docker网络讲解_04
一、docker网络配置
1.1、docker创建随机端口访问外网
[root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nulige/my_nginx v2 2a506435e91e 2 hours ago 796 MB docker.io/nulige/my_nginx latest b73ba52bdac7 2 hours ago 796 MB docker.io/nulige/nginx latest b73ba52bdac7 2 hours ago 796 MB nulige/my_nginx latest b73ba52bdac7 2 hours ago 796 MB nulige/my_nginx v1 b73ba52bdac7 2 hours ago 796 MB docker.io/nginx latest cd5239a0906a 11 days ago 109 MB docker.io/centos latest 49f7960eb7e4 11 days ago 200 MB [root@docker ~]# docker run -d --name my_nginx -P nginx eb1227829aa13c1561b092346eb13948a30bebfdf0abda5a4d2986d366f01215 #再复制一个ssh窗口打开 [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES eb1227829aa1 nginx "nginx -g 'daemon ..." 13 seconds ago Up 12 seconds 0.0.0.0:32768->80/tcp my_nginx
#访问nginx,注意端口号:32768
#查看访问日志
[root@docker ~]# docker logs -f my_nginx 192.168.0.7 - - [16/Jun/2018:20:19:15 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36" "-" 2018/06/16 20:19:15 [error] 7#7: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 192.168.0.7, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "192.168.0.26:32768", referrer: "http://192.168.0.26:32768/" 192.168.0.7 - - [16/Jun/2018:20:19:15 +0000] "GET /favicon.ico HTTP/1.1" 404 571 "http://192.168.0.26:32768/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36" "-"
1.2、指定端口映射,访问外部网络
[root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nulige/my_nginx v2 2a506435e91e 2 hours ago 796 MB docker.io/nulige/nginx latest b73ba52bdac7 2 hours ago 796 MB nulige/my_nginx latest b73ba52bdac7 2 hours ago 796 MB nulige/my_nginx v1 b73ba52bdac7 2 hours ago 796 MB docker.io/nulige/my_nginx latest b73ba52bdac7 2 hours ago 796 MB docker.io/nginx latest cd5239a0906a 11 days ago 109 MB docker.io/centos latest 49f7960eb7e4 11 days ago 200 MB #映射80网络 [root@docker ~]# docker run -d --name my_nginx -p 80:80 nginx e1b5d7d0374bbc52313405be3a96e245e15325e9f0fa4455d477c92dedb6cf7d #查看所有docker [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e1b5d7d0374b nginx "nginx -g 'daemon ..." 7 seconds ago Up 6 seconds 0.0.0.0:80->80/tcp my_nginx
#访问nginx
1.3、绑定本机访问,访问外部端口
[root@docker ~]# docker run -d --name my_nginx -p 127.0.0.1:80:80 nginx 6f9e5ceb35122b4fbce0a5726c991b020ca2bef4c9fbb0524cc5c471aebbfd7b [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6f9e5ceb3512 nginx "nginx -g 'daemon ..." 14 seconds ago Up 14 seconds 127.0.0.1:80->80/tcp my_nginx
#访问nginx
[root@docker ~]# curl 127.0.0.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
1.4、绑定127.0.0.1 创建随机端口
[root@docker ~]# docker run -d --name my_nginx -p 127.0.0.1::80 nginx d1eb77c70c220d25612be97f5c8eb939f8aa2733e056e85bd6a6aed68b3cf30b [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d1eb77c70c22 nginx "nginx -g 'daemon ..." 5 seconds ago Up 3 seconds 127.0.0.1:32768->80/tcp my_nginx #访问 curl 127.0.0.1:32768
二、创建多个web
2.1、删除 docker 容器
[root@docker ~]# docker rm -f 0dfacb75d49c 0dfacb75d49c
2.2、创建web1
[root@docker ~]# docker run -d --name web1 -p 80:80 nginx 787ef1c1ff44ff0b92fff769d06109383fde17d50a2c6755b4c0ce2b56f4f63b [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 787ef1c1ff44 nginx "nginx -g 'daemon ..." 4 seconds ago Up 3 seconds 0.0.0.0:80->80/tcp web1
2.3、创建web2
[root@docker ~]# docker run -d --name web2 --link web1 -p 8080:80 nginx e879d312daf2d3690c9bee5c8354352157fbb78c00f2c210c48d6eeedc4aff44 [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e879d312daf2 nginx "nginx -g 'daemon ..." 6 seconds ago Up 6 seconds 0.0.0.0:8080->80/tcp web2 787ef1c1ff44 nginx "nginx -g 'daemon ..." 3 minutes ago Up 3 minutes 0.0.0.0:80->80/tcp web1
#进入容器
[root@docker ~]# docker exec -it web2 sh # ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
#查看容器ip
[root@docker ~]# docker inspect web1
[
{
"Id": "787ef1c1ff44ff0b92fff769d06109383fde17d50a2c6755b4c0ce2b56f4f63b",
"Created": "2018-06-16T20:57:40.438663212Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 16914,
"ExitCode": 0,
"Error": "",
"StartedAt": "2018-06-16T20:57:41.358316425Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:cd5239a0906a6ccf0562354852fae04bc5b52d72a2aff9a871ddb6bd57553569",
"ResolvConfPath": "/var/lib/docker/containers/787ef1c1ff44ff0b92fff769d06109383fde17d50a2c6755b4c0ce2b56f4f63b/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/787ef1c1ff44ff0b92fff769d06109383fde17d50a2c6755b4c0ce2b56f4f63b/hostname",
"HostsPath": "/var/lib/docker/containers/787ef1c1ff44ff0b92fff769d06109383fde17d50a2c6755b4c0ce2b56f4f63b/hosts",
"LogPath": "",
"Name": "/web1",
"RestartCount": 0,
"Driver": "overlay2",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "journald",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "80"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "docker-runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": -1,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0
},
"GraphDriver": {
"Name": "overlay2",
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6994bc41689d3e15c1040c99b1b62511cd1027a56ad9c00f95e1664a64a6f06a-init/diff:/var/lib/docker/overlay2/deadbfd62bdbb03300c78f296361e6fdde8bf413af3d476530a4667c84ef3440/diff:/var/lib/docker/overlay2/b42c2ba06e0bce97631f8b9963dff72236f4802b67509622436e1137fbd7d207/diff:/var/lib/docker/overlay2/a60c77ca0d6aadec37756f00c60be7dc6805bb2b2600f91cfc1694026cca0d6a/diff",
"MergedDir": "/var/lib/docker/overlay2/6994bc41689d3e15c1040c99b1b62511cd1027a56ad9c00f95e1664a64a6f06a/merged",
"UpperDir": "/var/lib/docker/overlay2/6994bc41689d3e15c1040c99b1b62511cd1027a56ad9c00f95e1664a64a6f06a/diff",
"WorkDir": "/var/lib/docker/overlay2/6994bc41689d3e15c1040c99b1b62511cd1027a56ad9c00f95e1664a64a6f06a/work"
}
},
"Mounts": [],
"Config": {
"Hostname": "787ef1c1ff44",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.15.0-1~stretch",
"NJS_VERSION=1.15.0.0.2.1-1~stretch"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"ArgsEscaped": true,
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "ebd285181c0059d8ffaac8d7c54930425980366ecd6cfa15cb4f07db7a2fef0c",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "80"
}
]
},
"SandboxKey": "/var/run/docker/netns/ebd285181c00",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "90b24136fb6b7c90ad7f8515c5057e3ad096f1603b38dbeb4baaa629efbe3fc6",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "a7e1f14866e804866e8424c041f96e2361daf55cc70307c8523082c60227e461",
"EndpointID": "90b24136fb6b7c90ad7f8515c5057e3ad096f1603b38dbeb4baaa629efbe3fc6",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
}
}
]
2.4、通过别名,启docker容器
#--link web01:shop_web 这就是别名
[root@docker ~]# docker run -d --name web2 --link web1:shop_web -p 8080:80 nginx
213fcf70e3c2aa47fa73afa062e35338e53ad39644e0b5414b6aa75982c5b452
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
213fcf70e3c2 nginx "nginx -g 'daemon ..." 4 seconds ago Up 2 seconds 0.0.0.0:8080->80/tcp web2
787ef1c1ff44 nginx "nginx -g 'daemon ..." 13 minutes ago Up 13 minutes 0.0.0.0:80->80/tcp web1
#进入容器中
[root@docker ~]# docker exec -it web2 sh
# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 shop_web 787ef1c1ff44 web1 #shop_web这就是别名
172.17.0.3 213fcf70e3c2
#
2.5、docker 网络讲解
sandbox : 沙箱
cnm endpoint: 具于网桥和vlan,访问物理网络
network: 可以直接互通的端点
null driver: 需要配置,才能访问,无法直接访问。
网络分为三种:
bridge:默认网络模式
host: 宿主网络模式
none: 无网络模式
自定义网络模式:由于之前介绍的3种自带的网络模式有各自的局限性,因此,docker推荐大家自定义网络。通过自定义网络,我们可以实现“服务发现”与“DNS解析”。
docker 允许我们创建3种类型的自定义网络,bridge,overlay,MACVLAN 。
更多详情参考:
https://www.cnblogs.com/atuotuo/p/6926390.html
https://docs.docker.com/engine/reference/commandline/network/#description
#以直接删除的方式启动,docker容器,网络模式为:host
#网络方式,以host的方式,会提示端口占用。
[root@docker ~]# docker run -it --rm --net=host nginx 2018/06/16 21:38:16 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) 2018/06/16 21:38:16 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) 2018/06/16 21:38:16 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) 2018/06/16 21:38:16 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) ^C2018/06/16 21:38:16 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) 2018/06/16 21:38:16 [emerg] 1#1: still could not bind() nginx: [emerg] still could not bind()
#以直接删除的方式启动,docker容器,网络模式为:none
#获取镜像
[root@docker ~]# docker pull alpine
Using default tag: latest
Trying to pull repository docker.io/library/alpine ...
latest: Pulling from docker.io/library/alpine
ff3a5c916c92: Pull complete
Digest: sha256:e1871801d30885a610511c867de0d6baca7ed4e6a2573d506bbec7fd3b03873f
Status: Downloaded newer image for docker.io/alpine:latest
#网络模式none,无法直接通信
[root@docker ~]# docker run -it --rm --net=none alpine sh
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # exit
