docker开放的端口_Docker 开启2375端口，提供外部访问docker

1、编辑docker.service

# vim /usr/lib/systemd/system/docker.service

在 ExecStart=/usr/bin/dockerd-current 后 增加

-H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

2、重启docker，重新读取配置文件，重新启动docker服务

# systemctl daemon-reload

# systemctl restart docker

[root@docker-servers ~]# systemctl daemon-reload

[root@docker-servers ~]#

[root@docker-servers ~]#

[root@docker-servers ~]# systemctl stop docker

[root@docker-servers ~]#

[root@docker-servers ~]#

[root@docker-servers ~]# systemctl start docker

[root@docker-servers ~]# netstat -tunlp | grep 2375tcp0 0 :::2375 :::* LISTEN 4046/dockerd-curren

3、开放防火墙端口

# firewall-cmd --add-port=2375/tcp

# firewall-cmd --add-port=2375/tcp --permanent

[root@localhost ~]# firewall-cmd --add-port=2375/tcp

success

[root@localhost~]#

[root@localhost~]# firewall-cmd --add-port=2375/tcp --permanent

success

4、附上docker.service文件

Docker version 1.13.1

[root@docker-servers ~]# docker -v

Docker version1.13.1, build 7f2769b/1.13.1[root@docker-servers ~]#

[root@docker-servers ~]#

[root@docker-servers ~]# cat /usr/lib/systemd/system/docker.service

[Unit]

Description=Docker Application Container Engine

Documentation=http://docs.docker.com

After=network.target

Wants=docker-storage-setup.service

Requires=docker-cleanup.timer

[Service]

Type=notify

NotifyAccess=main

EnvironmentFile=-/run/containers/registries.conf

EnvironmentFile=-/etc/sysconfig/docker

EnvironmentFile=-/etc/sysconfig/docker-storage

EnvironmentFile=-/etc/sysconfig/docker-network

Environment=GOTRACEBACK=crash

Environment=DOCKER_HTTP_HOST_COMPAT=1Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock \

--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \--default-runtime=docker-runc \--exec-opt native.cgroupdriver=systemd \--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \--init-path=/usr/libexec/docker/docker-init-current \--seccomp-profile=/etc/docker/seccomp.json \

$OPTIONS \

$DOCKER_STORAGE_OPTIONS \

$DOCKER_NETWORK_OPTIONS \

$ADD_REGISTRY \

$BLOCK_REGISTRY \

$INSECURE_REGISTRY \

$REGISTRIES

ExecReload=/bin/kill -s HUP $MAINPID

LimitNOFILE=1048576LimitNPROC=1048576LimitCORE=infinity

TimeoutStartSec=0Restart=on-abnormal

KillMode=process

[Install]

WantedBy=multi-user.target

原文件如下：

[Unit]

Description=Docker Application Container Engine

Documentation=http://docs.docker.com

After=network.target

Wants=docker-storage-setup.service

Requires=docker-cleanup.timer

[Service]

Type=notify

NotifyAccess=main

EnvironmentFile=-/run/containers/registries.conf

EnvironmentFile=-/etc/sysconfig/docker

EnvironmentFile=-/etc/sysconfig/docker-storage

EnvironmentFile=-/etc/sysconfig/docker-network

Environment=GOTRACEBACK=crash

Environment=DOCKER_HTTP_HOST_COMPAT=1Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin

ExecStart=/usr/bin/dockerd-current \--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \--default-runtime=docker-runc \--exec-opt native.cgroupdriver=systemd \--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \--init-path=/usr/libexec/docker/docker-init-current \--seccomp-profile=/etc/docker/seccomp.json \

$OPTIONS \

$DOCKER_STORAGE_OPTIONS \

$DOCKER_NETWORK_OPTIONS \

$ADD_REGISTRY \

$BLOCK_REGISTRY \

$INSECURE_REGISTRY \

$REGISTRIES

ExecReload=/bin/kill -s HUP $MAINPID

LimitNOFILE=1048576LimitNPROC=1048576LimitCORE=infinity

TimeoutStartSec=0Restart=on-abnormal

KillMode=process

[Install]

WantedBy=multi-user.target

Docker version 19.03.12

[root@localhost ~]# docker -v

Docker version19.03.12, build 48a66213fe

[root@localhost~]# cat /usr/lib/systemd/system/docker.service

[Unit]

Description=Docker Application Container Engine

Documentation=https://docs.docker.com

BindsTo=containerd.service

After=network-online.target firewalld.service containerd.service

Wants=network-online.target

Requires=docker.socket

[Service]

Type=notify

# the default is not to use systemdforcgroups because the delegate issues still

# exists and systemd currently does not support the cgroup feature set required

#forcontainers run by docker

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

ExecReload=/bin/kill -s HUP $MAINPID

TimeoutSec=0RestartSec=2Restart=always

# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.

# Both the old, and new location are accepted by systemd229and up, so using the old location

# tomake them work foreither version of systemd.

StartLimitBurst=3# Note that StartLimitInterval was renamed to StartLimitIntervalSecin systemd 230.

# Both the old, and new name are accepted by systemd230 and up, so using the old name to make# this option workforeither version of systemd.

StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead

#in the kernel. We recommend using cgroups to do container-local accounting.

LimitNOFILE=infinity

LimitNPROC=infinity

LimitCORE=infinity

# Comment TasksMaxifyour systemd version does not support it.

# Only systemd226and above support this option.

TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers

Delegate=yes

#kill only the docker process, not all processes inthe cgroup

KillMode=process

[Install]

WantedBy=multi-user.target

原文件如下：

[Unit]

Description=Docker Application Container Engine

Documentation=https://docs.docker.com

BindsTo=containerd.service

After=network-online.target firewalld.service containerd.service

Wants=network-online.target

Requires=docker.socket

[Service]

Type=notify

# the default is not to use systemdforcgroups because the delegate issues still

# exists and systemd currently does not support the cgroup feature set required

#forcontainers run by docker

ExecStart=/usr/bin/dockerd -H fd://--containerd=/run/containerd/containerd.sock

ExecReload=/bin/kill -s HUP $MAINPID

TimeoutSec=0RestartSec=2Restart=always

# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.

# Both the old, and new location are accepted by systemd229and up, so using the old location

# tomake them work foreither version of systemd.

StartLimitBurst=3# Note that StartLimitInterval was renamed to StartLimitIntervalSecin systemd 230.

# Both the old, and new name are accepted by systemd230 and up, so using the old name to make# this option workforeither version of systemd.

StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead

#in the kernel. We recommend using cgroups to do container-local accounting.

LimitNOFILE=infinity

LimitNPROC=infinity

LimitCORE=infinity

# Comment TasksMaxifyour systemd version does not support it.

# Only systemd226and above support this option.

TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers

Delegate=yes

#kill only the docker process, not all processes inthe cgroup

KillMode=process

[Install]

WantedBy=multi-user.target

参考博客：

https://blog.csdn.net/qq_19734597/article/details/90633108