docker命令之link
1.新建两台容器,第二台(busybox_2)link到第一台(busybox_1)
[root@localhost ~]# docker run -d -it --name busybox_1 busybox /bin/sh -c "while true;do sleep 3600;done"
8240c9aa04e3b5653c6747ae13a4e4478eb8e62060e4c8644492dbbf5c71c734
[root@localhost ~]# docker run -d -it --name busybox_2 --link busybox_1 busybox /bin/sh -c "while true;do sleep 3600;done"
9131353a28de9c0816121f0960644275d789e4dfe136a00cff6b0d9850b35c7e
2.获取两台容器的IP地址
[root@localhost ~]# docker exec -it busybox_1 ip a|grep 172
inet 172.17.0.2/16 scope global eth0
[root@localhost ~]# docker exec -it busybox_2 ip a|grep 172
inet 172.17.0.3/16 scope global eth0
3.分别在两台容器上通过ip和容器名称ping另一台容器,注意查看结果
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.079 ms
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 buxybox_2
ping: bad address 'buxybox_2'
[root@localhost ~]# docker exec -it busybox_2 ping -c 1 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.089 ms
[root@localhost ~]# docker exec -it busybox_2 ping -c 1 busybox_1
PING busybox_1 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.088 ms
4.删除被link的容器,查看结果
[root@localhost ~]# docker rm -f busybox_1
busybox_1
[root@localhost ~]# docker exec -it busybox_2 ping busybox_1
Error response from daemon: Cannot link to a non running container: /busybox_1 AS /busybox_2/busybox_1
[root@localhost ~]# docker run -d -it --name busybox_1 busybox /bin/sh -c "while true;do sleep 3600;done"
74088ba7c2f9db67a607185d9a0b2157098036c1a2ca7b200c41ec04685f1210
[root@localhost ~]# docker exec -it busybox_2 ip a
Error response from daemon: Cannot link to a non running container: /busybox_1 AS /busybox_2/busybox_1
5.查看当前docker 可使用网络
[root@localhost ~]# docker network ls #如果容器没有显示指定使用的网络,默认使用bridge
NETWORK ID NAME DRIVER SCOPE
fa30a4d17b5b bridge bridge local
a03aaca35833 host host local
d85c50eb947c none null local
6.手动创建一个docker网络
[root@localhost ~]# docker network create -d bridge my_bridge #-d 指定类型 my_bridge为名称
652b4f64a3bc7691e8b65a8a7508e83e7585cde9d698438bc971a3c63bd6d62d
7.验证是否创建成功
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
fa30a4d17b5b bridge bridge local
a03aaca35833 host host local
652b4f64a3bc my_bridge bridge local
d85c50eb947c none null local
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
br-652b4f64a3bc 8000.0242a1ad4372 no #652...即my_bridge的ID,当前没有被连接
docker0 8000.024223c091f9 no veth54f7336
veth7ca4b55
8.新建一个容器,使用我们刚刚新建的my_bridge网络
[root@localhost ~]# docker run -d -it --name busybox_3 --network my_bridge busybox /bin/sh -c "while true;do sleep 3600;done"
749b800c24708539fefbc462bbf4463fde5cdbd7b6e8787383e586342fc2977b #使用 --network指定网络
9.验证刚刚的操作
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
br-652b4f64a3bc 8000.0242a1ad4372 no veth72d2357
docker0 8000.024223c091f9 no veth54f7336
veth7ca4b55
[root@localhost ~]# docker network inspect my_bridge
......
"Containers": {
"749b800c24708539fefbc462bbf4463fde5cdbd7b6e8787383e586342fc2977b": {
"Name": "busybox_3", #名称
"EndpointID": "22aac7ec5076908c40ebc8175bd307b6174b94f709240743d36540fe90220c1b",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16", #IP地址,发现其网段为18,与之前创建的容器网段不同
"IPv6Address": ""
}
},
......
10.将已存在的容器加入my_bridge网络并验证
[root@localhost ~]# docker network connect my_bridge busybox_2
[root@localhost ~]# docker network inspect my_bridge
......
"Containers": {
"749b800c24708539fefbc462bbf4463fde5cdbd7b6e8787383e586342fc2977b": {
"Name": "busybox_3",
"EndpointID": "22aac7ec5076908c40ebc8175bd307b6174b94f709240743d36540fe90220c1b",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"9131353a28de9c0816121f0960644275d789e4dfe136a00cff6b0d9850b35c7e": {
"Name": "busybox_2",
"EndpointID": "e2fbd16d9a6ba1495a4e9907153e0dae619f172c70f890382b1007d0f4d7e6a6",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
......
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
br-652b4f64a3bc 8000.0242a1ad4372 no veth72d2357
veth798a93a
docker0 8000.024223c091f9 no veth54f7336
veth7ca4b55
11.基于当前的网络状态,测试各容器之间的网络通信状态,主要观察结果
当前的容器名称及IP为:
name:busybox_1 IP:172.17.0.2/16(bridge)
name:busybox_2 IP:172.17.0.3/16(bridge) 172.18.0.3/16(my_bridge)
name:busybox_3 IP:172.18.0.2/16(my_bridge)
在busybox_1上:
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 172.17.0.3
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 172.18.0.3
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 172.18.0.2
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 busybox_2
[root@localhost ~]# docker exec -it busybox_1 ping -c 1 busybox_3
在busybox_2上:
[root@localhost ~]# docker exec -it busybox_2 ping -c 1 172.17.0.2
[root@localhost ~]# docker exec -it busybox_2 ping -c 1 172.18.0.2
[root@localhost ~]# docker exec -it busybox_2 ping -c 1 busybox_1
[root@localhost ~]# docker exec -it busybox_2 ping -c 1 busybox_3
在busybox_3上:
[root@localhost ~]# docker exec -it busybox_3 ping -c 1 172.17.0.2
[root@localhost ~]# docker exec -it busybox_3 ping -c 1 172.17.0.3
[root@localhost ~]# docker exec -it busybox_3 ping -c 1 172.18.0.3
[root@localhost ~]# docker exec -it busybox_3 ping -c 1 busybox_1
[root@localhost ~]# docker exec -it busybox_3 ping -c 1 busybox_2
12.新建一个容器,使用my_bridge网络
[root@localhost ~]# docker run -d -it --name busybox_4 --network my_bridge busybox /bin/sh -c "while true;do sleep 3600;done"
c831ad0d4f25ab7b8d44904ea9cb9c1cff3ddb842043b070dbabe8be1df38d75
13.测试最后新建容器与其他容器的网络通信
[root@localhost ~]# docker exec -it busybox_4 ping -c 1 172.18.0.1
[root@localhost ~]# docker exec -it busybox_4 ping -c 1 172.18.0.2
[root@localhost ~]# docker exec -it busybox_4 ping -c 1 172.18.0.3
[root@localhost ~]# docker exec -it busybox_4 ping -c 1 busybox_1
[root@localhost ~]# docker exec -it busybox_4 ping -c 1 busybox_2
[root@localhost ~]# docker exec -it busybox_4 ping -c 1 busybox_3
总结:
1.当我们新建容器时,如果没有显示指定其使用的网络,那么默认会使用bridge网络
2.当一个容器link到另一个容器时,该容器可以通过IP或容器名称访问被link的容器,而被link容器可以通过IP访问该容器,但是无法通过容器名称访问
3.当被link的容器被删除时,创建link的容器也无法正常使用
4.如果两个容器被加入到我们手动创建的网络时,那么该网络内的容器相互直接可以通过IP和名称同时访问。
"一劳永逸" 的话,有是有的,而 "一劳永逸" 的事却极少