关于linux:当容器内的进程只监听-127001-而不是-0000-宿主机可以使用-127001-访问资源吗

45次阅读

共计 1866 个字符,预计需要花费 5 分钟才能阅读完成。

前言:因为遇到了 docker+etcd 无奈近程拜访?这个问题,所以我要深刻探索一下


当容器内的过程只监听 127.0.0.1 而不是 0.0.0.0,宿主机能够应用 127.0.0.1 拜访资源吗?能够

当容器内的过程只监听 127.0.0.1 而不是 0.0.0.0,宿主机能够应用 网关调配的 ip 拜访资源吗?不能够

网关调配的 ip 指的是 192.168.x.1 这种


上面做一个试验

FROM python:3.10.10-bullseye 
RUN echo "deb http://mirrors.aliyun.com/debian/ bullseye main non-free contrib" > /etc/apt/sources.list

RUN apt-get update
RUN apt-get install -y vim netcat telnet less sysstat htop ncdu

RUN mkdir /code
WORKDIR /code

COPY requirements-dev.txt /code/
RUN pip install -r requirements-dev.txt -i https://mirror.baidu.com/pypi/simple

COPY requirements-prd.txt /code/
RUN pip install -r requirements-prd.txt -i https://mirror.baidu.com/pypi/simple


ADD . /code/

requirements-dev.txt

mycli
ipython
autopep8
psutil
glances
pylint

requirements-prd.txt

pymilvus==2.2.8
numpy 
pydantic<2.0.0
loguru 
requests 
pyyaml 
python-dotenv 
python-multipart  # Form data requires "python-multipart" to be installed.
cryptography
pymysql 
peewee 
oss2 
fastapi 
uvicorn 
psutil
dnspython==2.2.1

api.py

from fastapi import FastAPI, Form, Request
from loguru import logger
import uvicorn
from fastapi import FastAPI, Form, Depends, Request

app = FastAPI()


async def get_form(request: Request):
    form_data = await request.form()
    return dict(form_data)


@app.post('/search')
def search_reverse(
    request: Request,
    form_data: dict = Depends(get_form),
    max_chunk_size: int = Form(1200, description='分批查问 milvus,每个查问批次的向量个数'),
    search_top_k: int = Form(default=30, description='搜寻 milvus 的时候,返回的最类似的 N 个后果'),
    distance_threshold: float = Form(0.32, description='间隔下限(间隔应用 L2 欧氏间隔掂量,越靠近 0 越类似),但 milvus 的搜寻后果返回后,抛弃大于该值的向量搜寻后果')
):
    form_dict = dict(form_data)
    logger.debug(form_dict)


if __name__ == "__main__":
    uvicorn.run(
        app='api:app',
        host="127.0.0.1",
        port=9950,
        workers=1,
        reload=True
    )

打包镜像

docker build -t "ponponon/fastapi_example" .

运行镜像

docker run -p 9950:9950 --rm -it ponponon/fastapi_example python api.py

应用 nc 命令探测端口是否凋谢

─➤  nc -zv 192.168.2.15 9950                                                                         130 ↵
nc: connect to 192.168.2.15 port 9950 (tcp) failed: Connection refused
─➤  nc -zv 127.0.0.1 9950                                                                              1 ↵
Connection to 127.0.0.1 9950 port [tcp/*] succeeded!

正文完
 0