- TCP port 2376:
- This port is used for secure Docker client communication.
- This port is required for Docker Machine to work.
- Docker Machine is used to orchestrate Docker hosts.
- TCP port 2377
- This port is used for communication between the nodes of a Docker Swarm or cluster.
- It only needs to be opened on manager nodes.
- TCP and UDP port 7946
- This port is used for communication among nodes (container network discovery).
- UDP port 4789
- This port is used for overlay network traffic (container ingress networking).
- If overlay network is created with encryption (--opt encrypted)
- It's required that ip protocol 50 (ESP) traffic is allowed.
如何enable/disable ip protocol 50:
$ sudo iptables -A INPUT -p esp -j ACCEPT
$ sudo iptables -A OUTPUT -p esp -j ACCEPT
注意esp是protocol,它没有tcp/udp里面的端口概念,例如你指定:
$ sudo iptables -A INPUT -p esp --dport <port> -j ACCEPT
命令行会直接报语法错误,--dport不支持。
网友评论