docker网络类型

Docker网络类型
None：不为容器配置任何网络功能，–net=none

[root@docker ~]# docker run -d -it --net=none alpine 
16471ec7ba17c8592d7b27a60f6728721d374a082cc49db2bb740edb3d6e362f
[root@docker ~] docker exec -it 16471ec7ba17c8592 /bin/sh
/ # ifconfig

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Container：与另一个运行中的容器共享Network Namespace，–net=container:containerID（K8S）

[root@docker ~] docker run -it -d --net=container:14b51071940d alpine:latest 
80ebd0d835e4093be0073d8fdc7ea0f4cfd6836e32a9cd7979022bce3cd8954b
[root@docker ~]# docker inspect 80ebd0d835e409|grep host
        "HostnamePath": "/var/lib/docker/containers/14b51071940dd8a83a7095e9942803704df43dc22d4647e113050791fbf4ece7/hosname",
        "HostsPath": "/var/lib/docker/containers/14b51071940dd8a83a7095e9942803704df43dc22d4647e113050791fbf4ece7/hosts",
[root@docker ~] docker exec -it 5d280dcd7dae60f /bin/sh
/ # cat /etc/hosts
127.0.0.1    localhost
::1       localhost ip6-localhost ip6-loopbac
fe00::0        ip6-localnet
ff00::0        ip6-mcastprefix
ff02::1        ip6-allnodes
ff02::2        ip6-allrouters
172.17.0.2 baeedb96060e

Host：与宿主机共享Network Namespace，–network=host 性能最高

[root@docker ~]# docker run -d -it --network=host alpine 
14b51071940dd8a83a7095e9942803704df43dc22d4647e113050791fbf4ece7
[root@docker ~]# docker exec -it 14b51071940d /bin/sh
/ # cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@docker ~]# docker inspect 14b51071940dd8a|grep host
        "HostnamePath": "/var/lib/docker/containers/14b51071940dd8a83a7095e9942803704df43dc22d4647e113050791fbf4ece7/hosname",
        "HostsPath": "/var/lib/docker/containers/14b51071940dd8a83a7095e9942803704df43dc22d4647e113050791fbf4ece7/hosts",
        "NetworkMode": "host",
                "host": {

Bridge：Docker设计的NAT网络模型
Docker跨主机容器之间的通信macvlan
默认一个物理网卡，只有一个物理mac地址，虚拟多个mac地址

##创建macvlan网络

docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1

##设置eth0的网卡为混杂模式

ip link set eth1 promisc on

##创建使用macvlan网络的容器

docker run -it --network macvlan_1 --ip=10.0.0.200 busybox

docker跨主机容器间的通信flannel

macvlan模式        ##因为Mac地址的原因此模式宿主机不能ping通自己
docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1
[root@docker ~]# docker run -it -d --network macvlan_1 --ip 10.0.0.100 busybox:latest
\# ping 10.0.0.102
PING 10.0.0.102 (10.0.0.102): 56 data bytes
64 bytes from 10.0.0.102: seq=0 ttl=64 time=0.601 ms
64 bytes from 10.0.0.102: seq=1 ttl=64 time=0.411 ms

Dcoker跨主机容器通信之overlay
docker01上：

docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap

设置容器的主机名

consul：kv类型的存储数据库（key:value）

docker01、02上：
vim  /etc/docker/daemon.json
{
  "hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
  "cluster-store": "consul://10.0.0.11:8500",
  "cluster-advertise": "10.0.0.11:2376"
}

vim /etc/docker/daemon.json 
vim /usr/lib/systemd/system/docker.service
systemctl daemon-reload 
systemctl restart docker

docker ip：10.0.0.11
[root@docker ~]# vim /etc/docker/daemon.json 
{
"hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
  "cluster-store": "consul://10.0.0.11:8500",
  "cluster-advertise": "10.0.0.11:2376"
}

docker  ip：10.0.0.100
[root@oldboy ~]# vim /etc/docker/daemon.json 

{
  "hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
  "cluster-store": "consul://10.0.0.11:8500",
  "cluster-advertise": "10.0.0.100:2376"
}

有时重新启动会报错

[root@oldboy ~]# vim /usr/lib/systemd/system/docker.se
### 注意文件中的-H 如果有 将其删除掉
ExecStart=/usr/bin/dockerd  --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

2）创建overlay网络

docker network create -d overlay --subnet 172.16.2.0/24 --gateway 172.16.2.254 ol1

3）启动容器测试

docker run -it --network ol1 --name oldboy01 busybox:1.29 /bin/sh

每个容器有两块网卡,eth0实现容器间的通讯,eth1实现容器访问外网

在不同docker安装zabbix

docker1
docker run --name mysql-server -t  --network ol1 \
      -e MYSQL_DATABASE="zabbix" \
      -e MYSQL_USER="zabbix" \
      -e MYSQL_PASSWORD="zabbix_pwd" \
      -e MYSQL_ROOT_PASSWORD="root_pwd" \
      -d mysql:5.7 \
      --character-set-server=utf8 --collation-server=utf8_bin

docker run --name zabbix-java-gateway -t --network ol1\
      -d zabbix/zabbix-java-gateway:latest

docker2
docker run --name zabbix-server-mysql -t  --network ol1 \
      -e DB_SERVER_HOST="mysql-server" \
      -e MYSQL_DATABASE="zabbix" \
      -e MYSQL_USER="zabbix" \
      -e MYSQL_PASSWORD="zabbix_pwd" \
      -e MYSQL_ROOT_PASSWORD="root_pwd" \
      -e ZBX_JAVAGATEWAY="zabbix-java-gateway" \
      --link mysql-server:mysql \
      --link zabbix-java-gateway:zabbix-java-gateway \
      -p 10051:10051 \
      -d zabbix/zabbix-server-mysql:latest

docker run --name zabbix-web-nginx-mysql -t --network ol1 \
      -e DB_SERVER_HOST="mysql-server" \
      -e MYSQL_DATABASE="zabbix" \
      -e MYSQL_USER="zabbix" \
      -e MYSQL_PASSWORD="zabbix_pwd" \
      -e MYSQL_ROOT_PASSWORD="root_pwd" \
      --link mysql-server:mysql \
      --link zabbix-server-mysql:zabbix-server \
      -p 80:80 \
      -d zabbix/zabbix-web-nginx-mysql:latest