转自公众号投稿:https://mp.weixin.qq.com/s/F85u7Zs2Zc6Vk9RG73D72w
问题引入:在一个已启动了N多个容器Linux操作系统的宿主机上,新启动一个映射到宿主机端口号为portM的容器时,提示端口被占用。如何通过已占用的端口号找到占用端口的容器?!
向来,喜欢提供2中方法~
方法1:啰嗦一点,向上使用逐级查找到使用该端口号的容器ID
分析步骤:
1)根据提示占用的端口号portM找到占用端口号的进程,例如:查找占用443端口号的进程
[root@paas-controller-9999103:~]$ lsof -i :443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 5579 root 8u IPv4 9317509 0t0 TCP *:https (LISTEN)
nginx 5588 nobody 8u IPv4 9317509 0t0 TCP *:https (LISTEN)
2)根据PID查找到使用的程序
[root@paas-controller-9999103:~]$ ps -ef|grep 5579
root 5579 35512 0 16:07 pts/0 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 5588 5579 0 16:07 pts/0 00:00:00 nginx: worker process
root 10236 3984 0 16:08 pts/1 00:00:00 grep --color=auto 5579
3)根据2)中的PID查找到使用父进程PPID的程序
[root@paas-controller-9999103:~]$ ps -ef|grep 35512
root 1282 35512 0 16:04 ? 00:00:00 jsvc.exec -user dcm -cp /usr/local/kvm/external/apache-tomcat/bin/bootstrap.jar:/usr/local/kvm/external/apache-tomcat/bin/tomcat-juli.jar:/usr/local/kvm/external/apache-tomcat/bin/commons-daemon.jar -Dcatalina.home=/usr/local/kvm/external/apache-tomcat -Dcatalina.base=/usr/local/kvm/external/apache-tomcat -outfile /usr/local/kvm/external/apache-tomcat/logs/catalina.out -errfile /usr/local/kvm/external/apache-tomcat/logs/catalina.err -pidfile /var/run/vkvm_tomcat.pid org.apache.catalina.startup.Bootstrap
root 5579 35512 0 16:07 pts/0 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
root 11940 3984 0 16:08 pts/1 00:00:00 grep --color=auto 35512
root 15746 35512 0 16:05 ? 00:00:00 nginx: master process /zenap/ums-server/utils/nginx/nginx-1.4.7/nginx-linux-x86_64 -p /zenap/ums-server/utils/nginx/nginx-1.4.7/
root 35512 35495 0 16:04 pts/0 00:00:00 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
4)根据3)中的PID继续向上查找到使用父进程PPID的程序
[root@paas-controller-9999103:~]$ ps -ef|grep 35512
root 1282 35512 0 16:04 ? 00:00:00 jsvc.exec -user dcm -cp /usr/local/kvm/external/apache-tomcat/bin/bootstrap.jar:/usr/local/kvm/external/apache-tomcat/bin/tomcat-juli.jar:/usr/local/kvm/external/apache-tomcat/bin/commons-daemon.jar -Dcatalina.home=/usr/local/kvm/external/apache-tomcat -Dcatalina.base=/usr/local/kvm/external/apache-tomcat -outfile /usr/local/kvm/external/apache-tomcat/logs/catalina.out -errfile /usr/local/kvm/external/apache-tomcat/logs/catalina.err -pidfile /var/run/vkvm_tomcat.pid org.apache.catalina.startup.Bootstrap
root 2395 3984 0 16:15 pts/1 00:00:00 grep --color=auto 35512
root 35512 35495 0 16:04 pts/0 00:00:00 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
5)根据4)中的PID继续向上查找到使用父进程PPID的程序
[root@paas-controller-9999103:~]$ ps -ef|grep 35495
root 14716 3984 0 16:16 pts/1 00:00:00 grep --color=auto 35495
root 35495 23836 0 16:04 ? 00:00:00 docker-containerd-shim f41ce0c15a91b544641b5e461fc9750aa7da03b4aea7ae62d96a965428e2134d /var/run/docker/libcontainerd/f41ce0c15a91b544641b5e461fc9750aa7da03b4aea7ae62d96a965428e2134d docker-runc
root 35512 35495 0 16:04 pts/0 00:00:00 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf
至此,已经找到使用该父程序的docker容器,容器号为:f41ce0c15a91b544641b5e461fc9750aa7da03b4aea7ae62d96a965428e2134d
6)验证容器是否使用了443端口,停止该容器,443端口释放,未占用
[root@paas-controller-9999103:~]$ docker stop f41ce0c15a91b544641b5e461fc9750aa7da03b4aea7ae62d96a965428e2134d
f41ce0c15a91b544641b5e461fc9750aa7da03b4aea7ae62d96a965428e2134d
[root@paas-controller-9999103:~]$ netstat -anp|grep 443
tcp 0 0 172.17.0.1:44432 172.17.0.16:2379 ESTABLISHED 9873/docker-proxy
方法1虽然方法1可以清晰我们的查找过程,但是是不是觉得很笨,很麻烦?!那么下面试试这个简单的方法吧
方法2:docker inspect <CONTAINER ID>可以获取容器的pid,通过docker ps可以获取容器的容器id,因此可以将这两个命令结合在一起
同方法1的1),2)步,查找到使用该443端口的父进程PID 35512,然后使用docker inspect -f '{ {.State.Pid} } { {.ID} }' $(docker ps -a -q) |grep <PID>命令,查找到对应该父PID的容器ID
[root@paas-controller-9999103:~]$docker inspect -f '{ {.State.Pid} } { {.Id} }' $(docker ps -a -q) | grep 35512
35512 f41ce0c15a91b544641b5e461fc9750aa7da03b4aea7ae62d96a965428e2134d
