Docker && 网络操作指南
3- Docker网络操作指南
Docker的网络一共分为四种模式
- 封闭模式网络容器空间 Closed Container 解释:孤独的岛,不存在任何网络连接,只有一个lo
- 桥接模式网络容器空间 Bridged Container 解释:桥接模式,创建两个虚拟网络设备,一个在容器中,一个在Docker桥上
- 联盟模式网络容器空间 Joined_A Container and Joined_B Container 解释:Joined_A Container容器有自己的网络名称空间,在创建Joined_B Container的容器后共享Joined_A Container容器的网络名称空间,Joined_A Container容器和Joined_B Container容器的进程通过本地lo进行通信。
- 联盟模式的升级版网络容器空间 Open Container 解释:当创建一个容器后,把网络名称空间与Docker宿主机的网络进行共享
3-1 封闭模式网络容器空间 Closed Container
3-1-1 创建封闭模式网络容器空间
# docker run --name liuqi_busybox_close-network -it -h liuqi-docker-01 --network none --rm busybox:latest
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # hostname
liuqi-docker-01
3-1-2 自定义修改Docker默认容器中的IP地址网段
# vim /etc/docker/daemon.json { "registry-mirrors": ["https://registry.docker-cn.com"], "bip" : "192.168.254.1/24" } # systemctl restart docker.service # docker run --name liuqi-03 -it --rm busybox:latest / # ifconfig eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:FE:02 inet addr:192.168.254.2 Bcast:192.168.254.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:508 (508.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
3-2 桥接模式网络容器空间 Bridged Container
3-2-1 创建bridge网桥模式的Docker容器
# docker run --name liuqi_busybox_close-network -it -h liuqi-docker-01 --network bridge --dns 114.114.114.114 --rm busybox:latest
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1156 (1.1 KiB) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # cat /etc/resolv.conf
nameserver 114.114.114.114
3-2-2 创建自定义Docker网桥,让容器加入到这个自定义网桥中使用
# docker network create -d bridge --subnet "192.168.110.0/24" --gateway "192.168.110.1" liuqi-bridge-0
02180f0c95708288bd037da787e9706c816aaf21019b43d24fb9f884e3e69d02
[root@master-01 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
f2eca7e22541 bridge bridge local
9c62a6e086fc host host local
02180f0c9570 liuqi-bridge-0 bridge local
5fb4a5e690eb none null local
[root@master-01 ~]# ifconfig | grep br
br-02180f0c9570: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.110.1 netmask 255.255.255.0 broadcast 192.168.110.255
inet 192.168.254.1 netmask 255.255.255.0 broadcast 192.168.254.255
inet 192.168.0.71 netmask 255.255.255.0 broadcast 192.168.0.255
# docker run --name liuqi-01 --network liuqi-bridge-0 -it --rm busybox:latest
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:6E:02
inet addr:192.168.110.2 Bcast:192.168.110.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:508 (508.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # ping www.baidu.com
PING www.baidu.com (61.135.169.121): 56 data bytes
64 bytes from 61.135.169.121: seq=0 ttl=55 time=3.922 ms
64 bytes from 61.135.169.121: seq=1 ttl=55 time=4.291 ms
3-3 联盟模式网络容器空间 Joined_A Container and Joined_B Container
注意:只是网络共享,两个容器的文件系统还是隔离的
# docker run --name liuqi-01 -it --rm busybox:latest
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1016 (1016.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # mkdir /liuqi/liuqi-01 -p
/ # ls
bin dev etc home liuqi proc root sys tmp usr var
# docker run --name liuqi-02 -it --rm --network container:liuqi-01 busybox:latest
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1296 (1.2 KiB) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # ls
bin dev etc home proc root sys tmp usr var
3-4 联盟模式的升级版网络容器空间 Open Container
这种网络容器名称空间模式需要先熟悉overlay隧道叠加网络模式,因时间的关系,后期我会持续更新此知识点...
