docker網(wǎng)絡(luò)如何配置

這篇文章主要為大家展示了“docker網(wǎng)絡(luò)如何配置”，內(nèi)容簡而易懂，條理清晰，希望能夠幫助大家解決疑惑，下面讓小編帶領(lǐng)大家一起研究并學(xué)習(xí)一下“docker網(wǎng)絡(luò)如何配置”這篇文章吧。

docker的網(wǎng)絡(luò)

docker network

docker有3個(gè)默認(rèn)網(wǎng)絡(luò)

[root@srv00 ~]# docker network ls
NETWORK ID          NAME                DRIVER
b891bd36a3f1        bridge              bridge              
739cb6a018f7        host                host                
d0e062995920        none                null

默認(rèn)容器都是運(yùn)行在 bridge 網(wǎng)絡(luò)下

運(yùn)行個(gè)容器測試下

[root@srv00 ~]# docker run -itd --name nw centos
5ffb7062805af03b00ecc6160a78c855a7d1b7c32bfcc14d78ce036f2df9a517
[root@srv00 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                   NAMES
5ffb7062805a        centos              "/bin/bash"              About a minute ago   Up About a minute                           nw

--name 給容器命名,否則docker自動(dòng)命名.

查看bridge網(wǎng)絡(luò)下的容器有哪些:

[root@srv00 ~]# docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "b891bd36a3f12dc2bb1f4526c0fc2741c0f8ccf6011071116840b6b31f9b20ac",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.42.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "5ffb7062805af03b00ecc6160a78c855a7d1b7c32bfcc14d78ce036f2df9a517": {
                "Name": "nw",
                "EndpointID": "65f410576be2d9aadb697ebb820e372ffb2073db7868ec001e87da5c8cf40d71",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            },
            "616d942216ee7050ecff07ca66d2d7583d4093820e9d1448f96b417d7d779408": {
                "Name": "high_shockley",
                "EndpointID": "de09ec8b400b2724238d78ece5ff24201b7baffcdb7279809ea6b1beae5fec1d",
                "MacAddress": "02:42:ac:11:00:06",
                "IPv4Address": "172.17.0.6/16",
                "IPv6Address": ""
            },
            "dead20777b6c1609ab968966b3589904d44f8a12c124c178fd5cb540052cce6f": {
                "Name": "gloomy_cray",
                "EndpointID": "1ba62447dd2d89165fc7079442a2016fb1c44caa02cca7cda6bf363eec2841da",
                "MacAddress": "02:42:ac:11:00:07",
                "IPv4Address": "172.17.0.7/16",
                "IPv6Address": ""
            },
            "e709f66c9bdbcc20f92b804e483bb566bc4ee934fa1e2e5cdbf4759f7ac1923c": {
                "Name": "tiny_shockley",
                "EndpointID": "a070387813fc17fd54ab389b4afe40c80c5dbbe42c86983a89a84a65cf32e378",
                "MacAddress": "02:42:ac:11:00:01",
                "IPv4Address": "172.17.0.1/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

可以看到剛運(yùn)行的容器nw的ip是172.17.0.2

我們可以將某個(gè)容器從網(wǎng)絡(luò)中移除

[root@srv00 ~]# docker exec -it high_shockley /bin/bash
[root@616d942216ee /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.100 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.065 ms
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.065/0.082/0.100/0.019 ms
[root@616d942216ee /]# exit
exit

先進(jìn)入同網(wǎng)絡(luò)的另一個(gè)容器ping,可以ping通.

[root@srv00 ~]# docker network disconnect bridge nw
[root@srv00 ~]# docker exec -it high_shockley /bin/bash
[root@616d942216ee /]# ping 172.17.0.2                                                                                                              
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms

[root@616d942216ee /]# exit
exit
[root@srv00 ~]# docker network inspect bridge
...

可以看到ping不通.也不在bridge網(wǎng)絡(luò)里了.通過docker inspect nw 已經(jīng)沒有ip地址了.

創(chuàng)建自己的 bridge network

docker 支持 兩個(gè)網(wǎng)絡(luò)驅(qū)動(dòng)類型'bridge'和overlay. 'bridge' 是運(yùn)行在統(tǒng)一主機(jī)上的網(wǎng)絡(luò).overlay可以包括多個(gè)主機(jī).

這里我們先創(chuàng)建自己的'bridge'網(wǎng)絡(luò)

[root@srv00 ~]# docker network create -d bridge mynetwork
072dbe030461bc1f7e1bc4829017f13ade899b09b606d12dfb8b6dec496a08bf
[root@srv00 ~]# docker network ls
NETWORK ID          NAME                DRIVER
b891bd36a3f1        bridge              bridge              
739cb6a018f7        host                host                
072dbe030461        mynetwork           bridge              
d0e062995920        none                null                
[root@srv00 ~]# docker network inspect mynetwork
[
    {
        "Name": "mynetwork",
        "Id": "072dbe030461bc1f7e1bc4829017f13ade899b09b606d12dfb8b6dec496a08bf",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

mynetwork下一個(gè)容器都沒有

運(yùn)行個(gè)容器在mynetwork下

[root@srv00 ~]# docker run -itd --net mynetwork --name nw1 centos
c5b59a1e180753301460b597b87b1608b00ebe2b8620b41b8851938c6eab8044
[root@srv00 ~]# docker network inspect mynetwork
[
    {
        "Name": "mynetwork",
        "Id": "072dbe030461bc1f7e1bc4829017f13ade899b09b606d12dfb8b6dec496a08bf",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "c5b59a1e180753301460b597b87b1608b00ebe2b8620b41b8851938c6eab8044": {
                "Name": "nw1",
                "EndpointID": "ed444519fd958ddd83d64f62719f485f62d284f2a647536e4f48a8128e62ad5e",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

測試下互通性 先把nw連到bridge網(wǎng)絡(luò)

[root@srv00 ~]# docker network connect bridge nw
[root@srv00 ~]# docker exec -it nw /bin/bash 
[root@5ffb7062805a /]# ping 172.18.0.2    
PING 172.18.0.2 (172.18.0.2) 56(84) bytes of data.
^C
--- 172.18.0.2 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms

不同網(wǎng)絡(luò)中的容器不通.

將nw也加入到mynetwork

[root@srv00 ~]# docker network connect mynetwork nw
[root@srv00 ~]# docker network inspect mynetwork
[root@srv00 ~]# docker network inspect bridge

可以看到2個(gè)網(wǎng)絡(luò)中都有nw

[root@srv00 ~]# docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' nw
172.17.0.2172.18.0.3
[root@srv00 ~]# docker exec -it nw /bin/bash 
[root@5ffb7062805a /]# ping 172.18.0.2 -c3
PING 172.18.0.2 (172.18.0.2) 56(84) bytes of data.
64 bytes from 172.18.0.2: icmp_seq=1 ttl=64 time=0.093 ms
64 bytes from 172.18.0.2: icmp_seq=2 ttl=64 time=0.057 ms
64 bytes from 172.18.0.2: icmp_seq=3 ttl=64 time=0.076 ms

--- 172.18.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.057/0.075/0.093/0.016 ms
[root@5ffb7062805a /]# ping 172.17.0.6 -c3
PING 172.17.0.6 (172.17.0.6) 56(84) bytes of data.
64 bytes from 172.17.0.6: icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from 172.17.0.6: icmp_seq=2 ttl=64 time=0.080 ms
^C
--- 172.17.0.6 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.080/0.091/0.102/0.011 ms

nw 這臺(tái)容器有兩個(gè)ip,同時(shí)在兩個(gè)網(wǎng)段中,兩個(gè)網(wǎng)絡(luò)中的容器都可以互通.

以上是“docker網(wǎng)絡(luò)如何配置”這篇文章的所有內(nèi)容，感謝各位的閱讀！相信大家都有了一定的了解，希望分享的內(nèi)容對(duì)大家有所幫助，如果還想學(xué)習(xí)更多知識(shí)，歡迎關(guān)注億速云行業(yè)資訊頻道！