Docker同一台宿主機容器通信-通過容器名稱互聯
作者:尹正傑
版權聲明:原創作品,謝絕轉載!否則將追究法律責任。
一.通過容器名稱互聯概述
即在同一個宿主機上的容器之間可以通過自定義的容器名稱相互訪問,比如一個業務前端靜態頁面使用nginx,動態頁面使用的是tomcat,由於容器在啟動的時候其內部IP地址是DHCP隨機分配的,所以如果通過內部訪問的話,自定義名稱是相對比較固定的,因此比較適合於此場景。
二.通過容器名稱互聯實戰案例
1>.創建一個tomcat容器(鏡像制作可參考我之前的筆記:https://www.cnblogs.com/yinzhengjie/p/12230043.html)
[root@docker101.yinzhengjie.org.cn ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE centos-haproxy v1.8.20 1858fe05d96f 8 days ago 606MB registry latest 708bc6af7e5e 8 days ago 25.8MB tomcat-app01 v0.1 bf45c22f2d5b 8 days ago 983MB tomcat-base 8.5.50 9ff79f369094 10 days ago 968MB jdk-base 1.8.0_231 0f63a97ddc85 10 days ago 953MB centos-base 7.6.1810 b4931fd9ace2 10 days ago 551MB centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB lorel/docker-stress-ng latest 1ae56ccafe55 3 years ago 8.1MB [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container run -it -d --name tomcat-app01 tomcat-app01:v0.1 36315d1b0cb52beecd474121ae697c551ff7a51468f9600c228be18c02fc336d [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container exec -it 36315d1b0cb52beecd474121ae697c551ff7a51468f9600c228be18c02fc336d bash [root@36315d1b0cb5 /]# [root@36315d1b0cb5 /]# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.2 36315d1b0cb5 [root@36315d1b0cb5 /]# [root@36315d1b0cb5 /]# ping 36315d1b0cb5 -c 2 PING 36315d1b0cb5 (172.17.0.2) 56(84) bytes of data. 64 bytes from 36315d1b0cb5 (172.17.0.2): icmp_seq=1 ttl=64 time=0.085 ms 64 bytes from 36315d1b0cb5 (172.17.0.2): icmp_seq=2 ttl=64 time=0.032 ms --- 36315d1b0cb5 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.032/0.058/0.085/0.027 ms [root@36315d1b0cb5 /]# [root@36315d1b0cb5 /]# exit exit [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 36315d1b0cb5 tomcat-app01:v0.1 "/yinzhengjie/softwa…" About a minute ago Up About a minute 8080/tcp, 8443/tcp tomcat-app01 [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]#
2>.創建一個nginx容器(鏡像制作可參考我之前的筆記:https://www.cnblogs.com/yinzhengjie/p/12198878.html)時使用"--link"選項和上面創建的tomcat容器互聯
[root@docker101.yinzhengjie.org.cn ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx v0.1-20200201 1a8b4f68e96a 22 minutes ago 449MB centos-haproxy v1.8.20 1858fe05d96f 8 days ago 606MB registry latest 708bc6af7e5e 8 days ago 25.8MB tomcat-app01 v0.1 bf45c22f2d5b 8 days ago 983MB tomcat-base 8.5.50 9ff79f369094 10 days ago 968MB jdk-base 1.8.0_231 0f63a97ddc85 10 days ago 953MB centos-base 7.6.1810 b4931fd9ace2 10 days ago 551MB centos centos7.6.1810 f1cb7c7d58b7 10 months ago 202MB lorel/docker-stress-ng latest 1ae56ccafe55 3 years ago 8.1MB [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container run -it -d --name nginx-web01 --link tomcat-app01 -p 80:80 nginx:v0.1-20200201 8e05fc399edd16fe5bde32bebba269c0a07a0a1a928b46421693dd7ee4943ebf [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8e05fc399edd nginx:v0.1-20200201 "nginx" 23 seconds ago Up 22 seconds 0.0.0.0:80->80/tcp, 443/tcp nginx-web01 36315d1b0cb5 tomcat-app01:v0.1 "/yinzhengjie/softwa…" 34 minutes ago Up 34 minutes 8080/tcp, 8443/tcp tomcat-app01 [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-web01 bash [root@8e05fc399edd /]# [root@8e05fc399edd /]# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.2 tomcat-app01 36315d1b0cb5 172.17.0.3 8e05fc399edd [root@8e05fc399edd /]# [root@8e05fc399edd /]# ping tomcat-app01 -c 1 PING tomcat-app01 (172.17.0.2) 56(84) bytes of data. 64 bytes from tomcat-app01 (172.17.0.2): icmp_seq=1 ttl=64 time=0.051 ms --- tomcat-app01 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms [root@8e05fc399edd /]# [root@8e05fc399edd /]# exit exit [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]#
3>.進入nginx容器編輯nginx的配置文件反向代理tomcat服務
[root@docker101.yinzhengjie.org.cn ~]# docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8e05fc399edd nginx:v0.1-20200201 "nginx" About a minute ago Up About a minute 0.0.0.0:80->80/tcp, 443/tcp nginx-web01 36315d1b0cb5 tomcat-app01:v0.1 "/yinzhengjie/softwa…" 35 minutes ago Up 35 minutes 8080/tcp, 8443/tcp tomcat-app01 [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-web01 bash [root@8e05fc399edd /]# [root@8e05fc399edd /]# vim /etc/nginx/nginx.conf [root@8e05fc399edd /]# [root@8e05fc399edd /]# cat /etc/nginx/nginx.conf user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; daemon off; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format my_access_json '{"@timestamp":"$time_iso8601",' '"host":"$server_addr",' '"clientip":"$remote_addr",' '"size":$body_bytes_sent,' '"responsetime":$request_time,' '"upstreamtime":"$upstream_response_time",' '"upstreamhost":"$upstream_addr",' '"http_host":"$host",' '"uri":"$uri",' '"domain":"$host",' '"xff":"$http_x_forwarded_for",' '"referer":"$http_referer",' '"tcp_xff":"$proxy_protocol_addr",' '"http_user_agent":"$http_user_agent",' '"status":"$status"}'; access_log /var/log/nginx/access_json.log my_access_json; sendfile on; keepalive_timeout 65; include mime.types; default_type text/html; charset utf-8; upstream tomcat { server 172.17.0.2:8080; } server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; location / { } location /app01 { proxy_pass http://tomcat; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } } [root@8e05fc399edd /]# [root@8e05fc399edd /]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@8e05fc399edd /]# [root@8e05fc399edd /]# nginx -s reload [root@8e05fc399edd /]#
4>.瀏覽器訪問Nginx的web頁面(http://docker101.yinzhengjie.org.cn/)
5>.瀏覽器訪問Tomcat的web頁面(http://docker101.yinzhengjie.org.cn/app01/)
三.通過容器名稱互聯的注意事項
1>.思考第二步存在的問題
先不要往下看,請閉眼10秒鍾思考上面的配置可能會存在哪些故障問題,經過激烈的思考后再往下看咱們是否想到一起去了?
問題一:
nginx的配置文件中在upstream中寫死了后端容器的IP地址.
問題剖析:
這樣有一個致命的缺陷就是可移植性差,我們將該容器提交為鏡像后再其它節點上運行很可能分配的容器IP地址不同會導致后端服務無法正常訪問.
解決方案:
在配置文件中寫后端服務器的主機名稱,這樣不管IP地址怎么變動都不用修改nginx的配置文件,只需要修改"/etc/hosts"文件將后端服務器主機的IP地址改成對應的IP地址即可(在新啟動的容器這個操作是自動完成的).
問題二:
代碼升級時可能后端容器的名稱發生變動.
問題刨析:
這是一個讓人和頭疼的問題,盡管我們上面解決了寫死IP地址的問題,但是后端的主機名一直頻繁的改動那意味這我們依舊得重新nginx的配置文件.
解決方案:
在使用"--link"通過容器名稱互聯時我們可以自定義容器別名,使用容器別名在"/etc/hosts"文件中解析的后端服務器主機名是咱們自定義的后端主機名.
2>.通過自定義容器別名互聯案例
[root@docker101.yinzhengjie.org.cn ~]# docker container run -it -d --name nginx-web02 --link tomcat-app01:www.yinzhengjie.org.cn -p 81:80 nginx:v0.1-20200201 d5d2b409cc0c20486a1d454d6b26fdc398dae93df9c128577c95fdbbc617d868 [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d5d2b409cc0c nginx:v0.1-20200201 "nginx" 8 seconds ago Up 7 seconds 443/tcp, 0.0.0.0:81->80/tcp nginx-web02 8e05fc399edd nginx:v0.1-20200201 "nginx" 51 minutes ago Up 51 minutes 0.0.0.0:80->80/tcp, 443/tcp nginx-web01 36315d1b0cb5 tomcat-app01:v0.1 "/yinzhengjie/softwa…" About an hour ago Up About an hour 8080/tcp, 8443/tcp tomcat-app01 [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-web02 bash [root@d5d2b409cc0c /]# [root@d5d2b409cc0c /]# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.2 www.yinzhengjie.org.cn 36315d1b0cb5 tomcat-app01 172.17.0.4 d5d2b409cc0c [root@d5d2b409cc0c /]# [root@d5d2b409cc0c /]# ping www.yinzhengjie.org.cn -c 3 PING www.yinzhengjie.org.cn (172.17.0.2) 56(84) bytes of data. 64 bytes from www.yinzhengjie.org.cn (172.17.0.2): icmp_seq=1 ttl=64 time=0.059 ms 64 bytes from www.yinzhengjie.org.cn (172.17.0.2): icmp_seq=2 ttl=64 time=0.100 ms 64 bytes from www.yinzhengjie.org.cn (172.17.0.2): icmp_seq=3 ttl=64 time=0.040 ms --- www.yinzhengjie.org.cn ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 0.040/0.066/0.100/0.025 ms [root@d5d2b409cc0c /]# [root@d5d2b409cc0c /]# exit exit [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]#
3>.修改nginx的配置文件
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-web02 bash [root@d5d2b409cc0c /]# [root@d5d2b409cc0c /]# vim /etc/nginx/nginx.conf [root@d5d2b409cc0c /]# [root@d5d2b409cc0c /]# cat /etc/nginx/nginx.conf user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; daemon off; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format my_access_json '{"@timestamp":"$time_iso8601",' '"host":"$server_addr",' '"clientip":"$remote_addr",' '"size":$body_bytes_sent,' '"responsetime":$request_time,' '"upstreamtime":"$upstream_response_time",' '"upstreamhost":"$upstream_addr",' '"http_host":"$host",' '"uri":"$uri",' '"domain":"$host",' '"xff":"$http_x_forwarded_for",' '"referer":"$http_referer",' '"tcp_xff":"$proxy_protocol_addr",' '"http_user_agent":"$http_user_agent",' '"status":"$status"}'; access_log /var/log/nginx/access_json.log my_access_json; sendfile on; keepalive_timeout 65; include mime.types; default_type text/html; charset utf-8; upstream tomcat { server www.yinzhengjie.org.cn:8080; } server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; location / { } location /app01 { proxy_pass http://tomcat; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } } [root@d5d2b409cc0c /]# [root@d5d2b409cc0c /]# exit exit [root@docker101.yinzhengjie.org.cn ~]# [root@docker101.yinzhengjie.org.cn ~]#