search

Home  >  Q&A  >  body text

docker - 容器删除后,主机映射给容器的端口为何并立即未回收利用?

新建容器时映射某些端口,如下:

docker run -d -p 22 -p 80 ubuntu /usr/sbin/sshd -D

主机将自动给容器的22和80映射两个端口,如:
0.0.0.0:49155->22/tcp, 0.0.0.0:49156->80/tcp
当该容器停止并且删除后,49155和49156这两个主机端口应该被释放,留给新的容器使用,但实际此时再新建容器映射端口发现,这两并未使用,而是系统自动分配这俩端口后面新的端口,比如49157...
只有docker服务重启后原来空出来的端口才会被分配。在三台不同的docker主机上做实验都是如此,貌似不是我配置的问题,不知大家的环境如何?求解!

阿神阿神2774 days ago894

reply all(1)I'll reply

  • 天蓬老师

    天蓬老师2017-04-21 10:57:34

    You can know by viewing the source codedocker / runtime / networkdriver / portallocator / portallocator.go Docker's dynamic range port is from 49153-65535

    const (
        BeginPortRange = 49153
        EndPortRange   = 65535
    )
    

    The way to allocate ports is in increasing order. After reaching the maximum value, the cycle starts from the beginning

    func nextPort(proto string) int {
        c := currentDynamicPort[proto] + 1
        if c > EndPortRange {
            c = BeginPortRange
        }
        currentDynamicPort[proto] = c
        return c
    }
    

    When the container is destroyed, the port will be released

    func ReleasePort(ip net.IP, proto string, port int) error {
        .......
    
        allocated := defaultAllocatedPorts[proto]
        allocated.Remove(port)
    
        .......
    }
    

    Exception. findNextPort方法从nexPort方法返回的值中,挑一个没被使用的,如果找一圈没找到,抛出ErrAllPortsAllocated

    func findNextPort(proto string, allocated *collections.OrderedIntSet) (int, error) {
        port := nextPort(proto)
        startSearchPort := port
        for allocated.Exists(port) {
            port = nextPort(proto)
            if startSearchPort == port {
                return 0, ErrAllPortsAllocated
            }
        }
        return port, nil
    }
    

    To sum up, the port has actually been released, but will not be used again immediately unless the port resources are very tight.

    So what you see is normal, don’t worry (provided you need to use version v0.10 or above).
    The feature of recycling ports was added in version v0.10. If it is lower than this version, after the port number reaches
    , you can only restart DockerEndPortRange

    Reference: https://github.com/dotcloud/docker/pull/4949

    reply
    0
  • Cancelreply