CentOS7 Docker 端口映射

一、安装RabbitMQ

[root@localhost ~]# docker ps
CONTAINER ID   IMAGE             COMMAND                  CREATED      STATUS         PORTS                                                                                                                                      NAMES
77926c97d516   rabbitmq:latest   "docker-entrypoint.s…"   8 days ago   Up 4 seconds   4369/tcp, 0.0.0.0:5672->5672/tcp, :::5672->5672/tcp, 5671/tcp, 15691-15692/tcp, 25672/tcp, 0.0.0.0:15672->15672/tcp, :::15672->15672/tcp   rabbitmq

二、防火墙放开端口

firewall-cmd --zone=public --add-port=15672/tcp --permanent

三、发现访问不通

# 宿主机-物理机
C:\Users\xiaxinyu3>telnet 192.168.163.137 15672
Connecting To 192.168.163.137...Could not open connection to the host, on port 15672: Connect failed

四、ifconfig发现docker用的是docker0网卡

[root@localhost ~]# ip addr
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:fc:f5:d7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.163.137/24 brd 192.168.163.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::9558:eab:87fc:cc8e/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: docker0:  mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:fb:1f:63:85 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:fbff:fe1f:6385/64 scope link
       valid_lft forever preferred_lft forever
5: veth3b2615d@if4:  mtu 1500 qdisc noqueue master docker0 state UP group default
    link/ether 9e:0e:d0:2a:09:08 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::9c0e:d0ff:fe2a:908/64 scope link
       valid_lft forever preferred_lft forever
9: veth7c88cb2@if8:  mtu 1500 qdisc noqueue master docker0 state UP group default
    link/ether d2:6b:be:ad:ae:57 brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::d06b:beff:fead:ae57/64 scope link
       valid_lft forever preferred_lft forever
11: veth7de00a6@if10:  mtu 1500 qdisc noqueue master docker0 state UP group default
    link/ether 22:57:5c:6d:84:2f brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::2057:5cff:fe6d:842f/64 scope link
       valid_lft forever preferred_lft forever

五、解决：把docker0网卡添加到trusted域

[root@localhost ~]# firewall-cmd --permanent --zone=trusted --change-interface=docker0
success


# 剔除方法
[root@localhost ~]# firewall-cmd --zone=trusted --remove-interface=docker0
success

六、重启加载配置

[root@localhost ~]# firewall-cmd --reload
success

七、重启docker服务

[root@localhost ~]# systemctl restart docker

八、Docker启动问题

ERROR: ZONE_CONFLICT: 'docker0' already bound to a zone

1.检查firewall-cmd中是否存在docker zone 

 firewall-cmd --get-active-zones

2 .如果“docker”区域可用，将接口更改为 docker0（非持久化）

sudo firewall-cmd --zone=docker --change-interface=docker0

3.如果“docker”区域可用，请将接口更改为 docker0（持久化）

sudo firewall-cmd --permanent --zone=docker --change-interface=docker0 

sudo systemctl restart firewalld

4 启动docker 

systemctl  start  docker

systemctl  status  docker