容器网络命令 :
docker network --help
常用的是 docker network create/ls/rm/inspect
容器网络类型,一共有以下5种
bridge
–net=bridge
默认网络,Docker启动后创建一个docker0网桥,默认创建的容器也是添加到这个网桥中。
• host
–net=host
容器不会获得一个独立的network namespace,而是与宿主机共用一个。这就意味着容器不会有自己的网卡信息,而是使用宿主
机的。容器除了网络,其他都是隔离的。
• none
–net=none
获取独立的network namespace,但不为容器进行任何网络配置,需要我们手动配置。
• container
–net=container:Name/ID
与指定的容器使用同一个network namespace,具有同样的网络配置信息,两个容器除了网络,其他都还是隔离的。
• 自定义网络
与默认的bridge原理一样,但自定义网络具备内部DNS发现,可以通过容器名或者主机名容器之间网络通信。
下面是对每种网络模式的实战
#查看宿主机网络配置
[root@ wwwroot]# ifconfig
-bash: ifconfig: 未找到命令
#没有安装ifconfig命令的话,通过下面命令安装
[root@ wwwroot]# yum install net-tools
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: ftp.sjtu.edu.cn
* updates: ftp.sjtu.edu.cn
base | 3.6 kB ::
docker-ce-stable | 3.5 kB ::
extras | 3.4 kB ::
updates | 3.4 kB ::
正在解决依赖关系
--> 正在检查事务
---> 软件包 net-tools.x86_64.0.2.-0.24.20131004git.el7 将被 安装
--> 解决依赖关系完成 依赖关系解决 =================================================================================================================
Package 架构 版本 源 大小
=================================================================================================================
正在安装:
net-tools x86_64 2.0-0.24.20131004git.el7 base k 事务概要
=================================================================================================================
安装 软件包 总下载量: k
安装大小: k
Is this ok [y/d/N]: y
Downloading packages:
net-tools-2.0-0.24.20131004git.el7.x86_64.rpm | kB ::
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : net-tools-2.0-0.24.20131004git.el7.x86_64 /
验证中 : net-tools-2.0-0.24.20131004git.el7.x86_64 / 已安装:
net-tools.x86_64 :2.0-0.24.20131004git.el7 完毕!
#查看宿主机网络配置,每新建一个容器,都会在宿主机新增一块veth*网卡
[root@ wwwroot]# ifconfig
docker0: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80:::35ff:fefb:c080 prefixlen scopeid 0x20<link>
ether :::fb:c0: txqueuelen (Ethernet)
RX packets bytes (5.3 KiB)
RX errors dropped overruns frame
TX packets bytes (8.2 KiB)
TX errors dropped overruns carrier collisions ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.1.30 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::6fa9:ff39:bd3d:e2cf prefixlen scopeid 0x20<link>
ether :0c::f0:9e: txqueuelen (Ethernet)
RX packets bytes (4.1 MiB)
RX errors dropped overruns frame
TX packets bytes (398.6 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (5.7 KiB)
RX errors dropped overruns frame
TX packets bytes (5.7 KiB)
TX errors dropped overruns carrier collisions veth4825f45: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::c0cd:4dff:fe4d: prefixlen scopeid 0x20<link>
ether c2:cd:4d:4d:: txqueuelen (Ethernet)
RX packets bytes (2.9 KiB)
RX errors dropped overruns frame
TX packets bytes (3.3 KiB)
TX errors dropped overruns carrier collisions veth59bfe03: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80:::34ff:fe41: prefixlen scopeid 0x20<link>
ether ::::: txqueuelen (Ethernet)
RX packets bytes (492.0 B)
RX errors dropped overruns frame
TX packets bytes (1.3 KiB)
TX errors dropped overruns carrier collisions
#运行一个busybox容器,busybox镜像有很多安装好的linux命令,一般都是用这个容器来做容器测试
[root@ wwwroot]# docker run -itd busybox
402834f20a30929e44f5eaf76f4b862fe23bbef5d65598553edb448f5435dee7
#列出容器
[root@ wwwroot]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
402834f20a30 busybox "sh" seconds ago Up seconds inspiring_greider
dbc625210371 nginx "nginx -g 'daemon of…" hours ago Up hours 0.0.0.0:->/tcp distracted_franklin
8f88aa12dfbc nginx "nginx -g 'daemon of…" hours ago Up hours 0.0.0.0:->/tcp condescending_franklin
#进入容器402834f20a30(busybox)
[root@ wwwroot]# docker container exec -it 402834f20a30 sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr ::AC:::
inet addr:172.17.0.4 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (656.0 B) TX bytes: (0.0 B) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (0.0 B) TX bytes: (0.0 B) / # exit
#下面这行命令里--rm 代表使用完容器后,自动移除容器,但是下面用了-d参数,代表后台一直运行,所以-d参数和--rm参数是有冲突的,加了-d参数,就忽略了--rm
# 如果想让--rm 生效,就不要使用-d参数,可以这样用 docker run -it --rm --net=host busybox 默认会进入容器,exit退出容器后,会自动移除容器。
# --net=host 这种网络意思是说:和宿主机使用同一个网卡
[root@ wwwroot]# docker run -itd --rm --net=host busybox
b3cad3ef573a0b70f443970ba4cbfbebc341201db18491bfe61fd23e9a493a66
# 进入容器,查看网络,确认容器和虚拟机使用的是同一个网络配置。这种情况下,要注意端口冲突。
[root@ wwwroot]# docker container exec -it b3cad3ef573a0b70f443970ba4cbfbebc341201db18491bfe61fd23e9a493a66 sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr :::FB:C0:
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80:::35ff:fefb:c080/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (5.3 KiB) TX bytes: (8.2 KiB) ens33 Link encap:Ethernet HWaddr :0C::F0:9E:
inet addr:192.168.1.30 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::6fa9:ff39:bd3d:e2cf/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (5.1 MiB) TX bytes: (480.6 KiB) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::/ Scope:Host
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (5.7 KiB) TX bytes: (5.7 KiB) veth4825f45 Link encap:Ethernet HWaddr C2:CD:4D:4D::
inet6 addr: fe80::c0cd:4dff:fe4d:/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (2.9 KiB) TX bytes: (3.3 KiB) veth59bfe03 Link encap:Ethernet HWaddr :::::
inet6 addr: fe80:::34ff:fe41:/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (492.0 B) TX bytes: (1.3 KiB) vetha875c92 Link encap:Ethernet HWaddr CE:AA:EF:A7:B5:D4
inet6 addr: fe80::ccaa:efff:fea7:b5d4/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (0.0 B) TX bytes: (656.0 B) / # exit
# --net=none 不为容器进行任何网络配置
[root@ wwwroot]# docker run -itd --net=none busybox
1cfdc5869beb2b1a4dde358c97c703f1e59697c3bba992b942b5aa02007f626b
#进入容器,确认,只有一个lo,没有常见的eth0
[root@ wwwroot]# docker container exec -it 1cfdc5869beb2b1a4dde358c97c703f1e59697c3bba992b942b5aa02007f626b sh
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (0.0 B) TX bytes: (0.0 B) / # exit
#--net=container:402834f20a30,和指定容器使用同一个网络
[root@ wwwroot]# docker run -it --rm --net=container:402834f20a30 busybox
/ # ifconfig
eth0 Link encap:Ethernet HWaddr ::AC:::
inet addr:172.17.0.4 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (656.0 B) TX bytes: (0.0 B) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (0.0 B) TX bytes: (0.0 B) / # exit
# 不加-net参数,使用默认网络-net bridge , 默认创建的容器会添加到docker 0这个网桥中。进入下面任意容器,通过ping name是无法通的, 比如,进入father容器 ping mother,无法ping通,相反也是。
[root@ wwwroot]# docker container run -itd --name father busybox
f1c83a1a57c6df79b9b493adb5378846373521fe84a078a4d791b65fef9b6145
[root@ wwwroot]# docker container run -itd --name mother busybox
aa732d44065a7d9a22716cecbb998a08dc0f5ad77aadcf0530a685d797226b30
# 列出docker network 帮助
[root@ ~]# docker network --help Usage: docker network COMMAND Manage networks Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks Run 'docker network COMMAND --help' for more information on a command.
# 使用docker network 命令创建一个自定义网络
[root@ ~]# docker network create test
04c72dac07d71b4e54e4706b67d03a10e891acc0632f78dd87eecc4e3c62459a
# 列出网络,确认自定义网络test创建成功
[root@ ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
4282f8838752 bridge bridge local
33e3115a5c2a host host local
7c53ba80078d none null local
04c72dac07d7 test bridge local
# 自定义网络特点:自定义网络具备DNS发现,可以通过容器名或者主机名,容器之间可以进行网络通信。
# 简单的说,在同一个自定义网络的容器,可以通过 容器名或者主机名 ping通
[root@ ~]# docker run -itd --name machine1 --net=test busybox
f3e31fa81bf1044f9d5f810fa93b711096f0420be77e7cb802bfdd7994e77cc4
[root@ ~]# docker run -itd --name machine2 --net=test busybox
275c7fe8331a08d956fb125a734432eb23cfaed163b97e7bdfdf89d321234eee
#进入machine1容器,ping machine2(容器名),ping通
[root@ ~]# docker container exec -it machine1 sh
/ # ping machine2
PING machine2 (172.18.0.3): data bytes
bytes from 172.18.0.3: seq= ttl= time=0.204 ms
bytes from 172.18.0.3: seq= ttl= time=0.150 ms
bytes from 172.18.0.3: seq= ttl= time=0.148 ms
^C
--- machine2 ping statistics ---
packets transmitted, packets received, % packet loss
round-trip min/avg/max = 0.148/0.167/0.204 ms
/ # ifconfig
eth0 Link encap:Ethernet HWaddr ::AC:::
inet addr:172.18.0.2 Bcast:172.18.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (1.6 KiB) TX bytes: (378.0 B) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (240.0 B) TX bytes: (240.0 B) / # exit
#进入machine2容器,ping machine1(容器名),ping通
[root@ ~]# docker container exec -it machine2 sh
/ # ping machine1
PING machine1 (172.18.0.2): data bytes
bytes from 172.18.0.2: seq= ttl= time=0.145 ms
bytes from 172.18.0.2: seq= ttl= time=0.083 ms
bytes from 172.18.0.2: seq= ttl= time=0.149 ms
bytes from 172.18.0.2: seq= ttl= time=0.150 ms
^C
--- machine1 ping statistics ---
packets transmitted, packets received, % packet loss
round-trip min/avg/max = 0.083/0.131/0.150 ms
/ # ifconfig
eth0 Link encap:Ethernet HWaddr ::AC:::
inet addr:172.18.0.3 Bcast:172.18.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (1.4 KiB) TX bytes: (854.0 B) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (240.0 B) TX bytes: (240.0 B) / # exit
[root@ ~]# ifconfig
br-04c72dac07d7: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80:::e6ff:fe4c:ab7f prefixlen scopeid 0x20<link>
ether ::e6:4c:ab:7f txqueuelen (Ethernet)
RX packets bytes (492.0 B)
RX errors dropped overruns frame
TX packets bytes (1.3 KiB)
TX errors dropped overruns carrier collisions docker0: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80:::35ff:fefb:c080 prefixlen scopeid 0x20<link>
ether :::fb:c0: txqueuelen (Ethernet)
RX packets bytes (5.3 KiB)
RX errors dropped overruns frame
TX packets bytes (8.2 KiB)
TX errors dropped overruns carrier collisions ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.1.30 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::6fa9:ff39:bd3d:e2cf prefixlen scopeid 0x20<link>
ether :0c::f0:9e: txqueuelen (Ethernet)
RX packets bytes (8.1 MiB)
RX errors dropped overruns frame
TX packets bytes (642.7 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (5.7 KiB)
RX errors dropped overruns frame
TX packets bytes (5.7 KiB)
TX errors dropped overruns carrier collisions veth0f3ecdc: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::e0b4:deff:fef4:a410 prefixlen scopeid 0x20<link>
ether e2:b4:de:f4:a4: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (656.0 B)
TX errors dropped overruns carrier collisions veth4825f45: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::c0cd:4dff:fe4d: prefixlen scopeid 0x20<link>
ether c2:cd:4d:4d:: txqueuelen (Ethernet)
RX packets bytes (2.9 KiB)
RX errors dropped overruns frame
TX packets bytes (3.3 KiB)
TX errors dropped overruns carrier collisions veth527ebf1: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::f425:91ff:fe88:d2e4 prefixlen scopeid 0x20<link>
ether f6::::d2:e4 txqueuelen (Ethernet)
RX packets bytes (854.0 B)
RX errors dropped overruns frame
TX packets bytes (1.4 KiB)
TX errors dropped overruns carrier collisions veth59bfe03: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80:::34ff:fe41: prefixlen scopeid 0x20<link>
ether ::::: txqueuelen (Ethernet)
RX packets bytes (492.0 B)
RX errors dropped overruns frame
TX packets bytes (1.3 KiB)
TX errors dropped overruns carrier collisions vetha875c92: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::ccaa:efff:fea7:b5d4 prefixlen scopeid 0x20<link>
ether ce:aa:ef:a7:b5:d4 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (656.0 B)
TX errors dropped overruns carrier collisions vethb0b26d4: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::dce8:e5ff:fe2d:a6b prefixlen scopeid 0x20<link>
ether de:e8:e5:2d:0a:6b txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (656.0 B)
TX errors dropped overruns carrier collisions vethdc82492: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::18b1:fff:fec2:6ae2 prefixlen scopeid 0x20<link>
ether 1a:b1:0f:c2:6a:e2 txqueuelen (Ethernet)
RX packets bytes (854.0 B)
RX errors dropped overruns frame
TX packets bytes (2.1 KiB)
TX errors dropped overruns carrier collisions [root@ ~]# docker container exec -it machine2 sh
/ # traceroute 115.239.211.112
traceroute to 115.239.211.112 (115.239.211.112), hops max, byte packets
172.18.0.1 (172.18.0.1) 0.020 ms 0.015 ms 0.012 ms
192.168.1.1 (192.168.1.1) 0.992 ms 1.941 ms 1.318 ms
114.82.252.1 (114.82.252.1) 4.247 ms 3.848 ms 3.015 ms
124.74.33.185 (124.74.33.185) 3.944 ms 6.421 ms 3.531 ms
124.74.210.77 (124.74.210.77) 10.714 ms 4.396 ms 8.289 ms
61.152.24.142 (61.152.24.142) 4.587 ms 4.882 ms 5.343 ms
202.97.33.222 (202.97.33.222) 10.666 ms 202.97.23.86 (202.97.23.86) 11.103 ms 11.097 ms
220.191.200.218 (220.191.200.218) 13.673 ms 220.191.200.238 (220.191.200.238) 13.685 ms 220.191.200.218 (220.191.200.218) 13.252 ms
* * *
115.239.209.42 (115.239.209.42) 15.933 ms 115.239.209.6 (115.239.209.6) 15.209 ms 115.239.209.14 (115.239.209.14) 17.882 ms
* *^C
/ # exit
作者: 梅梅~
出处: https://www.cnblogs.com/keeptesting
关于作者:专注软件测试,测试运维相关工作,请多多赐教!
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出, 原文链接 欢迎沟通交流加微信联系。 微信:yangguangkg20140901 暗号:博客园.