docker

sudo docker run -d \

--name=code-server1 \

-e PUID=1000 \

-e PGID=1000 \

-e TZ=China/Shanghai \

-e PASSWORD=8899 `#optional` \

-e HASHED_PASSWORD= `#optional` \

-e SUDO_PASSWORD=cwz `#optional` \

-e SUDO_PASSWORD_HASH= `#optional` \

-e PROXY_DOMAIN=code-server.my.domain `#optional` \

-p 33089:8443 \

-v /data/my-code:/config \

--restart unless-stopped \

linuxserver/code-server

sudo docker run -d \

--name=code-server \

-e PUID=1000 \

-e PGID=1000 \

-e TZ=China/Shanghai \

-e PASSWORD=8899 `#optional` \

-e HASHED_PASSWORD= `#optional` \

-e SUDO_PASSWORD=cwz `#optional` \

-e SUDO_PASSWORD_HASH= `#optional` \

-e PROXY_DOMAIN=code-server.my.domain `#optional` \

-p 33086:8443 \

-v /data/my-code:/config \

--restart unless-stopped \

linuxserver/code-server

apt-get install python3-pip

sudo pip3 install Django -i https://pypi.tuna.tsinghua.edu.cn/simple

http://172.17.0.3:38000/

sudo ifconfig enp14s0:1 192.168.8.33/24

sudo route add -net 10.50.251.0/24 enp14s0:1

sudo ip route add 19.50.108.0/24 via 10.50.251.254

sudo ip route add 192.168.10.0/24 via 10.50.251.254

sudo ifconfig enp14s0:1 192.168.8.33 broadcast 192.168.8.255 netmask 255.255.255.0 up

sudo route add -net 192.168.8.0/24 enp14s0:1

iptables -t nat -A PREROUTING -d 192.168.8.33 -p tcp --dport 38000 -j DNAT --to-destination 172.17.0.3:38000

iptables -t nat -A POSTROUTING -d 192.168.8.33 -p tcp --dport 38000 -j SNAT --to 172.17.0.3:38000

问题：如何对运行中的Docker容器进行端口映射？

sudo iptables -t nat -A DOCKER -p tcp --dport 38000 -j DNAT --to-destination 172.17.0.3:38000

sudo iptables -t nat -A POSTROUTING -j MASQUERADE -p tcp --source 172.17.0.3 --destination 172.17.0.3 --dport 38000

sudo iptables -A DOCKER -j ACCEPT -p tcp --destination 172.17.0.3 --dport 38000

将宿主的8082端口映射到172.17.0.5的80端口上去

iptables -t nat -A DOCKER ! -i docker0 -p tcp -m tcp --dport 8082 -j DNAT --to-destination 172.17.0.5:80

/var/lib/docker#iptables -t nat --list-rules
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P POSTROUTING ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.2/32 -d 172.17.0.2/32 -p tcp -m tcp --dport 8443 -j MASQUERADE
-A POSTROUTING -s 172.17.0.3/32 -d 172.17.0.3/32 -p tcp -m tcp --dport 8080 -j MASQUERADE
-A POSTROUTING -s 172.17.0.4/32 -d 172.17.0.4/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
-A POSTROUTING -s 172.17.0.4/32 -d 172.17.0.4/32 -p tcp -m tcp --dport 443 -j MASQUERADE
-A POSTROUTING -s 172.17.0.4/32 -d 172.17.0.4/32 -p tcp -m tcp --dport 3306 -j MASQUERADE
-A POSTROUTING -s 172.17.0.4/32 -d 172.17.0.4/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -s 172.17.0.7/32 -d 172.17.0.7/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -s 172.17.0.8/32 -d 172.17.0.8/32 -p tcp -m tcp --dport 8080 -j MASQUERADE
-A POSTROUTING -s 172.17.0.9/32 -d 172.17.0.9/32 -p tcp -m tcp --dport 9000 -j MASQUERADE
-A POSTROUTING -s 172.17.0.9/32 -d 172.17.0.9/32 -p tcp -m tcp --dport 8000 -j MASQUERADE
-A POSTROUTING -s 172.17.0.10/32 -d 172.17.0.10/32 -p tcp -m tcp --dport 5901 -j MASQUERADE
-A POSTROUTING -s 172.17.0.11/32 -d 172.17.0.11/32 -p tcp -m tcp --dport 5901 -j MASQUERADE
-A POSTROUTING -s 172.17.0.12/32 -d 172.17.0.12/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -s 172.17.0.12/32 -d 172.17.0.12/32 -p tcp -m tcp --dport 5900 -j MASQUERADE
-A POSTROUTING -s 172.17.0.5/32 -d 172.17.0.5/32 -p tcp -m tcp --dport 5900 -j MASQUERADE
-A POSTROUTING -s 172.17.0.5/32 -d 172.17.0.5/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -s 172.17.0.13/32 -d 172.17.0.13/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A POSTROUTING -s 172.17.0.13/32 -d 172.17.0.13/32 -p tcp -m tcp --dport 5900 -j MASQUERADE
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A DOCKER -i docker0 -j RETURN
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33086 -j DNAT --to-destination 172.17.0.2:8443
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33088 -j DNAT --to-destination 172.17.0.3:8080
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 39000 -j DNAT --to-destination 172.17.0.4:9000
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33443 -j DNAT --to-destination 172.17.0.4:443
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33306 -j DNAT --to-destination 172.17.0.4:3306
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33880 -j DNAT --to-destination 172.17.0.4:80
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33068 -j DNAT --to-destination 172.17.0.7:80
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33330 -j DNAT --to-destination 172.17.0.8:8080
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33999 -j DNAT --to-destination 172.17.0.9:9000
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 33888 -j DNAT --to-destination 172.17.0.9:8000
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35901 -j DNAT --to-destination 172.17.0.10:5901
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35902 -j DNAT --to-destination 172.17.0.11:5901
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35913 -j DNAT --to-destination 172.17.0.12:80
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35903 -j DNAT --to-destination 172.17.0.12:5900
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35906 -j DNAT --to-destination 172.17.0.5:5900
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 36091 -j DNAT --to-destination 172.17.0.5:80
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35941 -j DNAT --to-destination 172.17.0.13:80
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 35931 -j DNAT --to-destination 172.17.0.13:5900

docker run -it --name code-server -p 127.0.0.1:8080:8080 \

-v "$HOME/.config:/home/coder/.config" \

-v "$PWD:/home/coder/project" \

-u "$(id -u):$(id -g)" \

-e "DOCKER_USER=$USER" \

codercom/code-server:latest

posted @ 2021-08-17 10:26 githubcwz 阅读(57) 评论(0) 收藏举报

刷新页面返回顶部

githubcwz

docker

公告