Docker多网络之间的连通
不同网络空间中的容器如何连通呢?
测试
#在docker0网段下创建一个容器
[root@aliyun ~]# docker run -d -P --name tomcat-docker0 tomcat:v1
03da0a08765db6b79c139f430fdff0b7801900f22721e93f5b4c5f6272e25f13
[root@aliyun ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
03da0a08765d tomcat:v1 "catalina.sh run" 2 seconds ago Up 1 second 0.0.0.0:49161->8080/tcp tomcat-docker0
259e2bdce643 tomcat:v1 "catalina.sh run" 37 minutes ago Up 37 minutes 8080/tcp tomcat02
abed4e51eadf tomcat:v1 "catalina.sh run" 37 minutes ago Up 37 minutes 8080/tcp tomcat01
#尝试tomcat-docker0去ping另外一个网络mynet下的tomcat01
[root@aliyun ~]# docker exec -it tomcat-docker0 ping tomcat01
ping: unknown host #发现无法ping通
#使用容器id看是否能够ping通
[root@aliyun ~]# docker exec -it tomcat-docker0 ping abed4e51eadf
ping: unknown host #也无法ping通
解决方案
使用docker network conect命令
[root@aliyun ~]# docker network connect -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
我们将tomcat-docker0容器加入到mynet网路中
#将tomcat-docker0容器加入到mynet网路中
[root@aliyun ~]# docker network connect mynet tomcat-docker0
#查看mynet网络信息
[root@aliyun ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "20cbe3257eda7d0999917f8b1ac59fbd879201e5c12d431c8f4dfb63840fc2db",
"Created": "2022-04-20T16:43:47.006249722+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"03da0a08765db6b79c139f430fdff0b7801900f22721e93f5b4c5f6272e25f13": {
"Name": "tomcat-docker0", #已加入mynet
"EndpointID": "17d57e01c9f96f4fbcb48ec2ffd02f451605734a77fe1c016b60a0553eed737e",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
},
"259e2bdce64341c720a300767d0a9acaae12a085b42200384a70c670a6fdc781": {
"Name": "tomcat02",
"EndpointID": "26757361b31840d6b33eee01ea4b6d65c20c0ed4521f669eef9661a62571b044",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"abed4e51eadfbca7a3ab0288d30be47a9fead7d076016e3f646d324cda1d25ba": {
"Name": "tomcat01",
"EndpointID": "cbf2bcdbf401b057d4b29a7f64bc3462498188fe785fb8d3039d882cfdb0d11c",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
再次测试tomcat-docker0能否ping通tomcat01
[root@aliyun ~]# docker exec -it tomcat-docker0 ping tomcat01
PING tomcat01 (192.168.0.2): 56 data bytes
64 bytes from 192.168.0.2: icmp_seq=0 ttl=64 time=0.104 ms
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.084 ms
64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.091 ms
^C--- tomcat01 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.084/0.095/0.104/0.000 ms
由于都已经在同一个网络空间中,因此tomcat01、tomcat02和tomcat-docker0这三个容器都是可以互相ping通的。
此外,细心的朋友会发现,使用docker inspect tomcat-docker0会发现tomcat-docker0容器有两个IP地址(一个是docker0网络空间的,一个是mynet网络空间的)
