docker ps -a看下旧的版本docker还在不在跑,如果在的话stop一下,不然端口还被占用。
如果不在了,看下新版本的端口映射打开了没有,docker ps 命令应该会展示port信息。如果没有,可以配置一下端口映射。
也可以用ss -antp | grep LIST命令看一下8080端口有没有进程在监听。如果有,可以看下是不是docker进程。如果是可以尝试下curl 127.0.0.1:8080看下有没有返回啥信息。
Discussion
docker里面创建两个容器,cloudflare和另一个容器端口通信,建立防火墙关系嘛?关键是之前2.1.4之前那个版本直接建立的通信,运行起来了。
防火墙默认的iptables没动过。
LISTEN 0 4096 [::]:8080 [::]:* users:(("docker-proxy",pid=140718,fd=4))
LISTEN 0 4096 0.0.0.0:8080 0.0.0.0:* users:(("docker-proxy",pid=140705,fd=4))
其他教程建议
sudo ufw status
inactive
sudo iptables -L
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:9443
ACCEPT tcp -- anywhere 172.17.0.2 tcp dpt:8000
ACCEPT tcp -- anywhere 172.17.0.3 tcp dpt:http-alt
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere ,其中172.17.0.3是都docker里面的cloudflared,9443是portainer端口
502 bad gateway.