09 : docker 4种网络类型
重启docker服务,容器全部退出的解决方法(建议使用第一种)
1: docker run --restart=always (起容器的时候,指定这个参数--restart=always)
2:添加:"live-restore": true (重启或者stop docker,容器也会活着)
[root@k8s129 ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://aeckruos.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.6.129:5000"],
"live-restore": true
}
[root@k8s129 ~]# systemctl restart docker
---docker 网络----------------------
docker 网络类型
1:None: 不为容器配置任何网络功能。 --net=none (--network none)
[root@k8s129 ~]# docker run -it --net=none busybox:latest
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
/ #没有IP。
2 : Container:与另一个运行中高端容器共享Network Namespace (容器IP地址一样)
#起一个容器
[root@k8s129 ~]# docker run -d nginx:latest
[root@k8s129 ~]# docker inspect e7255499b1a1 |grep -C 8 "bridge"
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "a263bfd0c6e2fc545cf21d56a5de88f2db8cdb4231a003cd127946b00d47e754",
"EndpointID": "190ff5511a09cb921a7fd9db50f4d69684a97833b27e3a79ed7b7cb3cde20616",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
# 再起一个容器,指定网络类型是:--net=container (--network container)
[root@k8s129 ~]# docker run -it --net=container:e7255499b1a1 centos:latest
[root@e7255499b1a1 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@e7255499b1a1 /]#
#细心的你一定发现了,这个容器的IP地址居然和刚才nginx的容器IP地址一样
#这个时候80端口是被nginx的容器占用的,centos这个容器是不能再使用80端口了(如果刚才我们的centos镜像也使用80端口了,
就会发现这个容器通过container网络方式,容器是起不来的,会一直报错端口已经被使用)
#这个就是container类型
3: Host: 与主机共享Network Namespace。--net=host(--network host)
[root@k8s129 ~]# docker run -it --net=host centos:latest
[root@k8s129 /]# hostname #其实这个时候我们已经在容器里面了,只不过他和宿主机的名字一样
k8s129
[root@k8s129 /]# ip a #看到的都是宿主机的
#这个时候公用的是宿主机的网络,网速几乎和宿主机一模一样。容器占用的端口,宿主机是不能再开启的。
4: Bridge:docker设置的NAT网络模型(docker run 容器起来的时候,默认就是桥接)
#容器起来后,会自动桥接到宿主机的莫一块网卡上面(笔者这里是docker0)
[root@k8s129 ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:88ff:fe64:d76f prefixlen 64 scopeid 0x20<link>
ether 02:42:88:64:d7:6f txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 656 (656.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.6.129 netmask 255.255.255.0 broadcast 192.168.6.255
inet6 fe80::fe3a:febc:334a:8d2c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:7d:76:a8 txqueuelen 1000 (Ethernet)