docker网络
目录
无/有 docker网络的linux环境区别
[root@master2 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:f0:b0:19 brd ff:ff:ff:ff:ff:ff
inet 192.168.52.111/24 brd 192.168.52.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::d868:32e0:4054:36d7/64 scope link noprefixroute
valid_lft forever preferred_lft forever
- 安装,启动docker
yum -y install docker-ce
// 如果没启的话
systemctl status docker.service
systemctl start docker.service
- 查看网络接口
[root@master2 yum.repos.d]# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:f0:b0:19 brd ff:ff:ff:ff:ff:ff
inet 192.168.52.111/24 brd 192.168.52.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::d868:32e0:4054:36d7/64 scope link noprefixroute
valid_lft forever preferred_lft forever
8: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:23:f3:0b:60 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
docker网络几种类型
[root@master2 yum.repos.d]# docker network ls
NETWORK ID NAME DRIVER SCOPE
b7e1000e3e6a bridge bridge local
8217a61c1df6 host host local
df29815ea273 none null local
name为bridge的为默认网络,如果没特定指定网络,就会使用这个网络
[root@master2 yum.repos.d]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "b7e1000e3e6a7dd897aa26d56950e84e72b32b73041b17fee2c0fff2cb07ebf5",
"Created": "2025-02-16T22:05:17.72888676+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
"com.docker.network.bridge.name": "docker0", 说明docker0确实是docker生成的
- "Containers": {} 表示该网络下的容器
测试1-创建容器加入默认网络
创建容器
docker run -d --name container1 --hostname container1-hostname registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool
[root@master2 yum.repos.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d4ed870e530e registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool "/bin/sh /docker/ent…" 32 seconds ago Up 32 seconds 80/tcp, 443/tcp, 1180/tcp, 11443/tcp container1
docker network inspect bridge
[
{
"Name": "bridge",
"Id": "b7e1000e3e6a7dd897aa26d56950e84e72b32b73041b17fee2c0fff2cb07ebf5",
"Created": "2025-02-16T22:05:17.72888676+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"d4ed870e530eb92fc8418c7f8c8386b72835829c4fb6eeffa7c46dbc0b19af66": {
"Name": "container1",
"EndpointID": "67e44319fa7c0f7793399dd0dc1f9451b9bee71bdbb15e7d2ce8697cd3a4591d",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
containers里有刚才创建的容器
查看加入后的 ip address
ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:f0:b0:19 brd ff:ff:ff:ff:ff:ff
inet 192.168.52.111/24 brd 192.168.52.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::d868:32e0:4054:36d7/64 scope link noprefixroute
valid_lft forever preferred_lft forever
8: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:23:f3:0b:60 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:23ff:fef3:b60/64 scope link
valid_lft forever preferred_lft forever
10: veth572b123@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 1e:14:06:8c:38:d4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1c14:6ff:fe8c:38d4/64 scope link
valid_lft forever preferred_lft forever
多了10
从8 ,直接到10
[root@master2 yum.repos.d]# ip -json address show dev veth572b123|jq .
[
{
"ifindex": 10,
"link_index": 9,
"ifname": "veth572b123",
"flags": [
"BROADCAST",
"MULTICAST",
"UP",
"LOWER_UP"
],
"mtu": 1500,
"qdisc": "noqueue",
"master": "docker0",
"operstate": "UP",
"group": "default",
"link_type": "ether",
"address": "1e:14:06:8c:38:d4",
"broadcast": "ff:ff:ff:ff:ff:ff",
"link_netnsid": 0,
"addr_info": [
{
"family": "inet6",
"local": "fe80::1c14:6ff:fe8c:38d4",
"prefixlen": 64,
"scope": "link",
"valid_life_time": 4294967295,
"preferred_life_time": 4294967295
}
]
}
]
master是docker0,说明由docker0 衍生出来
到容器里查看,发现9号的接口出来了
[root@master2 yum.repos.d]# docker exec -it container1 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
docker exec -it container1 bash
bash-5.1# ip -json address show dev eth0|jq .
[
{
"ifindex": 9,
"link_index": 10,
"ifname": "eth0",
"flags": [
"BROADCAST",
"MULTICAST",
"UP",
"LOWER_UP"
],
"mtu": 1500,
"qdisc": "noqueue",
"operstate": "UP",
"group": "default",
"link_type": "ether",
"address": "02:42:ac:11:00:02",
"broadcast": "ff:ff:ff:ff:ff:ff",
"link_netnsid": 0,
"addr_info": [
{
"family": "inet",
"local": "172.17.0.2",
"prefixlen": 16,
"broadcast": "172.17.255.255",
"scope": "global",
"label": "eth0",
"valid_life_time": 4294967295,
"preferred_life_time": 4294967295
}
]
}
]
ifindex:序号
link_index:10 当前接口在和哪个接口连接
再创建1个容器
docker run -d --name container2 --hostname container2-hostname registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool
[root@master2 yum.repos.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e781f24d84e1 registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool "/bin/sh /docker/ent…" 3 seconds ago Up 2 seconds 80/tcp, 443/tcp, 1180/tcp, 11443/tcp container2
d4ed870e530e registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool "/bin/sh /docker/ent…" 17 minutes ago Up 17 minutes 80/tcp, 443/tcp, 1180/tcp, 11443/tcp container1
docker network inspect bridge
[
{
"Name": "bridge",
"Id": "b7e1000e3e6a7dd897aa26d56950e84e72b32b73041b17fee2c0fff2cb07ebf5",
"Created": "2025-02-16T22:05:17.72888676+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"d4ed870e530eb92fc8418c7f8c8386b72835829c4fb6eeffa7c46dbc0b19af66": {
"Name": "container1",
"EndpointID": "67e44319fa7c0f7793399dd0dc1f9451b9bee71bdbb15e7d2ce8697cd3a4591d",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"e781f24d84e174766cc2808b49a7a7e3f9934a9eec0cef97557381cdcf3b321c": {
"Name": "container2",
"EndpointID": "6667c01f1c7514f0bf40b25947eb7112cd3c093fb104ceed64723f3a080d7358",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@master2 yum.repos.d]# ip address
......
8: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:23:f3:0b:60 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:23ff:fef3:b60/64 scope link
valid_lft forever preferred_lft forever
10: veth572b123@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 1e:14:06:8c:38:d4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1c14:6ff:fe8c:38d4/64 scope link
valid_lft forever preferred_lft forever
12: veth1d122c9@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether aa:dd:90:bf:b5:b6 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::a8dd:90ff:febf:b5b6/64 scope link
valid_lft forever preferred_lft forever
多个12号接口,master为docker0
docker0
docker0相当于网关
[root@master2 yum.repos.d]# docker exec -it container1 bash
bash-5.1# ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.167 ms
64 bytes from 172.17.0.1: icmp_seq=2 ttl=64 time=0.088 ms
64 bytes from 172.17.0.1: icmp_seq=3 ttl=64 time=0.094 ms
域名解析
bash-5.1# hostname
container1-hostname
bash-5.1# ping container1-hostname
PING container1-hostname (172.17.0.2) 56(84) bytes of data.
64 bytes from container1-hostname (172.17.0.2): icmp_seq=1 ttl=64 time=0.042 ms
64 bytes from container1-hostname (172.17.0.2): icmp_seq=2 ttl=64 time=0.042 ms
64 bytes from container1-hostname (172.17.0.2): icmp_seq=3 ttl=64 time=0.038 ms
^C
--- container1-hostname ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2067ms
rtt min/avg/max/mdev = 0.038/0.040/0.042/0.002 ms
bash-5.1# ping container2-hostname
ping: container2-hostname: Name does not resolve
默认的bridge不会进行容器间dns的解析
bash-5.1# hostname
container1-hostname
bash-5.1# ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.046 ms
64 bytes from 172.17.0.1: icmp_seq=2 ttl=64 time=0.088 ms
64 bytes from 172.17.0.1: icmp_seq=3 ttl=64 time=0.092 ms
^C
--- 172.17.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2072ms
rtt min/avg/max/mdev = 0.046/0.075/0.092/0.020 ms
bash-5.1# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.051 ms
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1053ms
rtt min/avg/max/mdev = 0.019/0.035/0.051/0.016 ms
bash-5.1# ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.137 ms
^C
--- 172.17.0.3 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1007ms
rtt min/avg/max/mdev = 0.055/0.096/0.137/0.041 ms
容器间dns解析
[root@master2 yum.repos.d]# docker network create -d bridge my-bridge
8cbcb7739cc259b492600999ca6348ccfe303b0fb14be03882091bf0fb0a7ff7
[root@master2 yum.repos.d]# docker network ls
NETWORK ID NAME DRIVER SCOPE
b7e1000e3e6a bridge bridge local
8217a61c1df6 host host local
8cbcb7739cc2 my-bridge bridge local
df29815ea273 none null local
[root@master2 yum.repos.d]# docker network inspect my-bridge
[
{
"Name": "my-bridge",
"Id": "8cbcb7739cc259b492600999ca6348ccfe303b0fb14be03882091bf0fb0a7ff7",
"Created": "2025-02-16T22:56:59.364059661+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@master2 yum.repos.d]# ip addr
8: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:23:f3:0b:60 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:23ff:fef3:b60/64 scope link
valid_lft forever preferred_lft forever
10: veth572b123@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 1e:14:06:8c:38:d4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1c14:6ff:fe8c:38d4/64 scope link
valid_lft forever preferred_lft forever
12: veth1d122c9@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether aa:dd:90:bf:b5:b6 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::a8dd:90ff:febf:b5b6/64 scope link
valid_lft forever preferred_lft forever
13: br-8cbcb7739cc2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:74:d0:41:e6 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-8cbcb7739cc2
valid_lft forever preferred_lft forever
出现新接口 br-8cbcb7739cc2
8cbcb7739cc2为docker network ls时的网络id
创建新容器指定网络
docker run -d --name container-1 --hostname container-1-hostname --network=my-bridge registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool
[root@master2 yum.repos.d]# ip address
8: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:23:f3:0b:60 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:23ff:fef3:b60/64 scope link
valid_lft forever preferred_lft forever
10: veth572b123@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 1e:14:06:8c:38:d4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1c14:6ff:fe8c:38d4/64 scope link
valid_lft forever preferred_lft forever
12: veth1d122c9@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether aa:dd:90:bf:b5:b6 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::a8dd:90ff:febf:b5b6/64 scope link
valid_lft forever preferred_lft forever
13: br-8cbcb7739cc2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:74:d0:41:e6 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-8cbcb7739cc2
valid_lft forever preferred_lft forever
inet6 fe80::42:74ff:fed0:41e6/64 scope link
valid_lft forever preferred_lft forever
15: veth86864b2@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-8cbcb7739cc2 state UP group default
link/ether 4a:78:00:24:b4:d6 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::4878:ff:fe24:b4d6/64 scope link
valid_lft forever preferred_lft forever
veth86864b2@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-8cbcb7739cc2
再创建1个容器
docker run -d --name container-2 --hostname container-2-hostname --network=my-bridge registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool
[root@master2 yum.repos.d]# docker exec -it container-1 bash
bash-5.1# ping container-2
PING container-2 (172.18.0.3) 56(84) bytes of data.
64 bytes from container-2.my-bridge (172.18.0.3): icmp_seq=1 ttl=64 time=0.117 ms
64 bytes from container-2.my-bridge (172.18.0.3): icmp_seq=2 ttl=64 time=0.111 ms
64 bytes from container-2.my-bridge (172.18.0.3): icmp_seq=3 ttl=64 time=0.118 ms
不指定hostname
docker run -d --name container-3 --network=my-bridge registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool
[root@master2 yum.repos.d]# docker exec -it container-3 bash
bash-5.1# hostname
ddd352edabe2
bash-5.1# hostname
container-1-hostname
bash-5.1# ping -c3 container-3
PING container-3 (172.18.0.4) 56(84) bytes of data.
64 bytes from container-3.my-bridge (172.18.0.4): icmp_seq=1 ttl=64 time=0.050 ms
64 bytes from container-3.my-bridge (172.18.0.4): icmp_seq=2 ttl=64 time=0.143 ms
64 bytes from container-3.my-bridge (172.18.0.4): icmp_seq=3 ttl=64 time=0.120 ms
--- container-3 ping statistics ---
- docker 默认创建的bridge网络不可删除
[root@master2 yum.repos.d]# docker network rm bridge
Error response from daemon: bridge is a pre-defined network and cannot be removed
- host网络不可自定义,只能有1个,而且是默认的
[root@master2 yum.repos.d]# docker network create -d host myhost
Error response from daemon: only one instance of "host" network is allowed
docker network inspect host
[
{
"Name": "host",
"Id": "8217a61c1df649991a05a60ee4a0b1f6222467a20a7fc30bf83b27a8c06c599f",
"Created": "2025-02-16T22:05:17.721228773+08:00",
"Scope": "local",
"Driver": "host",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": null
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
docker run -d --name container-44 --network host -p 8080:80 -d registry.cn-beijing.aliyuncs.com/hkui_dev/network-multitool
WARNING: Published ports are discarded when using host network mode
37c6dc2199263e1908f78850297a93cc19243b366c83e5aafcdad2f2bb3ac4ef
curl localhost
容器成为宿主的一个应用了(linux 下)
此时去查看 ip addr 并没有新增接口
进入 container-44 执行ip address 看到的和宿主机一致
网络模式对比
| 默认Bridge | 自定义Bridge | Host | None | |
|---|---|---|---|---|
| 优点 | 默认加入 | 自动dns隔离 | 网络性能佳 | 隔离 |
| 缺点 | 无自动dns | NAT | 安全问题,仅linux | 不能连网 |
| 场景 | 不建议 | 单宿主多容器 | 单容器多端口 | 备份等一次性操作 |
- 默认Bridge:只建议在学习时使用
- 自定义bridge:不同的自定义网络,有很好的隔离性,容器里的数据要出来,要进行地址转换(NAT),会消耗cpu
- Host:无自己的ip地址
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· winform 绘制太阳,地球,月球 运作规律
· AI与.NET技术实操系列(五):向量存储与相似性搜索在 .NET 中的实现
· 超详细:普通电脑也行Windows部署deepseek R1训练数据并当服务器共享给他人
· 上周热点回顾(3.3-3.9)
· AI 智能体引爆开源社区「GitHub 热点速览」