四种网络模式

host模式

使用docker run时使用–net=host指定
Docker使用的网络实际上和宿主机一样,在容器内看到的网卡ip是宿主机上的ip。

[root@localhost ~]# docker run -it --rm --net=host centos_with_net bash
  • –rm,退出镜像时同时删除该镜像
[root@localhost /]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.42.1  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::8cfc:c7ff:fe49:f1ae  prefixlen 64  scopeid 0x20<link>
        ether 4e:90:a4:b6:91:91  txqueuelen 0  (Ethernet)
        RX packets 58  bytes 3820 (3.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6  bytes 468 (468.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.179  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::20c:29ff:fedb:b228  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:db:b2:28  txqueuelen 1000  (Ethernet)
        RX packets 10562  bytes 868003 (847.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2985  bytes 390673 (381.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 16  bytes 960 (960.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 16  bytes 960 (960.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth5446780: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::c0f4:f5ff:fe71:f3bd  prefixlen 64  scopeid 0x20<link>
        ether c2:f4:f5:71:f3:bd  txqueuelen 0  (Ethernet)
        RX packets 7  bytes 558 (558.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 49  bytes 3894 (3.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth111b1ca: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::4c90:a4ff:feb6:9191  prefixlen 64  scopeid 0x20<link>
        ether 4e:90:a4:b6:91:91  txqueuelen 0  (Ethernet)
        RX packets 7  bytes 558 (558.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 1026 (1.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth55dbbb2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::c84d:9ff:fecd:da27  prefixlen 64  scopeid 0x20<link>
        ether ca:4d:09:cd:da:27  txqueuelen 0  (Ethernet)
        RX packets 7  bytes 558 (558.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 42  bytes 3336 (3.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth5e2dff4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::9465:1bff:fed2:f75d  prefixlen 64  scopeid 0x20<link>
        ether 96:65:1b:d2:f7:5d  txqueuelen 0  (Ethernet)
        RX packets 7  bytes 558 (558.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 1584 (1.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth628d605: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::5cc8:ebff:fedb:ea69  prefixlen 64  scopeid 0x20<link>
        ether 5e:c8:eb:db:ea:69  txqueuelen 0  (Ethernet)
        RX packets 7  bytes 558 (558.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6  bytes 468 (468.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth991629e: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::b464:e5ff:fed5:1bd6  prefixlen 64  scopeid 0x20<link>
        ether b6:64:e5:d5:1b:d6  txqueuelen 0  (Ethernet)
        RX packets 7  bytes 558 (558.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 27  bytes 2142 (2.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethb086b1c: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::dcdf:66ff:fed8:f2df  prefixlen 64  scopeid 0x20<link>
        ether de:df:66:d8:f2:df  txqueuelen 0  (Ethernet)
        RX packets 8  bytes 636 (636.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 34  bytes 2700 (2.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@localhost /]# exit
exit

与宿主机的IP信息对比

[root@localhost ~]# ifconfig
docker0   Link encap:Ethernet  HWaddr 4E:90:A4:B6:91:91
          inet addr:172.17.42.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::8cfc:c7ff:fe49:f1ae/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:58 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3820 (3.7 KiB)  TX bytes:468 (468.0 b)

eth0      Link encap:Ethernet  HWaddr 00:0C:29:DB:B2:28
          inet addr:192.168.1.179  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fedb:b228/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:10661 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3012 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:876797 (856.2 KiB)  TX bytes:398049 (388.7 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:960 (960.0 b)  TX bytes:960 (960.0 b)

veth5e2dff4 Link encap:Ethernet  HWaddr 96:65:1B:D2:F7:5D
          inet6 addr: fe80::9465:1bff:fed2:f75d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:558 (558.0 b)  TX bytes:1584 (1.5 KiB)

vethb086b1c Link encap:Ethernet  HWaddr DE:DF:66:D8:F2:DF
          inet6 addr: fe80::dcdf:66ff:fed8:f2df/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:636 (636.0 b)  TX bytes:2700 (2.6 KiB)

veth55dbbb2 Link encap:Ethernet  HWaddr CA:4D:09:CD:DA:27
          inet6 addr: fe80::c84d:9ff:fecd:da27/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:42 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:558 (558.0 b)  TX bytes:3336 (3.2 KiB)

veth111b1ca Link encap:Ethernet  HWaddr 4E:90:A4:B6:91:91
          inet6 addr: fe80::4c90:a4ff:feb6:9191/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:558 (558.0 b)  TX bytes:1026 (1.0 KiB)

veth628d605 Link encap:Ethernet  HWaddr 5E:C8:EB:DB:EA:69
          inet6 addr: fe80::5cc8:ebff:fedb:ea69/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:558 (558.0 b)  TX bytes:468 (468.0 b)

veth991629e Link encap:Ethernet  HWaddr B6:64:E5:D5:1B:D6
          inet6 addr: fe80::b464:e5ff:fed5:1bd6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:558 (558.0 b)  TX bytes:2142 (2.0 KiB)

veth5446780 Link encap:Ethernet  HWaddr C2:F4:F5:71:F3:BD
          inet6 addr: fe80::c0f4:f5ff:fe71:f3bd/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:558 (558.0 b)  TX bytes:3894 (3.8 KiB)

container模式

使用–net=container:container_id/container_name,多个容器使用共同的网络看到的ip是一样的。

[root@localhost ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
7169e8be6d3e        centos              "/bin/bash"         About an hour ago   Up About an hour                        serene_goldstine
4cd696928bbe        centos              "bash"              About an hour ago   Up About an hour                        cent_testv2
4f5bf6f33f2c        centos              "bash"              About an hour ago   Up About an hour                        gloomy_colden
0a80861145c9        centos              "bash"              About an hour ago   Up About an hour                        mad_carson
fb45150dbc21        centos              "bash"              About an hour ago   Up About an hour                        cent_testv
3222c7c5c456        centos              "bash"              2 hours ago         Up 2 hours                              sick_albattani
e136b27a8e17        centos              "bash"              2 hours ago         Up 2 hours                              tender_euclid
[root@localhost ~]# docker exec -it 7169 bash
[root@7169e8be6d3e /]# ifconfig
bash: ifconfig: command not found
[root@7169e8be6d3e /]# yum install -y net-tools ifconfig
[root@7169e8be6d3e /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.8  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:acff:fe11:8  prefixlen 64  scopeid 0x20<link>
        ether 02:42:ac:11:00:08  txqueuelen 0  (Ethernet)
        RX packets 5938  bytes 15420209 (14.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4841  bytes 329652 (321.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@7169e8be6d3e /]# exit
exit
[root@localhost ~]# docker run -it --rm --net=container:7169 centos_with_net bash
[root@7169e8be6d3e /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.8  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:acff:fe11:8  prefixlen 64  scopeid 0x20<link>
        ether 02:42:ac:11:00:08  txqueuelen 0  (Ethernet)
        RX packets 5942  bytes 15420377 (14.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4855  bytes 330480 (322.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

none模式

使用–net=none指定,这种模式下不会配置任何网络。

[root@localhost ~]# docker run -it --rm --net=none centos_with_net bash
[root@67d037935636 /]# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

bridge模式(默认模式)

使用–net=bridge指定,不用指定默认就是这种网络模式。这种模式会为每个容器分配一个独立的Network Namespace。类似于Vmware的nat网络模式。同一个宿主机上的所有容器会在同一个网段下,相互之间是可以通信的。