ICode9
精准搜索请尝试: 精确搜索
首页
编程语言>
数据库
系统相关
互联网
其他分享
Python
Java
JavaScript
android
PHP
首页 > 互联网> 文章详细

Docker 容器内访问宿主机的问题

2024-05-30 11:55:20  阅读:550  来源: 互联网

标签:


想使用node_exporter监控,但端口不想暴露在公网(开启 ufw),如果想让prometheus容器访问宿主机localhost:9100 应该怎么做

  • prometheus容器的 docker 初始化代码:

    docker run -d -p 127.0.0.1:9090:9090 \ # 不暴露在公网不能改
  -v /storage/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
  --restart=always \
  --name=prometheus \
  --net=prometheus-bridge \ # 不能改, 因为有很多容器都在这个网桥内
  --ip 172.18.0.2 \	# 不能改
  prom/prometheus

  • 这个是node_exporter的代码,本来也加上了prometheus-bridge, 但这样就无法监控宿主机网络流量了 如果想监控宿主机网络流量必须使用network_mode:host 但是 host 无法与bridge一起用(默认端口0.0.0.0:9100)

    version: '3.8'

services:
  node_exporter:
    image: quay.io/prometheus/node-exporter:latest
    container_name: node_exporter
    command:
      - '--path.rootfs=/host'
    network_mode: host
    pid: host
    restart: unless-stopped
    volumes:
      - '/:/host:ro,rslave'

  • /storage/prometheus/prometheus.yml 这是当前的配置文件,不想把node_exporter暴露在公网 使用了ufw enable 防止外部访问

    - job_name: node-exporter
  static_configs:
    - targets: ['公网 IP:9100']	# 这个是当前的配置文件用的公网,想改成内网访问

  • 尝试过使用host.docker.internal:9100 但是开了防火墙后无法访问?

    容器内部要想使用宿主机的服务器,可以使用 host.docker.internal:host-gateway 映射的方式来解决:
    1. 命令行启动
    --add-host=host.docker.internal:host-gateway
    2. compose file (注意,在 build 时不支持)
    extra_hosts:
    - "host.docker.internal:host-gateway"
    3. 在容器内可以通过 host.docker.internal 来访问宿主机的 127.0.0.1

    prometheus 配置:
    ```
    docker run -d -p 127.0.0.1:9090:9090 \
    -v /storage/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
    --add-host=host.docker.internal:host-gateway \
    --restart=always \
    --name=prometheus \
    --net=prometheus-bridge \
    --ip 172.18.0.2 \
    prom/prometheus
    ```

    node_exporter 配置:
    ```
    version: '3.8'

    services:
    node_exporter:
    image: quay.io/prometheus/node-exporter:latest
    container_name: node_exporter
    command:
    - '--path.rootfs=/host'
    network_mode: host
    pid: host
    restart: unless-stopped
    volumes:
    - '/:/host:ro,rslave'
    ```

    网桥信息:
    ```
    root@it7:~# docker inspect prometheus-bridge
    [
    {
    "Name": "prometheus-bridge",
    "Id": "9db3ba11ccefb523a85ef3713777c780c49f0bf64f6065dd7bbd0d77d45da612",
    "Created": "2024-05-17T15:56:49.735352162+08:00",
    "Scope": "local",
    "Driver": "bridge",
    "EnableIPv6": false,
    "IPAM": {
    "Driver": "default",
    "Options": {},
    "Config": [
    {
    "Subnet": "172.18.0.0/24",
    "Gateway": "172.18.0.1"
    }
    ]
    },
    "Internal": false,
    "Attachable": false,
    "Ingress": false,
    "ConfigFrom": {
    "Network": ""
    },
    "ConfigOnly": false,
    "Containers": {
    "028e10760ce3a47680d4b9b0c7bce38ecfb7e8588be860d5523ab93dcbc8b5ae": {
    "Name": "prometheus",
    "EndpointID": "c5675e399cf1e0fe1e843a9995e31836ab21de23db25c8bfdd54ba9197d28405",
    "MacAddress": "02:42:ac:12:00:02",
    "IPv4Address": "172.18.0.2/24",
    "IPv6Address": ""
    },
    "29b6830a07165ac45fb176e48a14b4b31e4f1925c9b580c4528c836a5978dd3c": {
    "Name": "xxx",
    "EndpointID": "52acddb87f3515af70c39d38784dbef7dd0506ce94881410cddfdbdea04bb6f5",
    "MacAddress": "02:42:ac:12:00:04",
    "IPv4Address": "172.18.0.4/24",
    "IPv6Address": ""
    },
    "70edf1712821c9efd62dbb57f15f78329923409ac874157bc07b547535062478": {
    "Name": "xxx",
    "EndpointID": "dd32442417a928a22477c587dc9cecebb6162ee1b93b748310e57109f341ebca",
    "MacAddress": "02:42:ac:12:00:03",
    "IPv4Address": "172.18.0.3/24",
    "IPv6Address": ""
    },
    "eddd3efc96103784a7a5e961b988d56503131eefdd934657532441edf75b15d7": {
    "Name": "xxx",
    "EndpointID": "255eb88cb2e8706383f4aabc4d7be8de7cc9916929ddb71480b541d4c4399a5e",
    "MacAddress": "02:42:ac:12:00:05",
    "IPv4Address": "172.18.0.5/24",
    "IPv6Address": ""
    }
    },
    "Options": {},
    "Labels": {}
    }
    ]
    ```

    docker 版本:
    ```
    root@it7:~# docker version
    Client: Docker Engine - Community
    Version: 26.1.3
    API version: 1.45
    Go version: go1.21.10
    Git commit: b72abbb
    Built: Thu May 16 08:33:29 2024
    OS/Arch: linux/amd64
    Context: default

    Server: Docker Engine - Community
    Engine:
    Version: 26.1.3
    API version: 1.45 (minimum version 1.24)
    Go version: go1.21.10
    Git commit: 8e96db1
    Built: Thu May 16 08:33:29 2024
    OS/Arch: linux/amd64
    Experimental: false
    containerd:
    Version: 1.6.31
    GitCommit: e377cd56a71523140ca6ae87e30244719194a521
    runc:
    Version: 1.1.12
    GitCommit: v1.1.12-0-g51d5e94
    docker-init:
    Version: 0.19.0
    GitCommit: de40ad0
    root@it7:~#
    ```

标签:
来源:

本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享;
2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关;
3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关;
4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除;
5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

关于我们 | 联系我们 | 留言反馈

专注分享技术,共同学习,共同进步。侵权联系[81616952@qq.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有