Which ports are temporarily used for docker startup?

Docker is a popular virtualization technology that helps users quickly build, deploy and manage applications. When using Docker, we will find that Docker will occupy some ports. What are these ports specifically? This article will introduce which ports are temporarily used during Docker startup and provide a detailed explanation of the role of each port.

1. 2375 port

2375 port is Docker’s default REST API port, which is mainly used to communicate with the Docker daemon. Through this port, we can use various programming languages ​​and tools to interact with Docker, such as Docker command line tools, Docker Compose, Docker Swarm, etc.

However, it should be noted that since port 2375 is not encrypted, it should not be exposed to the public network. If the Docker API needs to be accessible externally, it is recommended to encrypt it using the TLS (Transport Layer Security) protocol, or use a Docker API proxy to protect the API endpoint.

2. 2376 port

The 2376 port is also Docker’s port for the REST API, but this port has been TLS encrypted, so it can be used safely on the public network. If you need to open the Docker API to external access, it is recommended to use this port or forward it.

It should be noted that although port 2376 has encryption function, it still needs to be configured securely. You can protect your data by generating certificates and private keys, or use a proxy server to secure your Docker API.

3. 4789 port

4789 port is the default port of the Docker Overlay network and is used to support communication between containers. In Docker Swarm, the Overlay network is a method of building connections between multiple nodes, which enables container expansion and load balancing between nodes.

It should be noted that because the Overlay network needs to use VXLAN virtualization technology, the Docker daemon needs to occupy additional UDP 4789 port. If you are using an overlay network, it is best to use a separate physical switch to extend the network to reduce the impact of network latency and congestion.

4. 7946 Port

The 7946 port is used by Docker Swarm for container communication based on the IP protocol, which enables container expansion and load balancing between nodes. In Docker Swarm, containers are usually grouped into services, and services can run across multiple Docker hosts. Each host has an instance to handle service requests from other nodes. This instance requires communication over port 7946.

It should be noted that if you are using an external load balancer to manage the service, please ensure that port 7946 is opened on the load balancer so that the service nodes can communicate with each other.

5. Other ephemeral ports

In addition to the above ports, Docker may also use some other ports, which depend on the application you are running. For example, if your container needs to use a web server, then Docker will open HTTP/HTTPS ports (usually 80 and 443) inside the container to communicate with the client.

When using Docker, you can use the following command to see which ports are in use:

docker port [CONTAINER ID/NAME]

Summary

This article introduces the ports that are commonly used during the Docker startup process , including REST API ports (2375 and 2376), Overlay network port (4789) and container communication port (7946). Understanding these ports can help you better manage and secure your Docker applications. It is important to note that in addition to these ports, Docker may use other ports depending on the application you are running.

The above is the detailed content of Which ports are temporarily used for docker startup?. For more information, please follow other related articles on the PHP Chinese website!