【问题标题】:Shouldn't I be able to access port 4200 on my docker container?我不应该能够访问我的 docker 容器上的 4200 端口吗?
【发布时间】:2019-07-06 20:14:38
【问题描述】:

我查看了其他类似的问题,例如:Access to Docker Container Portaccess docker container's portCannot access port on host mapped to docker container port,我认为我正在尽我所能访问我的 docker 容器上的端口 4200,但我无法访问。

这是docker ps的输出:

$ docker ps
CONTAINER ID        IMAGE                         COMMAND             CREATED             STATUS              PORTS               NAMES
298f832ca50d        redcricket/fisherman:latest   "/usr/sbin/init"    About an hour ago   Up 39 minutes       4200/tcp            gallant_matsumoto

我的容器可以 ping 通:

$ ping `docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' gallant_matsumoto`

Pinging 172.17.0.2 with 32 bytes of data:
Reply from 172.17.0.2: bytes=32 time=110ms TTL=239
Reply from 172.17.0.2: bytes=32 time=82ms TTL=239
Reply from 172.17.0.2: bytes=32 time=92ms TTL=239
Reply from 172.17.0.2: bytes=32 time=80ms TTL=239

Ping statistics for 172.17.0.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 80ms, Maximum = 110ms, Average = 91ms

在我的服务器上,我以这样的角度开始:

[root@298f832ca50d HelloWorld]# ng serve --host 0.0.0.0 --port 4200 --disableHostCheck
WARNING: This is a simple server for use in testing or debugging Angular applications
locally. It hasn't been reviewed for security issues.

Binding this server to an open connection can result in compromising your application or
computer. Using a different host than the one passed to the "--host" flag might result in
websocket connection issues. You might need to use "--disableHostCheck" if that's the
case.
WARNING: Running a server with --disable-host-check is a security risk. See https://medium.com/webpack/webpack-dev-server-middleware-security-issues-1489d950874a for more information.
 10% building 3/3 modules 0 activeℹ 「wds」: Project is running at http://0.0.0.0:4200/webpack-dev-server/
ℹ 「wds」: webpack output is served from /
ℹ 「wds」: 404s will fallback to //index.html
chunk {main} main.js, main.js.map (main) 9.77 kB [initial] [rendered]
chunk {polyfills} polyfills.js, polyfills.js.map (polyfills) 251 kB [initial] [rendered]
chunk {runtime} runtime.js, runtime.js.map (runtime) 6.09 kB [entry] [rendered]
chunk {styles} styles.js, styles.js.map (styles) 16.3 kB [initial] [rendered]
chunk {vendor} vendor.js, vendor.js.map (vendor) 3.8 MB [initial] [rendered]
Date: 2019-07-06T19:58:08.308Z - Hash: 201a042264b357c18e36 - Time: 14593ms
** Angular Live Development Server is listening on 0.0.0.0:4200, open your browser on http://localhost:4200/ **
ℹ 「wdm」: Compiled successfully.

但我仍然无法访问http://172.17.0.2:4200/

C:\Users\plankton>curl http://172.17.0.2:4200/
curl: (7) Failed to connect to 172.17.0.2 port 4200: Timed out

我错过了什么?

更新:谢谢 seahorsepip 我试过了:

$  docker run --privileged  -p=4200:4200 -itd -e container=docker  -v /sys/fs/cgroup:/sys/fs/cgroup  redcricket/fisherman:latest /usr/sbin/init
870cd55d0bc65ffe27c595b0092f28a5e333c235ae355a2469563b09058cdf22

plankton@DESKTOP-C8MFTFD MINGW64 /c/Program Files/Docker Toolbox
$ docker ps
CONTAINER ID        IMAGE                         COMMAND             CREATED             STATUS              PORTS                    NAMES
870cd55d0bc6        redcricket/fisherman:latest   "/usr/sbin/init"    8 seconds ago       Up 3 seconds        0.0.0.0:4200->4200/tcp   kind_kapitsa

但是还是连接不上……

C:\Users\plankton>curl http://localhost:4200/
curl: (7) Failed to connect to localhost port 4200: Connection refused

更新二:感谢下面的 David,我现在知道了 VM 的 ip

$ docker-machine.exe ip
192.168.99.100

我不知道如何使用这个 IP。

在客户端我得到...

C:\Users\plankton>curl http://192.168.99.100:4200
curl: (7) Failed to connect to 192.168.99.100 port 4200: Connection refused

如果我尝试像这样重新启动服务器...

[root@bfd864884a59 HelloWorld]# ng serve --host 192.168.99.100
An unhandled exception occurred: listen EADDRNOTAVAIL: address not available 192.168.99.100:4200
See "/tmp/ng-YKKmQ9/angular-errors.log" for further details.

【问题讨论】:

  • 如果您使用的是 Docker Toolbox,则需要使用 VM 的 IP 地址,通常是 192.168.99.100。我强烈建议阅读 Docker 的 Getting Started, Part 2: Containers 关于构建和运行自定义镜像的文档:您的镜像默认 CMD 应该只是启动您的应用程序,而无需在其中获取交互式 shell,并且您不需要 --privileged 或绑定-在/sys 中挂载任何东西。
  • 感谢大卫的指点。我认为VM的IP是172.17.0.2,我通过执行docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' gallant_matsumoto来确定。我试过了,我认为。没有快乐。
  • docker inspect返回的IP地址在很多情况下基本没用;例如,您无法使用 Docker Toolbox 从主机直接访问它们。您永远不需要使用或知道这些 IP 地址,也不需要查找它们。
  • 好的,我该如何获取“VM的IP地址”?
  • docker-machine ip 会告诉你。

标签: docker docker-toolbox


【解决方案1】:

该端口仅在Docker网络本身可达,需要将端口转发到Docker网络外部:

docker run -p 4200:4200 ...

然后您可以通过localhost:4200 访问您的 docker 实例。

有关 Docker 网络的更多信息:https://docs.docker.com/config/containers/container-networking/

有关发布和公开的更多信息(差异): What is the difference between "expose" and "publish" in Docker?

【讨论】:

  • 执行docker run ...时还需要--expose 4200选项吗?
  • 建议公开,但是当您发布 (-p) 端口时,Docker 已经隐式地为您公开了该端口,因此您可以将其省略,即使不推荐,它仍然可以工作。更多信息:stackoverflow.com/questions/22111060/…
  • EXPOSE 指令实际上并没有发布端口。它充当构建映像的人和运行容器的人之间的一种文档类型,关于打算发布哪些端口。
猜你喜欢
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2020-07-09
  • 1970-01-01
  • 2020-10-11
  • 1970-01-01
  • 1970-01-01
相关资源
最近更新 更多