Docker从入门到精通(十)
Docker网络相关命令
- ls:列出所有网络
- create:创建网络
- rm:删除一个网络
- connect:把容器接入到网络
- disconnect:把容器从网络卸载下来
- inspect:查看网络详细信息
列出所有网络
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
fab85b3e7b97 bridge bridge local
4052e9cd1bb0 docker-mac-network_default bridge local
07dad153dbca host host local
da018c990a38 none null local
创建网络
$ docker network create MyNet
12472c3617d0261e1cd2bc96cfd1e0944f5bee82a1489c352db14c8aef996fce
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
12472c3617d0 MyNet(自定义网络) bridge local
fab85b3e7b97 bridge bridge local
4052e9cd1bb0 docker-mac-network_default bridge local
07dad153dbca host host local
da018c990a38 none null local
把容器接入到网络
1.我们查看容器的网络信息
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
681d33c80334 wenjunxiao/mac-docker-connector "mac-receiver" 7 days ago Up 7 days connector
9a5f2f8b2e91 mysql:5.6 "docker-entrypoint.s…" 5 weeks ago Up 7 days 0.0.0.0:3307->3306/tcp mysql2
ed9709c6210c mysql "docker-entrypoint.s…" 6 weeks ago Up 7 days 0.0.0.0:3306->3306/tcp, 33060/tcp mysql-test
$ docker inspect ed9709c6210c | tail -n 20 先查看mysql的网络信息
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "fab85b3e7b972d7706d67283cc0e816a332d507058f4ff1cb124bdc231595f71",
"EndpointID": "b7f3aba2f68145b3d32c494b1407db2b8c56ae1e40820827000e1ea948e6f5aa",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
2.再把容器接连到我们创建的网络中,并验证是否进入新的的网络
$ docker network connect MyNet ed9709c6210c (为mysql容器加入我们新建的网络)
$ docker inspect ed9709c6210c | tail -n 40
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"MyNet": { 已经加入了新的网络了
"IPAMConfig": {},
"Links": null,
"Aliases": [
"ed9709c6210c"
],
"NetworkID": "12472c3617d0261e1cd2bc96cfd1e0944f5bee82a1489c352db14c8aef996fce",
"EndpointID": "d653da341e5ce715657deaf526c9f7347bc60ada245eb22b3025667b45769d03",
"Gateway": "172.19.0.1",
"IPAddress": "172.19.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:13:00:02",
"DriverOpts": {}
},
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "fab85b3e7b972d7706d67283cc0e816a332d507058f4ff1cb124bdc231595f71",
"EndpointID": "b7f3aba2f68145b3d32c494b1407db2b8c56ae1e40820827000e1ea948e6f5aa",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
卸载网络
$ docker network disconnect MyNet ed9709c6210c 卸载网络
$ docker inspect ed9709c6210c | tail -n 20 查看已经卸载了
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "fab85b3e7b972d7706d67283cc0e816a332d507058f4ff1cb124bdc231595f71",
"EndpointID": "b7f3aba2f68145b3d32c494b1407db2b8c56ae1e40820827000e1ea948e6f5aa",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
删除网络
$ docker network rm MyNet
MyNet
$ docker network ls 查看是否删除了
NETWORK ID NAME DRIVER SCOPE
fab85b3e7b97 bridge bridge local
4052e9cd1bb0 docker-mac-network_default bridge local
07dad153dbca host host local
da018c990a38 none null local
查看网络信息
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "fab85b3e7b972d7706d67283cc0e816a332d507058f4ff1cb124bdc231595f71",
"Created": "2023-03-26T06:00:05.8020278Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"9a5f2f8b2e91c11f5829aa58b9d43467c30b2283832b9139c74abc8553d8d062": {
"Name": "mysql2",
"EndpointID": "5c3837090785ad8e02add5d9edd8825ea62ea6dd50da883d0b04c2b09d7d9eb5",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"ed9709c6210c93b75ed1b74b1f004d1bb7526aabae2bd746a47e4ee8c1172425": {
"Name": "mysql-test",
"EndpointID": "b7f3aba2f68145b3d32c494b1407db2b8c56ae1e40820827000e1ea948e6f5aa",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
网络模式
bridge模式
在该模式中,Docker 守护进程创建了一个虚拟以太网桥 docker0,新建的容器会自动桥接到这个接口,附加在其上的任何网卡之间都能自动转发数据包。
默认情况下,守护进程会创建一对对等虚拟设备接口 veth pair,将其中一个接口设置为容器的eth0接口(容器的网卡),另一个接口放置在宿主机的命名空间中,以类似 vethxxx 这样的名字命名,从而将宿主机上的所有容器都连接到这个内部网络上
上面就可以证实,默认的bridge模式是创建了一对 veth pair接口,这个对接口一端在容器内,即eth0,另外一个接口在本地并挂载到docker0网桥,名称以veth开头,通过这种方式,主机可以跟容器通信,容器之间也可以互相通信
Host模式
如果指定的host模式容器不会拥有一个独立network namesace,而是与宿主主机共用network namesace.也就说明容器本身不会有网卡信息,而是使用宿主主机的网络信息.容器除了网络,其他比如文件系统,进程等依然都是隔离的。
上面我们就可以发现创建的容器和我们的宿主机信息一样,证明了host模式和宿主机共用一个网络
none模式
none 网络模式是指禁用网络功能,只有 lo 接口 local 的简写,代表 127.0.0.1,即 localhost 本地环回接口.在创建容器时通过参数 --net none 或者 --network none 指定
container 网络模式
Container 网络模式即新创建的容器不会创建自己的网卡,配置自己的 IP,而是和一个指定的容器共享 IP,端口范围等.同样两个容器除了网络方面相同之外,其他的如文件系统,进程列表等还是隔离的
比如我基于容器bbox01创建了container网络模式的容器bbox04,查看ip addr
我们再查看bbox01的网络
可以发现两个容器的网络一样,说明新建的bbox04容器共用了bbox01的网络
本文参与 腾讯云自媒体同步曝光计划,分享自微信公众号。
原始发表:2023-04-03,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
腾讯云开发者
