主頁 > 知識(shí)庫 > Docker網(wǎng)絡(luò)原理及自定義網(wǎng)絡(luò)詳細(xì)解析

Docker網(wǎng)絡(luò)原理及自定義網(wǎng)絡(luò)詳細(xì)解析

熱門標(biāo)簽:打400電話怎么辦理收費(fèi) 麗江真人語音電話外呼系統(tǒng) 宿城區(qū)電話機(jī)器人找哪家 上海申請高400開頭的電話 400電話辦理介紹信 怎么找到?jīng)]有地圖標(biāo)注的店 10086外包用的什么外呼系統(tǒng) 河南防封號(hào)電銷機(jī)器人是什么 福州企業(yè)電銷機(jī)器人排名

Docker在宿主機(jī)上虛擬了一個(gè)網(wǎng)橋,當(dāng)創(chuàng)建并啟動(dòng)容器的時(shí)候,每一個(gè)容器默認(rèn)都會(huì)被分配一個(gè)跟網(wǎng)橋網(wǎng)段一致的ip,網(wǎng)橋作為容器的網(wǎng)關(guān),網(wǎng)橋與每一個(gè)容器聯(lián)通,容器間通過網(wǎng)橋可以通信。由于網(wǎng)橋是虛擬出來的,外網(wǎng)無法進(jìn)行尋址,也就是默認(rèn)外網(wǎng)無法訪問容器,需要在創(chuàng)建啟動(dòng)容器時(shí)把宿主機(jī)的端口與容器端口進(jìn)行映射,通過宿主機(jī)IP端口訪問容器。這是Docker默認(rèn)的網(wǎng)絡(luò),它有一個(gè)弊端是只能通過IP讓容器互相訪問,如果想使用容器名稱或容器ID互相訪問需要在創(chuàng)建啟動(dòng)容器時(shí)候用link的方式修改hosts文件實(shí)現(xiàn)。一般使用自定義網(wǎng)絡(luò),自定義網(wǎng)絡(luò)使用network創(chuàng)建,創(chuàng)建時(shí)可以指定子網(wǎng)網(wǎng)段及網(wǎng)關(guān)等信息,在創(chuàng)建并啟動(dòng)容器時(shí)指定使用的網(wǎng)絡(luò)。這樣在一個(gè)自定義網(wǎng)絡(luò)里的所有容器可以直接使用容器名進(jìn)行訪問,如果一個(gè)容器想要訪問其他網(wǎng)絡(luò)中的容器也可以在network中進(jìn)行設(shè)置,這樣這個(gè)容器與目標(biāo)網(wǎng)絡(luò)的容器可以使用容器名通信。

1 默認(rèn)網(wǎng)絡(luò)docker0

用vm虛擬機(jī)測試,未啟動(dòng)docker 系統(tǒng)中有兩個(gè)網(wǎng)絡(luò)(回環(huán)網(wǎng)絡(luò)、虛擬機(jī)網(wǎng)絡(luò))

當(dāng)啟動(dòng)docker服務(wù)后,宿主機(jī)多出一個(gè)網(wǎng)絡(luò)docker0 這就是docker默認(rèn)網(wǎng)絡(luò)

# 啟動(dòng)docker服務(wù)
[root@localhost ~]# systemctl start docker

啟動(dòng)一個(gè)tomcat容器,會(huì)發(fā)現(xiàn)宿主機(jī)又多出一個(gè)網(wǎng)絡(luò)

啟動(dòng)tomcat
[root@localhost ~]# docker run -d -P --name tomcat1 tomcat

再啟動(dòng)一個(gè)tomcat,會(huì)發(fā)展宿主機(jī)又多出一個(gè)網(wǎng)絡(luò)

# 啟動(dòng)tomcat
[root@localhost ~]# docker run -d -P --name tomcat2 tomcat

測試兩個(gè)tomcat網(wǎng)絡(luò)ip是通的

# 查看tomcat的ip地址
[root@localhost ~]# docker exec -it tomcat2 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
# 在tomcat1 ping tomcat2的ip
[root@localhost ~]# docker exec -it tomcat1 ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.146 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.067 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.088 ms
^C
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 0.067/0.100/0.146/0.034 ms

在tomcat1里ping tomcat2的 容器名無法ping通

# 在tomcat1里ping tomcat2的容器名
[root@localhost ~]# docker exec -it tomcat1 ping tomcat2
^C[root@localhost ~]#

停止tomcat1 重新創(chuàng)建啟動(dòng)tomcat 使用link 會(huì)在底層修改tomcat1 的hosts文件 實(shí)現(xiàn)容器名作為ip域名從而tomcat1到tomcat2的單向ping通

# 刪除tomcat1
[root@localhost ~]# docker rm -f tomcat1
tomcat1
 
# 查看run的幫助文檔 link用法
[root@localhost ~]# docker run --help
 
Usage:  docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
 
Run a command in a new container
 
Options:
      --add-host list                  Add a custom host-to-IP mapping (host:ip)
  -a, --attach list                    Attach to STDIN, STDOUT or STDERR
      --blkio-weight uint16            Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
      --blkio-weight-device list       Block IO weight (relative device weight) (default [])
      --cap-add list                   Add Linux capabilities
      --cap-drop list                  Drop Linux capabilities
      --cgroup-parent string           Optional parent cgroup for the container
      --cgroupns string                Cgroup namespace to use (host|private)
                                       'host':    Run the container in the Docker host's cgroup namespace
                                       'private': Run the container in its own private cgroup namespace
                                       '':        Use the cgroup namespace as configured by the
                                                  default-cgroupns-mode option on the daemon (default)
      --cidfile string                 Write the container ID to the file
      --cpu-period int                 Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int                  Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int              Limit CPU real-time period in microseconds
      --cpu-rt-runtime int             Limit CPU real-time runtime in microseconds
  -c, --cpu-shares int                 CPU shares (relative weight)
      --cpus decimal                   Number of CPUs
      --cpuset-cpus string             CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string             MEMs in which to allow execution (0-3, 0,1)
  -d, --detach                         Run container in background and print container ID
      --detach-keys string             Override the key sequence for detaching a container
      --device list                    Add a host device to the container
      --device-cgroup-rule list        Add a rule to the cgroup allowed devices list
      --device-read-bps list           Limit read rate (bytes per second) from a device (default [])
      --device-read-iops list          Limit read rate (IO per second) from a device (default [])
      --device-write-bps list          Limit write rate (bytes per second) to a device (default [])
      --device-write-iops list         Limit write rate (IO per second) to a device (default [])
      --disable-content-trust          Skip image verification (default true)
      --dns list                       Set custom DNS servers
      --dns-option list                Set DNS options
      --dns-search list                Set custom DNS search domains
      --domainname string              Container NIS domain name
      --entrypoint string              Overwrite the default ENTRYPOINT of the image
  -e, --env list                       Set environment variables
      --env-file list                  Read in a file of environment variables
      --expose list                    Expose a port or a range of ports
      --gpus gpu-request               GPU devices to add to the container ('all' to pass all GPUs)
      --group-add list                 Add additional groups to join
      --health-cmd string              Command to run to check health
      --health-interval duration       Time between running the check (ms|s|m|h) (default 0s)
      --health-retries int             Consecutive failures needed to report unhealthy
      --health-start-period duration   Start period for the container to initialize before starting health-retries countdown
                                       (ms|s|m|h) (default 0s)
      --health-timeout duration        Maximum time to allow one check to run (ms|s|m|h) (default 0s)
      --help                           Print usage
  -h, --hostname string                Container host name
      --init                           Run an init inside the container that forwards signals and reaps processes
  -i, --interactive                    Keep STDIN open even if not attached
      --ip string                      IPv4 address (e.g., 172.30.100.104)
      --ip6 string                     IPv6 address (e.g., 2001:db8::33)
      --ipc string                     IPC mode to use
      --isolation string               Container isolation technology
      --kernel-memory bytes            Kernel memory limit
  -l, --label list                     Set meta data on a container
      --label-file list                Read in a line delimited file of labels
      --link list                      Add link to another container
      --link-local-ip list             Container IPv4/IPv6 link-local addresses
      --log-driver string              Logging driver for the container
      --log-opt list                   Log driver options
      --mac-address string             Container MAC address (e.g., 92:d0:c6:0a:29:33)
  -m, --memory bytes                   Memory limit
      --memory-reservation bytes       Memory soft limit
      --memory-swap bytes              Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --memory-swappiness int          Tune container memory swappiness (0 to 100) (default -1)
      --mount mount                    Attach a filesystem mount to the container
      --name string                    Assign a name to the container
      --network network                Connect a container to a network
      --network-alias list             Add network-scoped alias for the container
      --no-healthcheck                 Disable any container-specified HEALTHCHECK
      --oom-kill-disable               Disable OOM Killer
      --oom-score-adj int              Tune host's OOM preferences (-1000 to 1000)
      --pid string                     PID namespace to use
      --pids-limit int                 Tune container pids limit (set -1 for unlimited)
      --platform string                Set platform if server is multi-platform capable
      --privileged                     Give extended privileges to this container
  -p, --publish list                   Publish a container's port(s) to the host
  -P, --publish-all                    Publish all exposed ports to random ports
      --pull string                    Pull image before running ("always"|"missing"|"never") (default "missing")
      --read-only                      Mount the container's root filesystem as read only
      --restart string                 Restart policy to apply when a container exits (default "no")
      --rm                             Automatically remove the container when it exits
      --runtime string                 Runtime to use for this container
      --security-opt list              Security Options
      --shm-size bytes                 Size of /dev/shm
      --sig-proxy                      Proxy received signals to the process (default true)
      --stop-signal string             Signal to stop a container (default "SIGTERM")
      --stop-timeout int               Timeout (in seconds) to stop a container
      --storage-opt list               Storage driver options for the container
      --sysctl map                     Sysctl options (default map[])
      --tmpfs list                     Mount a tmpfs directory
  -t, --tty                            Allocate a pseudo-TTY
      --ulimit ulimit                  Ulimit options (default [])
  -u, --user string                    Username or UID (format: <name|uid>[:<group|gid>])
      --userns string                  User namespace to use
      --uts string                     UTS namespace to use
  -v, --volume list                    Bind mount a volume
      --volume-driver string           Optional volume driver for the container
      --volumes-from list              Mount volumes from the specified container(s)
  -w, --workdir string                 Working directory inside the container
 
# 啟動(dòng)tomcat1 link指定要訪問的容器名
[root@localhost ~]# docker run -d -P --name tomcat1 --link tomcat2 tomcat
f78c51961662a1d3558fc8d0d95906b902a7a042f251a60858e72bcfa62e7a08
 
# 測試ping
[root@localhost ~]# docker exec -it tomcat1 ping tomcat2
PING tomcat2 (172.17.0.3) 56(84) bytes of data.
64 bytes from tomcat2 (172.17.0.3): icmp_seq=1 ttl=64 time=0.088 ms
64 bytes from tomcat2 (172.17.0.3): icmp_seq=2 ttl=64 time=0.071 ms
64 bytes from tomcat2 (172.17.0.3): icmp_seq=3 ttl=64 time=0.071 ms
^C
--- tomcat2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.071/0.076/0.088/0.012 ms
 
# 查看tomcat1的hosts已經(jīng)加入了tomcat2的域名
[root@localhost ~]# docker exec -it tomcat1 cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3      tomcat2 27766c324de6
172.17.0.2      f78c51961662
 
# tomcat2無法ping通tomcat1
[root@localhost ~]# docker exec -it tomcat2 ping tomcat1
^C[root@localhost ~]#

2 自定義網(wǎng)絡(luò)

需要用到network命令

# 查看幫助文檔
[root@localhost ~]# docker network --help
 
Usage:  docker network COMMAND
 
Manage networks
 
Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks
 
Run 'docker network COMMAND --help' for more information on a command.

列出當(dāng)前的docker網(wǎng)絡(luò) bridge為 默認(rèn)網(wǎng)絡(luò)docker0

[root@localhost ~]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
9b27ff0926bf   bridge    bridge    local
8dfa2efae677   host      host      local
2025b7fb1d7c   none      null      local

創(chuàng)建網(wǎng)絡(luò)mynet

[root@localhost ~]# docker network create --help
 
Usage:  docker network create [OPTIONS] NETWORK
 
Create a network
 
Options:
      --attachable           Enable manual container attachment
      --aux-address map      Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
      --config-from string   The network from which to copy the configuration
      --config-only          Create a configuration only network
  -d, --driver string        Driver to manage the Network (default "bridge")
      --gateway strings      IPv4 or IPv6 Gateway for the master subnet
      --ingress              Create swarm routing-mesh network
      --internal             Restrict external access to the network
      --ip-range strings     Allocate container ip from a sub-range
      --ipam-driver string   IP Address Management Driver (default "default")
      --ipam-opt map         Set IPAM driver specific options (default map[])
      --ipv6                 Enable IPv6 networking
      --label list           Set metadata on a network
  -o, --opt map              Set driver specific options (default map[])
      --scope string         Control the network's scope
      --subnet strings       Subnet in CIDR format that represents a network segment
[root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672
[root@localhost ~]# docker network inspect mynet
[
    {
        "Name": "mynet",
        "Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672",
        "Created": "2021-05-13T11:21:13.494039122+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.0.0/16",
                    "Gateway": "192.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

使用mynet創(chuàng)建啟動(dòng)兩個(gè)tomcat,他們可以直接通過容器名稱雙向互相ping通

[root@localhost ~]# docker run --help
 
Usage:  docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
 
Run a command in a new container
 
Options:
      --add-host list                  Add a custom host-to-IP mapping (host:ip)
  -a, --attach list                    Attach to STDIN, STDOUT or STDERR
      --blkio-weight uint16            Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
      --blkio-weight-device list       Block IO weight (relative device weight) (default [])
      --cap-add list                   Add Linux capabilities
      --cap-drop list                  Drop Linux capabilities
      --cgroup-parent string           Optional parent cgroup for the container
      --cgroupns string                Cgroup namespace to use (host|private)
                                       'host':    Run the container in the Docker host's cgroup namespace
                                       'private': Run the container in its own private cgroup namespace
                                       '':        Use the cgroup namespace as configured by the
                                                  default-cgroupns-mode option on the daemon (default)
      --cidfile string                 Write the container ID to the file
      --cpu-period int                 Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int                  Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int              Limit CPU real-time period in microseconds
      --cpu-rt-runtime int             Limit CPU real-time runtime in microseconds
  -c, --cpu-shares int                 CPU shares (relative weight)
      --cpus decimal                   Number of CPUs
      --cpuset-cpus string             CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string             MEMs in which to allow execution (0-3, 0,1)
  -d, --detach                         Run container in background and print container ID
      --detach-keys string             Override the key sequence for detaching a container
      --device list                    Add a host device to the container
      --device-cgroup-rule list        Add a rule to the cgroup allowed devices list
      --device-read-bps list           Limit read rate (bytes per second) from a device (default [])
      --device-read-iops list          Limit read rate (IO per second) from a device (default [])
      --device-write-bps list          Limit write rate (bytes per second) to a device (default [])
      --device-write-iops list         Limit write rate (IO per second) to a device (default [])
      --disable-content-trust          Skip image verification (default true)
      --dns list                       Set custom DNS servers
      --dns-option list                Set DNS options
      --dns-search list                Set custom DNS search domains
      --domainname string              Container NIS domain name
      --entrypoint string              Overwrite the default ENTRYPOINT of the image
  -e, --env list                       Set environment variables
      --env-file list                  Read in a file of environment variables
      --expose list                    Expose a port or a range of ports
      --gpus gpu-request               GPU devices to add to the container ('all' to pass all GPUs)
      --group-add list                 Add additional groups to join
      --health-cmd string              Command to run to check health
      --health-interval duration       Time between running the check (ms|s|m|h) (default 0s)
      --health-retries int             Consecutive failures needed to report unhealthy
      --health-start-period duration   Start period for the container to initialize before starting health-retries countdown
                                       (ms|s|m|h) (default 0s)
      --health-timeout duration        Maximum time to allow one check to run (ms|s|m|h) (default 0s)
      --help                           Print usage
  -h, --hostname string                Container host name
      --init                           Run an init inside the container that forwards signals and reaps processes
  -i, --interactive                    Keep STDIN open even if not attached
      --ip string                      IPv4 address (e.g., 172.30.100.104)
      --ip6 string                     IPv6 address (e.g., 2001:db8::33)
      --ipc string                     IPC mode to use
      --isolation string               Container isolation technology
      --kernel-memory bytes            Kernel memory limit
  -l, --label list                     Set meta data on a container
      --label-file list                Read in a line delimited file of labels
      --link list                      Add link to another container
      --link-local-ip list             Container IPv4/IPv6 link-local addresses
      --log-driver string              Logging driver for the container
      --log-opt list                   Log driver options
      --mac-address string             Container MAC address (e.g., 92:d0:c6:0a:29:33)
  -m, --memory bytes                   Memory limit
      --memory-reservation bytes       Memory soft limit
      --memory-swap bytes              Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --memory-swappiness int          Tune container memory swappiness (0 to 100) (default -1)
      --mount mount                    Attach a filesystem mount to the container
      --name string                    Assign a name to the container
      --network network                Connect a container to a network
      --network-alias list             Add network-scoped alias for the container
      --no-healthcheck                 Disable any container-specified HEALTHCHECK
      --oom-kill-disable               Disable OOM Killer
      --oom-score-adj int              Tune host's OOM preferences (-1000 to 1000)
      --pid string                     PID namespace to use
      --pids-limit int                 Tune container pids limit (set -1 for unlimited)
      --platform string                Set platform if server is multi-platform capable
      --privileged                     Give extended privileges to this container
  -p, --publish list                   Publish a container's port(s) to the host
  -P, --publish-all                    Publish all exposed ports to random ports
      --pull string                    Pull image before running ("always"|"missing"|"never") (default "missing")
      --read-only                      Mount the container's root filesystem as read only
      --restart string                 Restart policy to apply when a container exits (default "no")
      --rm                             Automatically remove the container when it exits
      --runtime string                 Runtime to use for this container
      --security-opt list              Security Options
      --shm-size bytes                 Size of /dev/shm
      --sig-proxy                      Proxy received signals to the process (default true)
      --stop-signal string             Signal to stop a container (default "SIGTERM")
      --stop-timeout int               Timeout (in seconds) to stop a container
      --storage-opt list               Storage driver options for the container
      --sysctl map                     Sysctl options (default map[])
      --tmpfs list                     Mount a tmpfs directory
  -t, --tty                            Allocate a pseudo-TTY
      --ulimit ulimit                  Ulimit options (default [])
  -u, --user string                    Username or UID (format: <name|uid>[:<group|gid>])
      --userns string                  User namespace to use
      --uts string                     UTS namespace to use
  -v, --volume list                    Bind mount a volume
      --volume-driver string           Optional volume driver for the container
      --volumes-from list              Mount volumes from the specified container(s)
  -w, --workdir string                 Working directory inside the container
[root@localhost ~]# docker run -d -P --name tomcat-n-1 --network mynet tomcat
404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a
[root@localhost ~]# docker run -d -P --name tomcat-n-2 --network mynet tomcat
f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f
[root@localhost ~]# docker ps
CONTAINER ID   IMAGE     COMMAND             CREATED          STATUS          PORTS                                         NAMES
f6352fb3db01   tomcat    "catalina.sh run"   3 seconds ago    Up 2 seconds    0.0.0.0:49159->8080/tcp, :::49159->8080/tcp   tomcat-n-2
404e4e63622b   tomcat    "catalina.sh run"   10 seconds ago   Up 9 seconds    0.0.0.0:49158->8080/tcp, :::49158->8080/tcp   tomcat-n-1
f78c51961662   tomcat    "catalina.sh run"   15 minutes ago   Up 15 minutes   0.0.0.0:49157->8080/tcp, :::49157->8080/tcp   tomcat1
27766c324de6   tomcat    "catalina.sh run"   16 minutes ago   Up 16 minutes   0.0.0.0:49156->8080/tcp, :::49156->8080/tcp   tomcat2
[root@localhost ~]# docker exec -it tomcat-n-1 ping tomcat-n-2
PING tomcat-n-2 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.164 ms
^C
--- tomcat-n-2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 3ms
rtt min/avg/max/mdev = 0.069/0.111/0.164/0.041 ms

查看mynet網(wǎng)絡(luò)的詳細(xì)信息,包含了啟動(dòng)的兩個(gè)tomcat容器的網(wǎng)絡(luò)信息

[root@localhost ~]# docker network inspect mynet
[
    {
        "Name": "mynet",
        "Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672",
        "Created": "2021-05-13T11:21:13.494039122+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.0.0/16",
                    "Gateway": "192.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a": {
                "Name": "tomcat-n-1",
                "EndpointID": "b9efbd78daabe9345ade2a2e55291b7646d01679516e2f0be1efd5c2d6fea6b8",
                "MacAddress": "02:42:c0:a8:00:02",
                "IPv4Address": "192.168.0.2/16",
                "IPv6Address": ""
            },
            "f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f": {
                "Name": "tomcat-n-2",
                "EndpointID": "6b05a1ceff43514305bf3d0adf9e30ba8007db5ec8349d47f96ff2b216912fc0",
                "MacAddress": "02:42:c0:a8:00:03",
                "IPv4Address": "192.168.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

啟動(dòng)一個(gè)tomcat3使用默認(rèn)網(wǎng)絡(luò)docker0

[root@localhost ~]# docker run -d -P --name tomcat3 tomcat
90e94ac30a3c61b493d2ea38c32cf5dddb781e88c30547b609db765b15d7d1e0
[root@localhost ~]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
9b27ff0926bf   bridge    bridge    local
8dfa2efae677   host      host      local
1abaa8e6a387   mynet     bridge    local
2025b7fb1d7c   none      null      local
 
# 查看docker0詳細(xì)信息 tomcat3出現(xiàn)在默認(rèn)網(wǎng)絡(luò)里
[root@localhost ~]# docker network inspect 9b27ff0926bf
[
    {
        "Name": "bridge",
        "Id": "9b27ff0926bf22d0828ccd07d6e14eb17d96a4989f9def6f9118c099cf1ca1c6",
        "Created": "2021-05-13T10:51:20.244232273+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "27766c324de619b24e2ed522d8064c5a4610c8f509ff0aed8fa1719691f01bf1": {
                "Name": "tomcat2",
                "EndpointID": "de913778ce2d7478e25daca26809aa75c9093c43853d9420c70886fb16741722",
                "MacAddress": "02:42:ac:11:00:03",
                "IPv4Address": "172.17.0.3/16",
                "IPv6Address": ""
            },
            "90e94ac30a3c61b493d2ea38c32cf5dddb781e88c30547b609db765b15d7d1e0": {
                "Name": "tomcat3",
                "EndpointID": "2223e522a0950b846bb7691b31f60bbd88ab3c9b8e71d601a495cce39387b8cc",
                "MacAddress": "02:42:ac:11:00:04",
                "IPv4Address": "172.17.0.4/16",
                "IPv6Address": ""
            },
            "f78c51961662a1d3558fc8d0d95906b902a7a042f251a60858e72bcfa62e7a08": {
                "Name": "tomcat1",
                "EndpointID": "59299fdca5497e55dc5a94e408529cc98819b673568720c81aa1c554dff1bbe5",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

tomcat3和mynet不在一個(gè)網(wǎng)絡(luò),tomcat3無法訪問mynet網(wǎng)絡(luò)里的兩個(gè)tomcat,可以使用network打通tomcat3和mynetwork,實(shí)現(xiàn)雙向互相訪問(支持容器名稱)。

# 查看mynet網(wǎng)絡(luò)里容器的ip
[root@localhost ~]# docker network inspect mynet
[
    {
        "Name": "mynet",
        "Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672",
        "Created": "2021-05-13T11:21:13.494039122+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.0.0/16",
                    "Gateway": "192.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a": {
                "Name": "tomcat-n-1",
                "EndpointID": "b9efbd78daabe9345ade2a2e55291b7646d01679516e2f0be1efd5c2d6fea6b8",
                "MacAddress": "02:42:c0:a8:00:02",
                "IPv4Address": "192.168.0.2/16",
                "IPv6Address": ""
            },
            "f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f": {
                "Name": "tomcat-n-2",
                "EndpointID": "6b05a1ceff43514305bf3d0adf9e30ba8007db5ec8349d47f96ff2b216912fc0",
                "MacAddress": "02:42:c0:a8:00:03",
                "IPv4Address": "192.168.0.3/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]
 
# tomcat3 ping ip不通
[root@localhost ~]# docker exec -it tomcat3 ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
^C
--- 192.168.0.2 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 11ms
 
[root@localhost ~]# docker exec -it tomcat3 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
^C
--- 192.168.0.3 ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 20ms
# 使用connect聯(lián)通一個(gè)網(wǎng)絡(luò)和另外一個(gè)網(wǎng)絡(luò)里的容器,可以互相容器名稱訪問
[root@localhost ~]# docker network connect --help
 
Usage:  docker network connect [OPTIONS] NETWORK CONTAINER
 
Connect a container to a network
 
Options:
      --alias strings           Add network-scoped alias for the container
      --driver-opt strings      driver options for the network
      --ip string               IPv4 address (e.g., 172.30.100.104)
      --ip6 string              IPv6 address (e.g., 2001:db8::33)
      --link list               Add link to another container
      --link-local-ip strings   Add a link-local address for the container
[root@localhost ~]# docker network connect mynet tomcat3
[root@localhost ~]# docker exec -it tomcat3 ping tomcat-n-1
PING tomcat-n-1 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.235 ms
64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.064 ms
^C
--- tomcat-n-1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 6ms
rtt min/avg/max/mdev = 0.064/0.123/0.235/0.079 ms
[root@localhost ~]# docker exec -it tomcat-n-1 ping tomcat3
PING tomcat3 (192.168.0.4) 56(84) bytes of data.
64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=2 ttl=64 time=0.169 ms
64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=3 ttl=64 time=0.194 ms
^C
--- tomcat3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 6ms
rtt min/avg/max/mdev = 0.055/0.139/0.194/0.061 ms

以上就是Docker網(wǎng)絡(luò)原理及自定義網(wǎng)絡(luò)詳細(xì)解析的詳細(xì)內(nèi)容,更多關(guān)于docker網(wǎng)絡(luò)原理的資料請關(guān)注腳本之家其它相關(guān)文章!

標(biāo)簽:荊門 面試通知 隴南 連云港 朝陽 遵義 運(yùn)城 雞西

巨人網(wǎng)絡(luò)通訊聲明:本文標(biāo)題《Docker網(wǎng)絡(luò)原理及自定義網(wǎng)絡(luò)詳細(xì)解析》,本文關(guān)鍵詞  Docker,網(wǎng)絡(luò),原理,及,自定義,;如發(fā)現(xiàn)本文內(nèi)容存在版權(quán)問題,煩請?zhí)峁┫嚓P(guān)信息告之我們,我們將及時(shí)溝通與處理。本站內(nèi)容系統(tǒng)采集于網(wǎng)絡(luò),涉及言論、版權(quán)與本站無關(guān)。
  • 相關(guān)文章
  • 下面列出與本文章《Docker網(wǎng)絡(luò)原理及自定義網(wǎng)絡(luò)詳細(xì)解析》相關(guān)的同類信息!
  • 本頁收集關(guān)于Docker網(wǎng)絡(luò)原理及自定義網(wǎng)絡(luò)詳細(xì)解析的相關(guān)信息資訊供網(wǎng)民參考!
  • 推薦文章