docker网络

0、路由器

家庭局域网里:
192.168.0.1        0.1一般都是路由器ip
192.168.0.2        0.2或0.3是手机ip
这两个ip在同一个网段,都在192.168网段,可以互相ping。


1、服务器开机
ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.106  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::2ecd:bc25:b2cf:8ef2  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:ac:e2:8f  txqueuelen 1000  (Ethernet)
        RX packets 114  bytes 13572 (13.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 115  bytes 15020 (14.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


2、开启docker守护进程
systemctl start docker
ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500  
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255  docker0 ----> 172.17.0.1 ---->docker网关
        ether 02:42:80:38:9f:d0  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.106  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::2ecd:bc25:b2cf:8ef2  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:ac:e2:8f  txqueuelen 1000  (Ethernet)
        RX packets 210  bytes 21852 (21.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 174  bytes 22156 (21.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


3、启动一个容器        
docker run -d tomcat:jdk8
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:ac:e2:8f brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.106/24 brd 192.168.0.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::2ecd:bc25:b2cf:8ef2/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:69:7a:b3:0c brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:69ff:fe7a:b30c/64 scope link
       valid_lft forever preferred_lft forever
9: veth3a9a596@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default  
    link/ether b2:05:0b:05:51:12 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::b005:bff:fe05:5112/64 scope link
       valid_lft forever preferred_lft forever
每添加一个容器,宿主机多出一个容器网卡,比如 veth3a9a596@if8


4、容器内执行ip addr
docker exec -it 5ef7ccd3e8be ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever


上面的情况用图片表示

docker0是网关,每次生成一个新docker容器,docker0会使用veth-pair和新容器连接。容器和容器之间通信也要通过docker0作为中介。
因此容器 ping docker0,容器 ping 容器都没有问题。
docker exec -it 2f1ed7adf253 ping 172.17.0.1 --> OK

linux网卡和docker0是直接连接着的。
linux主机 ping docker0 172.17.0.1 --> ping 172.17.0.1  --> OK
linux主机 ping docker容器 172.17.0.2 --> ping 172.17.0.2  --> OK
docker容器 ping linux主机 --> docker exec -it 2f1ed7adf253 ping 192.168.0.106 --> OK


使用容器名称连接

上面都是通过ip连接的,这里使用容器name连接

1、--link
docker run -d --name tomcat01 tomcat:jdk8
docker run -d --name tomcat02 --link tomcat01 tomcat:jdk8
docker exec -it 5e94d5e0a99c ping tomcat01   // OK;5e94d5e0a99c 是tomcat02的id,这行的意思是tomcat01 ping tomcat02

查看tomcat02的hosts文件,--link做的事情就是修改了hosts文件
172.17.0.2    tomcat01 dda5e23bab7f

 2、直接通过容器名称连接

使用自定义网络,我们一般不使用docker0

docker network --help
docker network create --help
docker network ls
docker network inspect fbfe37d6730e

docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet    // 自定义网络
docker network ls  // 查看docker网络
docker run -d --name tomcat01 --net mynet tomcat:jdk8  // 启动容器
docker run -d --name tomcat02 --net mynet tomcat:jdk8  // 启动容器
docker exec -it 8e1b496cd7c2 ping tomcat01  // 容器2 ping 容器1


网络连通

左右两边是不同的网段,不同的局域网,无法直接连接。
连接方法
docker network connect mynet tomcat01
此命令把tomcat1加到了mynet路由器中,tomcat01这一个容器有了两个ip,公网ip私网ip。

 

posted @ 2020-05-30 18:08  zhuangrunwei  阅读(169)  评论(0编辑  收藏  举报