Docker 两个不同网络间实现连通
一、启动不同网络的容器
1、启动两个bridge(自带默认)桥接的容器
[root@yang ~]# docker run -it --name tomcat1 tomcat
[root@yang ~]# docker run -it --name tomcat2 tomcat
# 查看容器
[root@yang ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fcdd4c02da9c tomcat "catalina.sh run" 2 days ago Up 2 days 8080/tcp tomcat2 346962a1d73b tomcat "catalina.sh run" 3 days ago Up 2 days 8080/tcp tomcat1
2.启动两个mynet(自定义)桥接的容器
[root@yang ~]# docker run -it --name tomcat-net-01 --net mynet tomcat
[root@yang ~]# docker run -it --name tomcat-net-02 --net mynet tomcat
# 查看容器
[root@yang ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8685e41a5962 tomcat "catalina.sh run" 2 days ago Up 2 days 8080/tcp tomcat-net-02 25e1b7c89af4 tomcat "catalina.sh run" 2 days ago Up 2 days 8080/tcp tomcat-net-01
二、目前两个容器连通性
示例图:
测试:
[root@yang ~]# docker exec -it tomcat01 ping tomcat-net-01
ping: tomcat-net-01: Temporary failure in name resolution
以上,明显提示ping不通,直接报错,因为这本来就是不可能连通的!
三、两个不同网络,容器间互通
1.查看操作语法
[root@yang ~]# docker network connect --help Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
2.实际操作指令
[root@yang ~]# docker network connect mynet tomcat1
3.测试两者间是否互通
# tomcat1 ping tomcat-net-01可以ping通!
[root@yang ~]# docker exec -it tomcat1 ping tomcat-net-01 PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data. 64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.209 ms 64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.108 ms
# tomcat1 ping tomcat-net-02 也可以ping通!
[root@yang ~]# docker exec -it tomcat1 ping tomcat-net-02 PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data. 64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.184 ms 64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.275 ms
# tomcat2 ping tomcat-net-02 ping不通(因为没有开通tomcat2到mynet网桥中)!
[root@yang ~]# docker exec -it tomcat2 ping tomcat-net-02 ping: tomcat-net-02: Temporary failure in name resolution
4.查看mynet内发生变化
[root@yang ~]# docker network inspect mynet [ { "Name": "mynet", "Id": "68bb4c7c3f1c6808ab2ce49a966e11440f560b89080b6a20f9c9b715d690519b", "Created": "2021-01-29T16:10:07.565642609+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "192.168.0.0/16", "Gateway": "192.168.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "25e1b7c89af4744e9a7df48373886dc8f906c2e35dca2e644bf8deb81a6853db": { "Name": "tomcat-net-01", "EndpointID": "3e2a2d4e4807c4c7058f248720e653ffdb094238a6c34df403d501cf68fa559b", "MacAddress": "02:42:c0:a8:00:02", "IPv4Address": "192.168.0.2/16", "IPv6Address": "" }, "346962a1d73badd263d10d76578ece0e6c2b33e1db08b264fb1fc66affd4a34a": { "Name": "tomcat1", "EndpointID": "d6eb17193d981338f7a1a178ace1751c9b8a6623a389072f71142deb41bddfb5", "MacAddress": "02:42:c0:a8:00:04", "IPv4Address": "192.168.0.4/16", "IPv6Address": "" }, "8685e41a59628a81c69752f9785065f5985c2165ef9ee33edc5acec1d801fa51": { "Name": "tomcat-net-02", "EndpointID": "08e234cf42025805acc2bd7ae6a2dee602090e5f1f5e66ef5b7753e5654f348d", "MacAddress": "02:42:c0:a8:00:03", "IPv4Address": "192.168.0.3/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
以上,显示mynet网桥中多出来一个tomcat1。
结论:
假如要跨网络操作别人,就需要用docker network connect 来实现连通!