Use system's ephemeral port range for port allocation

Read `/proc/sys/net/ipv4/ip_local_port_range` kernel parameter to obtain
ephemeral port range that now sets the boundaries of port allocator
which finds free host ports for those exported by containers.

Signed-off-by: Michal Minar <miminar@redhat.com>
This commit is contained in:
Michal Minar 2015-01-21 13:40:59 +01:00 committed by Tibor Vass
parent 0be893a352
commit 6098d0f443
1 changed files with 5 additions and 4 deletions

View File

@ -651,10 +651,11 @@ developer, the operator has three choices: start the server container
with `-P` or `-p,` or start the client container with `--link`. with `-P` or `-p,` or start the client container with `--link`.
If the operator uses `-P` or `-p` then Docker will make the exposed port If the operator uses `-P` or `-p` then Docker will make the exposed port
accessible on the host and the ports will be available to any client accessible on the host and the ports will be available to any client that can
that can reach the host. When using `-P`, Docker will bind the exposed reach the host. When using `-P`, Docker will bind the exposed port to a random
ports to a random port on the host between 49153 and 65535. To find the port on the host within an *ephemeral port range* defined by
mapping between the host ports and the exposed ports, use `docker port`. `/proc/sys/net/ipv4/ip_local_port_range`. To find the mapping between the host
ports and the exposed ports, use `docker port`.
If the operator uses `--link` when starting the new client container, If the operator uses `--link` when starting the new client container,
then the client container can access the exposed port via a private then the client container can access the exposed port via a private