根据https://docs.docker.com/compose/compose-file/#links的说明,如果我在links
中的docker-compose
下指定另一个服务的名称,则应该能够以与该服务名称相同的主机名访问该服务。
为了测试这一点,我尝试了以下docker-compose.yml
:
version: '3'
services:
tor:
build: ./tor
use_tor:
build: ./use_tor
links:
- tor
其中
tor
和use_tor
目录包含Dockerfile
:.
├── docker-compose.yml
├── tor
│ └── Dockerfile
└── use_tor
└── Dockerfile
对于
tor
:FROM alpine:latest
EXPOSE 9050
RUN apk --update add tor
CMD ["tor"]
和
use_tor
:FROM alpine:latest
CMD ["nc", "-z", "tor", "9050"]
但是,如果我先执行
docker-compose build
,再执行docker-compose up
,则从日志中可以看到use_tor
服务以状态代码1退出:Starting scrapercompose_tor_1
Recreating scrapercompose_use_tor_1
Attaching to scrapercompose_tor_1, scrapercompose_use_tor_1
tor_1 | May 02 15:36:34.123 [notice] Tor v0.2.8.12 running on Linux with Libevent 2.0.22-stable, OpenSSL LibreSSL 2.4.4 and Zlib 1.2.8.
tor_1 | May 02 15:36:34.123 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
tor_1 | May 02 15:36:34.123 [notice] Configuration file "/etc/tor/torrc" not present, using reasonable defaults.
tor_1 | May 02 15:36:34.129 [notice] Opening Socks listener on 127.0.0.1:9050
tor_1 | May 02 15:36:34.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
tor_1 | May 02 15:36:34.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
tor_1 | May 02 15:36:34.000 [warn] You are running Tor as root. You don't need to, and you probably shouldn't.
tor_1 | May 02 15:36:34.000 [notice] We were built to run on a 64-bit CPU, with OpenSSL 1.0.1 or later, but with a version of OpenSSL that apparently lacks accelerated support for the NIST P-224 and P-256 groups. Building openssl with such support (using the enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH much faster.
tor_1 | May 02 15:36:34.000 [notice] Bootstrapped 0%: Starting
scrapercompose_use_tor_1 exited with code 1
tor_1 | May 02 15:36:35.000 [notice] Bootstrapped 80%: Connecting to the Tor network
tor_1 | May 02 15:36:36.000 [notice] Bootstrapped 85%: Finishing handshake with first hop
tor_1 | May 02 15:36:36.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
tor_1 | May 02 15:36:36.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.
tor_1 | May 02 15:36:36.000 [notice] Bootstrapped 100%: Done
显然,命令
nc -z tor 9050
在0
容器上未返回预期的状态码use_tor
。但是,在我看来这应该可行。例如,如果我修改tor
服务以如下方式将容器上的端口9050
映射到主机,services:
tor:
build: ./tor
ports:
- "9050:9050"
然后在我的普通终端中,我确实看到
nc -z localhost 9050
产生了0
的退出代码:kurt@kurt-ThinkPad:~$ nc -z localhost 9050
kurt@kurt-ThinkPad:~$ echo $?
0
简而言之,在端口映射之后,我希望主机名
tor
在主机上的行为类似于localhost
,但这似乎并非如此。为什么这不起作用?
最佳答案
这个问题使我一度困惑。尽管我克隆了此示例,但无法获得解决方案。根据docker docs
The
EXPOSE
instruction informs Docker that the container listens on the specified network ports at runtime. EXPOSE does not make the ports of the container accessible to the host. To do that, you must use either the -p flag to publish a range of ports or the -P flag to publish all of the exposed ports. You can expose one port number and publish it externally under another number.
所以我认为这可能是因为Tor服务运行在127.0.0.1而不是0.0.0.0上(对于它们之间的差异,您可以看起来here)
tor_1 | May 02 15:36:34.129 [notice] Opening Socks listener on 127.0.0.1:9050
它可以通过终端访问,这是因为
ports
中的docker-compose.yml
参数与-p
参数相同。总而言之,如果tor服务侦听
0.0.0.0
,则它应该可以按预期工作。
关于bash - 如何在docker-compose中到达链接服务?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43742269/