网络 – 从docker容器连接到docker主机

我有一个设置,我在Docker容器中运行我的网站的所有部分.我在端口80和443上侦听的nginx在容器中运行.

363292a98545        scivm/nginx-django-scivmcom:latest   /usr/bin/supervisord   12 days ago         Ghost               0.0.0.0:40001->22/tcp, 88.198.57.112:443->443/tcp, 88.198.57.112:80->80/tcp     lonely_feynmann           

我想在另一个容器中设置服务的代理.此容器绑定到主机上的端口3000:

b38c8ef72d0a        mazzolino/strider-dind:latest        wrapdocker /usr/bin/   41 minutes ago      Up 41 minutes       0.0.0.0:3000->3000/tcp, 22/tcp, 27017/tcp                                       distracted_einstein      

我在docker主机上的iptables看起来像这样:

root@Ubuntu-1204-precise-64-minimal /var/run # iptables -L
Chain INPUT (policy ACCEPT) target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8000
DROP       all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

从容器内部,由于iptables配置,我无法连接到主机上的端口3000.

我不想打开3000端口到公共互联网.

有没有办法在端口3000上打开容器和主机之间的直接桥接?

或者我应该修改我的iptables以接受docker ip range吗?

最佳答案
所有你需要的是Docker的link capabilities.

只是摆脱你尝试做的所有复杂的东西,并开始使用命名容器,然后将它们相互链接.

转载注明原文:网络 – 从docker容器连接到docker主机 - 代码日志