我正在嘗試使以下設定正常作業:
- 我的本地機器作業系統 = Linux
- 我正在這臺本地機器上構建一個 docker mysql 容器
- 我計劃在容器中植入資料庫,然后在本地(在我的本地 Linux 機器上)針對這個容器運行測驗(我也將在我的 linux 機器上啟動)
不幸的是,在運行我的測驗并嘗試連接到容器時,默認bridge網路網關 IP 無法訪問。
我的docker-compose.yaml檔案如下
version: "3.4"
services:
integration-test-mysql:
image: mysql:8.0
container_name: ${MY_SQL_CONTAINER_NAME}
environment:
- MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
ports:
- "3306:3306"
volumes:
# - ./src/db:/usr/src/db #Mount db folder so we can run seed files etc.
- ./seed.sql:/docker-entrypoint-initdb.d/seed.sql
network_mode: bridge
healthcheck:
test: "mysqladmin -u root -p$MYSQL_ROOT_PASSWORD -h 127.0.0.1 ping --silent 2> /dev/null || exit 1"
interval: 5s
timeout: 30s
retries: 5
start_period: 10s
entrypoint: sh -c "
echo 'CREATE SCHEMA IF NOT EXISTS gigs;' > /docker-entrypoint-initdb.d/init.sql;
/usr/local/bin/docker-entrypoint.sh --default-authentication-plugin=mysql_native_password
"
運行時docker network ls我看到以下內容
docker network ls
NETWORK ID NAME DRIVER SCOPE
42a11ef835dd bridge bridge local
c7453acfbc98 host host local
48572c69755a integration_default bridge local
bd470f8620fd none null local
于是integration_default就創建了網路。然后如果我檢查這個網路
docker network inspect integration_default
[
{
"Name": "integration_default",
"Id": "48572c69755ae1bbc1448ab203a01d81be4300da12c97a9c4f1142872b878387",
"Created": "2022-09-28T00:48:20.504251612Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.27.0.0/16",
"Gateway": "172.27.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"79e897decb4f0ae5836c018d82e78997e8ac2f615b399362a307cc7f585c0875": {
"Name": "integration-test-mysql-host",
"EndpointID": "1f7798554029cc2d07f7ba44d057c489b678eac918f7916029798b42585eda41",
"MacAddress": "02:42:ac:1b:00:02",
"IPv4Address": "172.27.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {
"com.docker.compose.network": "default",
"com.docker.compose.project": "integration",
"com.docker.compose.version": "2.7.0"
}
}
]
將此與默認網橋進行比較
docker inspect bridge
[
{
"Name": "bridge",
"Id": "42a11ef835dd1b2aec3ecea57211bb2753e0ebd4a2a115ace8b7df3075e97d5a",
"Created": "2022-09-27T21:54:44.239215269Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
有趣的是,ping 172.17.0.1在我的 Linux 機器上運行可以正常作業,但ping 172.27.0.1無法回傳任何內容
更新
我現在已經開始作業了。通過network_mode: bridge在我的 docker compose 檔案中指定,我可以使用我提到的本地機器上可以訪問的默認橋接網路。
但是,我想知道為什么在這里創建自己的網路不起作用。有誰知道為什么會這樣?
uj5u.com熱心網友回復:
Docker 網路應該是隱藏的,除非有充分的理由,否則你應該讓 docker 完成它的作業。
與服務互動的正確方法是通過其開放埠。這些埠映射到主機上,因此與 host:port 通信就像與容器內的應用程式通信一樣。
所以當你說你不能從主機ping你的容器時,那是因為Docker做得很好。“修復”這打破了容器的隔離,并使其可用于其他不應訪問它的服務。
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/510496.html