docker网络有哪些模式(Docker网络原理及自定义网络详细解析)
docker网络有哪些模式
Docker网络原理及自定义网络详细解析Docker在宿主机上虚拟了一个网桥,当创建并启动容器的时候,每一个容器默认都会被分配一个跟网桥网段一致的ip,网桥作为容器的网关,网桥与每一个容器联通,容器间通过网桥可以通信。由于网桥是虚拟出来的,外网无法进行寻址,也就是默认外网无法访问容器,需要在创建启动容器时把宿主机的端口与容器端口进行映射,通过宿主机IP端口访问容器。这是Docker默认的网络,它有一个弊端是只能通过IP让容器互相访问,如果想使用容器名称或容器ID互相访问需要在创建启动容器时候用link的方式修改hosts文件实现。一般使用自定义网络,自定义网络使用network创建,创建时可以指定子网网段及网关等信息,在创建并启动容器时指定使用的网络。这样在一个自定义网络里的所有容器可以直接使用容器名进行访问,如果一个容器想要访问其他网络中的容器也可以在network中进行设置,这样这个容器与目标网络的容器可以使用容器名通信。
1 默认网络docker0用vm虚拟机测试,未启动docker 系统中有两个网络(回环网络、虚拟机网络)
当启动docker服务后,宿主机多出一个网络docker0 这就是docker默认网络
# 启动docker服务 [root@localhost ~]# systemctl start docker
启动一个tomcat容器,会发现宿主机又多出一个网络
启动tomcat [root@localhost ~]# docker run -d -P --name tomcat1 tomcat
再启动一个tomcat,会发展宿主机又多出一个网络
# 启动tomcat [root@localhost ~]# docker run -d -P --name tomcat2 tomcat
测试两个tomcat网络ip是通的
# 查看tomcat的ip地址 [root@localhost ~]# docker exec -it tomcat2 ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever # 在tomcat1 ping tomcat2的ip [root@localhost ~]# docker exec -it tomcat1 ping 172.17.0.3 PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data. 64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.146 ms 64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.067 ms 64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.088 ms ^C --- 172.17.0.3 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 5ms rtt min/avg/max/mdev = 0.067/0.100/0.146/0.034 ms
在tomcat1里ping tomcat2的 容器名无法ping通
# 在tomcat1里ping tomcat2的容器名 [root@localhost ~]# docker exec -it tomcat1 ping tomcat2 ^C[root@localhost ~]#
停止tomcat1 重新创建启动tomcat 使用link 会在底层修改tomcat1 的hosts文件 实现容器名作为ip域名从而tomcat1到tomcat2的单向ping通
# 删除tomcat1 [root@localhost ~]# docker rm -f tomcat1 tomcat1 # 查看run的帮助文档 link用法 [root@localhost ~]# docker run --help Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] Run a command in a new container Options: --add-host list Add a custom host-to-IP mapping (host:ip) -a, --attach list Attach to STDIN, STDOUT or STDERR --blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) --blkio-weight-device list Block IO weight (relative device weight) (default []) --cap-add list Add Linux capabilities --cap-drop list Drop Linux capabilities --cgroup-parent string Optional parent cgroup for the container --cgroupns string Cgroup namespace to use (host|private) 'host': Run the container in the Docker host's cgroup namespace 'private': Run the container in its own private cgroup namespace '': Use the cgroup namespace as configured by the default-cgroupns-mode option on the daemon (default) --cidfile string Write the container ID to the file --cpu-period int Limit CPU CFS (Completely Fair Scheduler) period --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota --cpu-rt-period int Limit CPU real-time period in microseconds --cpu-rt-runtime int Limit CPU real-time runtime in microseconds -c, --cpu-shares int CPU shares (relative weight) --cpus decimal Number of CPUs --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) -d, --detach Run container in background and print container ID --detach-keys string Override the key sequence for detaching a container --device list Add a host device to the container --device-cgroup-rule list Add a rule to the cgroup allowed devices list --device-read-bps list Limit read rate (bytes per second) from a device (default []) --device-read-iops list Limit read rate (IO per second) from a device (default []) --device-write-bps list Limit write rate (bytes per second) to a device (default []) --device-write-iops list Limit write rate (IO per second) to a device (default []) --disable-content-trust Skip image verification (default true) --dns list Set custom DNS servers --dns-option list Set DNS options --dns-search list Set custom DNS search domains --domainname string Container NIS domain name --entrypoint string Overwrite the default ENTRYPOINT of the image -e, --env list Set environment variables --env-file list Read in a file of environment variables --expose list Expose a port or a range of ports --gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs) --group-add list Add additional groups to join --health-cmd string Command to run to check health --health-interval duration Time between running the check (ms|s|m|h) (default 0s) --health-retries int Consecutive failures needed to report unhealthy --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s) --health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s) --help Print usage -h, --hostname string Container host name --init Run an init inside the container that forwards signals and reaps processes -i, --interactive Keep STDIN open even if not attached --ip string IPv4 address (e.g., 172.30.100.104) --ip6 string IPv6 address (e.g., 2001:db8::33) --ipc string IPC mode to use --isolation string Container isolation technology --kernel-memory bytes Kernel memory limit -l, --label list Set meta data on a container --label-file list Read in a line delimited file of labels --link list Add link to another container --link-local-ip list Container IPv4/IPv6 link-local addresses --log-driver string Logging driver for the container --log-opt list Log driver options --mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33) -m, --memory bytes Memory limit --memory-reservation bytes Memory soft limit --memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap --memory-swappiness int Tune container memory swappiness (0 to 100) (default -1) --mount mount Attach a filesystem mount to the container --name string Assign a name to the container --network network Connect a container to a network --network-alias list Add network-scoped alias for the container --no-healthcheck Disable any container-specified HEALTHCHECK --oom-kill-disable Disable OOM Killer --oom-score-adj int Tune host's OOM preferences (-1000 to 1000) --pid string PID namespace to use --pids-limit int Tune container pids limit (set -1 for unlimited) --platform string Set platform if server is multi-platform capable --privileged Give extended privileges to this container -p, --publish list Publish a container's port(s) to the host -P, --publish-all Publish all exposed ports to random ports --pull string Pull image before running ("always"|"missing"|"never") (default "missing") --read-only Mount the container's root filesystem as read only --restart string Restart policy to apply when a container exits (default "no") --rm Automatically remove the container when it exits --runtime string Runtime to use for this container --security-opt list Security Options --shm-size bytes Size of /dev/shm --sig-proxy Proxy received signals to the process (default true) --stop-signal string Signal to stop a container (default "SIGTERM") --stop-timeout int Timeout (in seconds) to stop a container --storage-opt list Storage driver options for the container --sysctl map Sysctl options (default map[]) --tmpfs list Mount a tmpfs directory -t, --tty Allocate a pseudo-TTY --ulimit ulimit Ulimit options (default []) -u, --user string Username or UID (format: <name|uid>[:<group|gid>]) --userns string User namespace to use --uts string UTS namespace to use -v, --volume list Bind mount a volume --volume-driver string Optional volume driver for the container --volumes-from list Mount volumes from the specified container(s) -w, --workdir string Working directory inside the container # 启动tomcat1 link指定要访问的容器名 [root@localhost ~]# docker run -d -P --name tomcat1 --link tomcat2 tomcat f78c51961662a1d3558fc8d0d95906b902a7a042f251a60858e72bcfa62e7a08 # 测试ping [root@localhost ~]# docker exec -it tomcat1 ping tomcat2 PING tomcat2 (172.17.0.3) 56(84) bytes of data. 64 bytes from tomcat2 (172.17.0.3): icmp_seq=1 ttl=64 time=0.088 ms 64 bytes from tomcat2 (172.17.0.3): icmp_seq=2 ttl=64 time=0.071 ms 64 bytes from tomcat2 (172.17.0.3): icmp_seq=3 ttl=64 time=0.071 ms ^C --- tomcat2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 0.071/0.076/0.088/0.012 ms # 查看tomcat1的hosts已经加入了tomcat2的域名 [root@localhost ~]# docker exec -it tomcat1 cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.3 tomcat2 27766c324de6 172.17.0.2 f78c51961662 # tomcat2无法ping通tomcat1 [root@localhost ~]# docker exec -it tomcat2 ping tomcat1 ^C[root@localhost ~]#
需要用到network命令
# 查看帮助文档 [root@localhost ~]# docker network --help Usage: docker network COMMAND Manage networks Commands: connect Connect a container to a network create Create a network disconnect Disconnect a container from a network inspect Display detailed information on one or more networks ls List networks prune Remove all unused networks rm Remove one or more networks Run 'docker network COMMAND --help' for more information on a command.
列出当前的docker网络 bridge为 默认网络docker0
[root@localhost ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 9b27ff0926bf bridge bridge local 8dfa2efae677 host host local 2025b7fb1d7c none null local
创建网络mynet
[root@localhost ~]# docker network create --help Usage: docker network create [OPTIONS] NETWORK Create a network Options: --attachable Enable manual container attachment --aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[]) --config-from string The network from which to copy the configuration --config-only Create a configuration only network -d, --driver string Driver to manage the Network (default "bridge") --gateway strings IPv4 or IPv6 Gateway for the master subnet --ingress Create swarm routing-mesh network --internal Restrict external access to the network --ip-range strings Allocate container ip from a sub-range --ipam-driver string IP Address Management Driver (default "default") --ipam-opt map Set IPAM driver specific options (default map[]) --ipv6 Enable IPv6 networking --label list Set metadata on a network -o, --opt map Set driver specific options (default map[]) --scope string Control the network's scope --subnet strings Subnet in CIDR format that represents a network segment [root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet 1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672 [root@localhost ~]# docker network inspect mynet [ { "Name": "mynet", "Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672", "Created": "2021-05-13T11:21:13.494039122+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "192.168.0.0/16", "Gateway": "192.168.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": {}, "Labels": {} } ]
使用mynet创建启动两个tomcat,他们可以直接通过容器名称双向互相ping通
[root@localhost ~]# docker run --help Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] Run a command in a new container Options: --add-host list Add a custom host-to-IP mapping (host:ip) -a, --attach list Attach to STDIN, STDOUT or STDERR --blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) --blkio-weight-device list Block IO weight (relative device weight) (default []) --cap-add list Add Linux capabilities --cap-drop list Drop Linux capabilities --cgroup-parent string Optional parent cgroup for the container --cgroupns string Cgroup namespace to use (host|private) 'host': Run the container in the Docker host's cgroup namespace 'private': Run the container in its own private cgroup namespace '': Use the cgroup namespace as configured by the default-cgroupns-mode option on the daemon (default) --cidfile string Write the container ID to the file --cpu-period int Limit CPU CFS (Completely Fair Scheduler) period --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota --cpu-rt-period int Limit CPU real-time period in microseconds --cpu-rt-runtime int Limit CPU real-time runtime in microseconds -c, --cpu-shares int CPU shares (relative weight) --cpus decimal Number of CPUs --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) -d, --detach Run container in background and print container ID --detach-keys string Override the key sequence for detaching a container --device list Add a host device to the container --device-cgroup-rule list Add a rule to the cgroup allowed devices list --device-read-bps list Limit read rate (bytes per second) from a device (default []) --device-read-iops list Limit read rate (IO per second) from a device (default []) --device-write-bps list Limit write rate (bytes per second) to a device (default []) --device-write-iops list Limit write rate (IO per second) to a device (default []) --disable-content-trust Skip image verification (default true) --dns list Set custom DNS servers --dns-option list Set DNS options --dns-search list Set custom DNS search domains --domainname string Container NIS domain name --entrypoint string Overwrite the default ENTRYPOINT of the image -e, --env list Set environment variables --env-file list Read in a file of environment variables --expose list Expose a port or a range of ports --gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs) --group-add list Add additional groups to join --health-cmd string Command to run to check health --health-interval duration Time between running the check (ms|s|m|h) (default 0s) --health-retries int Consecutive failures needed to report unhealthy --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s) --health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s) --help Print usage -h, --hostname string Container host name --init Run an init inside the container that forwards signals and reaps processes -i, --interactive Keep STDIN open even if not attached --ip string IPv4 address (e.g., 172.30.100.104) --ip6 string IPv6 address (e.g., 2001:db8::33) --ipc string IPC mode to use --isolation string Container isolation technology --kernel-memory bytes Kernel memory limit -l, --label list Set meta data on a container --label-file list Read in a line delimited file of labels --link list Add link to another container --link-local-ip list Container IPv4/IPv6 link-local addresses --log-driver string Logging driver for the container --log-opt list Log driver options --mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33) -m, --memory bytes Memory limit --memory-reservation bytes Memory soft limit --memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap --memory-swappiness int Tune container memory swappiness (0 to 100) (default -1) --mount mount Attach a filesystem mount to the container --name string Assign a name to the container --network network Connect a container to a network --network-alias list Add network-scoped alias for the container --no-healthcheck Disable any container-specified HEALTHCHECK --oom-kill-disable Disable OOM Killer --oom-score-adj int Tune host's OOM preferences (-1000 to 1000) --pid string PID namespace to use --pids-limit int Tune container pids limit (set -1 for unlimited) --platform string Set platform if server is multi-platform capable --privileged Give extended privileges to this container -p, --publish list Publish a container's port(s) to the host -P, --publish-all Publish all exposed ports to random ports --pull string Pull image before running ("always"|"missing"|"never") (default "missing") --read-only Mount the container's root filesystem as read only --restart string Restart policy to apply when a container exits (default "no") --rm Automatically remove the container when it exits --runtime string Runtime to use for this container --security-opt list Security Options --shm-size bytes Size of /dev/shm --sig-proxy Proxy received signals to the process (default true) --stop-signal string Signal to stop a container (default "SIGTERM") --stop-timeout int Timeout (in seconds) to stop a container --storage-opt list Storage driver options for the container --sysctl map Sysctl options (default map[]) --tmpfs list Mount a tmpfs directory -t, --tty Allocate a pseudo-TTY --ulimit ulimit Ulimit options (default []) -u, --user string Username or UID (format: <name|uid>[:<group|gid>]) --userns string User namespace to use --uts string UTS namespace to use -v, --volume list Bind mount a volume --volume-driver string Optional volume driver for the container --volumes-from list Mount volumes from the specified container(s) -w, --workdir string Working directory inside the container [root@localhost ~]# docker run -d -P --name tomcat-n-1 --network mynet tomcat 404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a [root@localhost ~]# docker run -d -P --name tomcat-n-2 --network mynet tomcat f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f6352fb3db01 tomcat "catalina.sh run" 3 seconds ago Up 2 seconds 0.0.0.0:49159->8080/tcp, :::49159->8080/tcp tomcat-n-2 404e4e63622b tomcat "catalina.sh run" 10 seconds ago Up 9 seconds 0.0.0.0:49158->8080/tcp, :::49158->8080/tcp tomcat-n-1 f78c51961662 tomcat "catalina.sh run" 15 minutes ago Up 15 minutes 0.0.0.0:49157->8080/tcp, :::49157->8080/tcp tomcat1 27766c324de6 tomcat "catalina.sh run" 16 minutes ago Up 16 minutes 0.0.0.0:49156->8080/tcp, :::49156->8080/tcp tomcat2 [root@localhost ~]# docker exec -it tomcat-n-1 ping tomcat-n-2 PING tomcat-n-2 (192.168.0.3) 56(84) bytes of data. 64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.102 ms 64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.069 ms 64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.164 ms ^C --- tomcat-n-2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 3ms rtt min/avg/max/mdev = 0.069/0.111/0.164/0.041 ms
查看mynet网络的详细信息,包含了启动的两个tomcat容器的网络信息
[root@localhost ~]# docker network inspect mynet [ { "Name": "mynet", "Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672", "Created": "2021-05-13T11:21:13.494039122+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "192.168.0.0/16", "Gateway": "192.168.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a": { "Name": "tomcat-n-1", "EndpointID": "b9efbd78daabe9345ade2a2e55291b7646d01679516e2f0be1efd5c2d6fea6b8", "MacAddress": "02:42:c0:a8:00:02", "IPv4Address": "192.168.0.2/16", "IPv6Address": "" }, "f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f": { "Name": "tomcat-n-2", "EndpointID": "6b05a1ceff43514305bf3d0adf9e30ba8007db5ec8349d47f96ff2b216912fc0", "MacAddress": "02:42:c0:a8:00:03", "IPv4Address": "192.168.0.3/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
启动一个tomcat3使用默认网络docker0
[root@localhost ~]# docker run -d -P --name tomcat3 tomcat 90e94ac30a3c61b493d2ea38c32cf5dddb781e88c30547b609db765b15d7d1e0 [root@localhost ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 9b27ff0926bf bridge bridge local 8dfa2efae677 host host local 1abaa8e6a387 mynet bridge local 2025b7fb1d7c none null local # 查看docker0详细信息 tomcat3出现在默认网络里 [root@localhost ~]# docker network inspect 9b27ff0926bf [ { "Name": "bridge", "Id": "9b27ff0926bf22d0828ccd07d6e14eb17d96a4989f9def6f9118c099cf1ca1c6", "Created": "2021-05-13T10:51:20.244232273+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "27766c324de619b24e2ed522d8064c5a4610c8f509ff0aed8fa1719691f01bf1": { "Name": "tomcat2", "EndpointID": "de913778ce2d7478e25daca26809aa75c9093c43853d9420c70886fb16741722", "MacAddress": "02:42:ac:11:00:03", "IPv4Address": "172.17.0.3/16", "IPv6Address": "" }, "90e94ac30a3c61b493d2ea38c32cf5dddb781e88c30547b609db765b15d7d1e0": { "Name": "tomcat3", "EndpointID": "2223e522a0950b846bb7691b31f60bbd88ab3c9b8e71d601a495cce39387b8cc", "MacAddress": "02:42:ac:11:00:04", "IPv4Address": "172.17.0.4/16", "IPv6Address": "" }, "f78c51961662a1d3558fc8d0d95906b902a7a042f251a60858e72bcfa62e7a08": { "Name": "tomcat1", "EndpointID": "59299fdca5497e55dc5a94e408529cc98819b673568720c81aa1c554dff1bbe5", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", "IPv6Address": "" } }, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500" }, "Labels": {} } ]
tomcat3和mynet不在一个网络,tomcat3无法访问mynet网络里的两个tomcat,可以使用network打通tomcat3和mynetwork,实现双向互相访问(支持容器名称)。
# 查看mynet网络里容器的ip [root@localhost ~]# docker network inspect mynet [ { "Name": "mynet", "Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672", "Created": "2021-05-13T11:21:13.494039122+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "192.168.0.0/16", "Gateway": "192.168.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a": { "Name": "tomcat-n-1", "EndpointID": "b9efbd78daabe9345ade2a2e55291b7646d01679516e2f0be1efd5c2d6fea6b8", "MacAddress": "02:42:c0:a8:00:02", "IPv4Address": "192.168.0.2/16", "IPv6Address": "" }, "f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f": { "Name": "tomcat-n-2", "EndpointID": "6b05a1ceff43514305bf3d0adf9e30ba8007db5ec8349d47f96ff2b216912fc0", "MacAddress": "02:42:c0:a8:00:03", "IPv4Address": "192.168.0.3/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ] # tomcat3 ping ip不通 [root@localhost ~]# docker exec -it tomcat3 ping 192.168.0.2 PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data. ^C --- 192.168.0.2 ping statistics --- 7 packets transmitted, 0 received, 100% packet loss, time 11ms [root@localhost ~]# docker exec -it tomcat3 ping 192.168.0.3 PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data. ^C --- 192.168.0.3 ping statistics --- 9 packets transmitted, 0 received, 100% packet loss, time 20ms
# 使用connect联通一个网络和另外一个网络里的容器,可以互相容器名称访问 [root@localhost ~]# docker network connect --help Usage: docker network connect [OPTIONS] NETWORK CONTAINER Connect a container to a network Options: --alias strings Add network-scoped alias for the container --driver-opt strings driver options for the network --ip string IPv4 address (e.g., 172.30.100.104) --ip6 string IPv6 address (e.g., 2001:db8::33) --link list Add link to another container --link-local-ip strings Add a link-local address for the container [root@localhost ~]# docker network connect mynet tomcat3 [root@localhost ~]# docker exec -it tomcat3 ping tomcat-n-1 PING tomcat-n-1 (192.168.0.2) 56(84) bytes of data. 64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.235 ms 64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.070 ms 64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.064 ms ^C --- tomcat-n-1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 6ms rtt min/avg/max/mdev = 0.064/0.123/0.235/0.079 ms [root@localhost ~]# docker exec -it tomcat-n-1 ping tomcat3 PING tomcat3 (192.168.0.4) 56(84) bytes of data. 64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=1 ttl=64 time=0.055 ms 64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=2 ttl=64 time=0.169 ms 64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=3 ttl=64 time=0.194 ms ^C --- tomcat3 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 6ms rtt min/avg/max/mdev = 0.055/0.139/0.194/0.061 ms
以上就是Docker网络原理及自定义网络详细解析的详细内容,更多关于docker网络原理的资料请关注开心学习网其它相关文章!
- docker镜像简介(详解使用阿里云镜像仓库构建国外Docker镜像)
- docker的常用的命令(Docker 清理命令集锦)
- docker的一些使用方法(使用Docker 安装 Jenkins的方法)
- docker中运行项目的配置(Docker中搭建配置Git环境的过程)
- docker自动执行镜像(docker实现重新打tag并删除原tag的镜像)
- docker执行shell脚本(基于Docker搭建ELK 日志系统的方法)
- docker的配置与使用(docker之docker-machine用法详解)
- docker 跨主机的网络通信(docker 基于golang镜像构建 ssh服务的方法)
- linuxrabbitmq安装和使用教程(用docker部署RabbitMQ环境的详细介绍)
- docker容器编排入门教程(laradock环境docker-compose操作详解)
- dockerfile自定义镜像图解(Docker images导出和导入操作)
- centos7 docker容器目录(CentOS7使用docker部署Apollo配置中心的实现)
- docker容器里面有java运行环境吗(利用 Docker 构建简单的 java 开发编译环境的方法详解)
- docker可用容量查看(docker 查看jvm内存占用方式)
- docker配置说明(Docker安装Kong API Gateway并使用的详细教程)
- docker远程部署(Docker内网穿透frp部署实现过程解析)
- 庆八一,重读经典红色语录,感悟互联网发展硬道理(重读经典红色语录)
- TVB新剧《黯夜守护者》将播,陈展鹏陈炜首次合作探讨人性(TVB新剧黯夜守护者将播)
- 新晋小花被称女版吴卓羲 将取代滕丽名成为TVB新一代御用女警(新晋小花被称女版吴卓羲)
- 艺人吴卓羲10年警察生涯,演足10年阿Sir,系咩玩法(艺人吴卓羲10年警察生涯)
- 菲律宾潜水(菲律宾潜水价格)
- 泰国人妖(变性手术生殖器要割掉吗)
热门推荐
- asp.net操作cookie
- ASP.NET根据IP获取省市地址
- sqlserver 创建数据库链接(SqlServer数据库远程连接案例教程)
- javascript中图片轮播效果代码(JavaScript实现简单的轮播图效果)
- 云服务器9兆带宽的上传速度是多少(云服务器网速多少怎么计算?云服务器的1兆带宽是多少的?)
- SQL Server中时间类型的范围
- sql触发器编写教程(SQL Server 使用触发器trigger发送电子邮件步骤详解)
- windows下nginx 命令(win10安装配置nginx的过程)
- C# xml和对象的序列化与反序列化
- python3知识点汇总(Python3几个常见问题的处理方法)
排行榜
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9