问题描述
我有一个应用程序,其唯一依赖项是烧瓶,它在 docker 外部运行良好并绑定到默认端口 5000.这是完整的来源:
I have an app whose only dependency is flask, which runs fine outside docker and binds to the default port 5000. Here is the full source:
from flask import Flask
app = Flask(__name__)
app.debug = True
@app.route('/')
def main():
return 'hi'
if __name__ == '__main__':
app.run()
问题是当我在 docker 中部署它时,服务器正在运行但无法从容器外部访问.
The problem is that when I deploy this in docker, the server is running but is unreachable from outside the container.
下面是我的 Dockerfile.该图像是安装了烧瓶的 ubuntu.tar 只包含上面列出的 index.py;
Below is my Dockerfile. The image is ubuntu with flask installed. The tar just contains the index.py listed above;
# Dockerfile
FROM dreen/flask
MAINTAINER dreen
WORKDIR /srv
# Get source
RUN mkdir -p /srv
COPY perfektimprezy.tar.gz /srv/perfektimprezy.tar.gz
RUN tar x -f perfektimprezy.tar.gz
RUN rm perfektimprezy.tar.gz
# Run server
EXPOSE 5000
CMD ["python", "index.py"]
这是我正在执行的部署步骤
Here are the steps I am doing to deploy
<代码>$>sudo docker build -t perfektimprezy .
据我所知,上面运行良好,图像在 /srv 中有 tar 的内容.现在,让我们在容器中启动服务器:
As far as I know the above runs fine, the image has the contents of the tar in /srv. Now, let's start the server in a container:
$> sudo docker run -i -p 5000:5000 -d perfektimprezy
1c50b67d45b1a4feade72276394811c8399b1b95692e0914ee72b103ff54c769
它真的在运行吗?
$> sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1c50b67d45b1 perfektimprezy:latest "python index.py" 5 seconds ago Up 5 seconds 0.0.0.0:5000->5000/tcp loving_wozniak
$> sudo docker logs 1c50b67d45b1
* Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
* Restarting with stat
是的,似乎烧瓶服务器正在运行.这就是奇怪的地方.让我们向服务器发出请求:
Yep, seems like the flask server is running. Here is where it gets weird. Lets make a request to the server:
$> curl 127.0.0.1:5000 -v
* Rebuilt URL to: 127.0.0.1:5000/
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 5000 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: 127.0.0.1:5000
> Accept: */*
>
* Empty reply from server
* Connection #0 to host 127.0.0.1 left intact
curl: (52) Empty reply from server
空回复...但是进程正在运行吗?
Empty reply... But is the process running?
$> sudo docker top 1c50b67d45b1
UID PID PPID C STIME TTY TIME CMD
root 2084 812 0 10:26 ? 00:00:00 python index.py
root 2117 2084 0 10:26 ? 00:00:00 /usr/bin/python index.py
现在让我们通过 ssh 进入服务器并检查...
Now let's ssh into the server and check...
$> sudo docker exec -it 1c50b67d45b1 bash
root@1c50b67d45b1:/srv# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:47677 127.0.0.1:5000 TIME_WAIT
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
root@1c50b67d45b1:/srv# curl -I 127.0.0.1:5000
HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 5447
Server: Werkzeug/0.10.4 Python/2.7.6
Date: Tue, 19 May 2015 12:18:14 GMT
没关系...但不是从外面.
我做错了什么?
It's fine... But not from the outside.
What am I doing wrong?
推荐答案
问题是你只是绑定到 localhost 接口,如果你想让容器绑定到 0.0.0.0可从外部访问.如果你改变:
The problem is you are only binding to the localhost interface, you should be binding to 0.0.0.0 if you want the container to be accessible from outside. If you change:
if __name__ == '__main__':
app.run()
到
if __name__ == '__main__':
app.run(host='0.0.0.0')
它应该可以工作.
请注意,这将绑定到主机上的所有接口,这在某些情况下可能存在安全风险 - 请参阅 https://stackoverflow.com/a/58138250/4332 了解有关绑定到特定接口的更多信息.
Note that this will bind to all interfaces on the host, which may in some circumstances be a security risk - see https://stackoverflow.com/a/58138250/4332 for more information on binding to a specific interface.
这篇关于在 docker 中部署一个最小的烧瓶应用程序 - 服务器连接问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!