docker搭建nginx很小,一般情况下,企业的web服务器都是宿主机上一个nginx,暴露80,443端口,内部代理docker的nginx,如果docker的nginx需要反向代理宿主机的服务,proxy_pass需要如何配置呢?
如果你熟悉docker的原理,那么这个问题就很简单,Docker容器运行的时候有host、bridge、none三种网络可供配置。默认是bridge,即桥接网络,以桥接模式连接到宿主机;host是宿主网络,即与宿主机共用网络;none则表示无网络,容器将无法联网。当容器使用host网络时,容器与宿主共用网络,这样就能在容器中访问宿主机网络,那么容器的localhost就是宿主机的localhost。
比较常见的请款是桥接,那么宿主机和docker会有两个网卡,eth0和docker0,docker0是容器之间的一个路由,eth0是宿主机的ip路由,两个路由可以直接通信,所以,只要找到宿主机的eth0网卡即可。
命令如下:
[root@nanshan-xiangyang trafic0211]
br-298016ab15d6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:cf:7c:0b:bd txqueuelen 0 (Ethernet)
RX packets 29454 bytes 138095116 (131.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29454 bytes 138095116 (131.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:6b:83:b3:0e txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.16.219.237 netmask 255.255.240.0 broadcast 172.16.223.255
ether 00:16:3e:08:d3:12 txqueuelen 1000 (Ethernet)
RX packets 3276848 bytes 1276118392 (1.1 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2810462 bytes 4018616706 (3.7 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
只要docker中把proxy_pass配置为172.16.219.237即可。
done!