在Linux上,Docker操纵iptables提供网络隔离的规则。
# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since 日 2024-01-14 18:33:12 CST; 6s ago
Docs: https://docs.docker.com
Main PID: 17389 (dockerd)
Tasks: 70
Memory: 52.8M
CGroup: /system.slice/docker.service
├─17389 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
├─17542 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 13000 -container-ip 172.17.0.2 -container-port 13000
├─17558 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 19093 -container-ip 172.17.0.3 -container-port 19093
├─17584 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 19090 -container-ip 172.17.0.4 -container-port 19090
├─17608 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 18888 -container-ip 172.17.0.5 -container-port 18888
└─17650 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 18500 -container-ip 172.17.0.6 -container-port 18500
1月 14 18:33:11 localhost systemd[1]: Starting Docker Application Container Engine...
1月 14 18:33:12 localhost systemd[1]: Started Docker Application Container Engine.
网友评论