381-p 10.18.103.3:80:80-p 10.18.103.3:8000:8000-p 10.18.103.3:8888:8888-p 10.18.103.3:443:443 Debia N-iframe-test/etc/rc.local

3. Port mapping Dynamic expansion scheme

In the work, the general addition of new services, you need to add a port mapping, due to the inability to dynamically adjust, usually need to commit to a new mirror, and then based on a new mirror to the container, is indeed a very troublesome thing.

But the nature of the mapping is done through iptables. So we can dynamically increase the port mapping with Iptables, as follows:

3.1 View container mapping with iptables:

root@qssec-iframe:~# iptables-t NAT-NVL

...

Chain Docker (2 references)

Pktsbytes Target prot opt in Out source destination

0 0 Dnat TCP--! DOCKER0 * 0.