Docker-核心技术-网络管理
简介
- 端口映射
- 网络模式
1.端口映射
默认情况下,容器和宿主机之间网络是隔离的,可以通过端口映射的方式,将容器中的端口,映射到宿主机的某个端口上。从而实现通过宿主机的ip+port的方式来访问容器里的内容。
1.Docker的端口映射
| 映射方式 | 参数 | 备注 |
|---|---|---|
| 随机映射 | -P | 大写P |
| 指定映射 | -p 宿主机IP:端口号:容器端口号 | 小写p,且要指定宿主机IP:port:docker容器port |
生产场景一般不使用随机映射,但是随机映射的好处就是由docker分配,端口不会冲突;不管哪种映射都会有所消耗,影响性能,因为涉及到映射的操作。
2.端口随机映射
1.获取帮助
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
https://docs.docker.com/engine/reference/commandline/run/
2.命令格式
1.默认随机端口映射
docker run -d -P [镜像名称]
例:
1.获取Nginx镜像
docker pull nginx
2.守护进程方式启动一个普通的nginx镜像的容器
docker run -d nginx
docker ps
3.查看宿主机端口映射情况
netstat -tnulp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 0.0.0.0:631 0.0.0.0:* -
udp 0 0 0.0.0.0:44157 0.0.0.0:* -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp6 0 0 :::48168 :::* -
udp6 0 0 :::5353 :::* -
4.守护进程方式启动一个默认随机映射的nginx镜像的容器
docker run -d -P nginx && docker ps
Ports指示端口映射0.0.0.0:32768->80/tcp
5.再次查看宿主机80端口的映射情况
netstat -tnulp
宿主机的32768被映射到容器的80端口
6.获取宿主机IP信息
ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:5fff:fe9e:daa2 prefixlen 64 scopeid 0x20<link>
ether 02:42:5f:9e:da:a2 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 17 bytes 1708 (1.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.234.62 netmask 255.255.255.0 broadcast 192.168.234.255
inet6 fe80::20c:29ff:fe1e:a361 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:a3:61 txqueuelen 1000 (Ethernet)
RX packets 947448 bytes 1224885881 (1.2 GB)
RX errors 57 dropped 70 overruns 0 frame 0
TX packets 509055 bytes 180614621 (180.6 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x2000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 3231 bytes 279047 (279.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3231 bytes 279047 (279.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2556e5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4cc0:bdff:fe42:bfc1 prefixlen 64 scopeid 0x20<link>
ether 4e:c0:bd:42:bf:c1 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29 bytes 3413 (3.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth330c413: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::9c08:b7ff:fed3:7a65 prefixlen 64 scopeid 0x20<link>
ether 9e:08:b7:d3:7a:65 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 31 bytes 3590 (3.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth353b303: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4410:a5ff:fef6:61a2 prefixlen 64 scopeid 0x20<link>
ether 46:10:a5:f6:61:a2 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 38 bytes 4208 (4.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethbfd3ef0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2c01:e7ff:fe21:493e prefixlen 64 scopeid 0x20<link>
ether 2e:01:e7:21:49:3e txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 47 bytes 5086 (5.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.234.62 netmask 255.255.255.0 broadcast 192.168.234.255
inet6 fe80::20c:29ff:fe1e:a361 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:a3:61 txqueuelen 1000 (Ethernet)
RX packets 947448 bytes 1224885881 (1.2 GB)
RX errors 57 dropped 70 overruns 0 frame 0
TX packets 509055 bytes 180614621 (180.6 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x2000
7.使用浏览器进行访问
浏览器输入的格式是: docker容器宿主机的ip : 容器映射的端口
http://192.168.234.62:32768/
-P 自动绑定所有对外提供服务的容器端口,映射的端口将会从没有使用的端口池中自动随机选择,
但是如果连续启动多个容器的话,则下一个容器的端口默认是当前容器占用端口号+1
docker run -d -P nginx
docker run -d -P nginx
docker run -d -P nginx
netstat -tnulp
2.指定主机IP随机端口映射
指定主机随机端口映射其实就是把【指定映射】的【宿主机的端口号】省略来实现,所以使用小写的p。
docker run -d -p [宿主机ip]::[容器端口] --name [容器名称][镜像名称]
例:
docker run -d -p 192.168.234.62::80 --name nginx-wyf nginx && docker ps
3.指定端口映射
1.获取帮助
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
https://docs.docker.com/engine/reference/commandline/run/
2.命令格式
1.指定单端口映射
docker run -d -p [宿主机ip]:[宿主机端口]:[容器端口] --name [容器名字][镜像名称]
如果不指定宿主机ip的话,默认使用 0.0.0.0,
例:
1.给定容器一个指定的访问端口8989【docker容器的80端口映射到宿主机的8989端口】
docker run -d -p 192.168.234.62:8989:80 --name nginx-wyf-1 nginx
docker ps
2.通过查看容器的详细信息查看容器IP
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' a8320c759fe2
3.查看容器端口映射
docker ps
2.指定多端口映射
docker run -d -p [宿主机端口1]:[容器端口1] -p [宿主机端口2]:[容器端口2] --name [容器名称][镜像名称]
例:
1.给定容器一个指定的访问端口9998【docker容器的443端口映射到宿主机的8888端口】和9999【docker容器的80端口映射到宿主机的9999端口】
docker run -d -p 8888:443 -p 9999:80 --name nginx-wyf-2 nginx && docker ps
2.网络管理基础
1.network
1.获取帮助
docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
| 指令 | 说明 |
|---|---|
| connect | 将一个容器连接到一个网络 |
| create | 创建一个网络 |
| disconnect | 从网络断开一个容器 |
| inspect | 在一个或多个网络上显示详细信息 |
| ls | 网络列表 |
| prune | 删除所有未使用的网络 |
| rm | 删除一个或多个网络 |
https://docs.docker.com/engine/reference/commandline/network/
2.命令格式
1.查看当前主机网络
docker network ls
NETWORK ID NAME DRIVER SCOPE
8e8b24ce3a07 bridge bridge local
59f27d5cdcbc host host local
26dd69b9aac8 none null local
| 标题 | 说明 |
|---|---|
| NETWORK ID | 网络ID |
| NAME | 名称 |
| DRIVER | 驱动 |
| SCOPE | 范围 |
2.查看bridge的网络内部信息
docker network inspect bridge
[
{
"Name": "bridge",
"Id": "8e8b24ce3a07518de595c060d35c61dc9e8f6f87024c8c2e6a7b8fe193ec2ef6",
"Created": "2020-04-14T11:06:14.379221259+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"1d37e6d9f116c195370ce094ce444c043284bed9a810c208d1bb2fe6d256f727": {
"Name": "hardcore_bartik",
"EndpointID": "6237af5462c08e4ad7c394ba2d8ae41c254ccb7a6d3f68d3a75dec3cbaab07b6",
"MacAddress": "02:42:ac:11:00:05",
"IPv4Address": "172.17.0.5/16",
"IPv6Address": ""
},
"340605f1190c42b6cc1573bdad7c6cbce1ba7aa899ff5826fab8299fca2f4a62": {
"Name": "nginx-wyf",
"EndpointID": "1874b6d042166b76a056a3db7cba838159d7238cd0b312b8e1d542ab72ba6445",
"MacAddress": "02:42:ac:11:00:09",
"IPv4Address": "172.17.0.9/16",
"IPv6Address": ""
},
"3d392914e276d51f48bcb3bb74e83de67f74b85ab5424b220e0e520fb0110b8e": {
"Name": "vf-ubunt-1",
"EndpointID": "7b9f4797449d8558b7522f4c15a7f11565f383c90125b55ef7107f432f5a02ee",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"60decfc922ce9d3fa55640778c77e4fa6e404f0793d5d30fb1a8410747a48514": {
"Name": "stoic_mirzakhani",
"EndpointID": "e027dc97e599f336584d9515e26c3c2ca828e6381c1fb4f348fc68cb023f3301",
"MacAddress": "02:42:ac:11:00:06",
"IPv4Address": "172.17.0.6/16",
"IPv6Address": ""
},
"799ceb41a562017b8193725e6a8eea9eb3ff04cd25b34868223064323ed3c31c": {
"Name": "vf-ubunt-3",
"EndpointID": "8f938c41878e768a791074defb2fbcf0bcd3742f5dc93309a99f45d9449a63d1",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"86a2c1ff3da35673ff2359119e31663fcda63e39ebe9b47ca8bb6d9034911ae8": {
"Name": "condescending_spence",
"EndpointID": "ed23cf85167c62149cbd23a7593f679594c48ae7cac4da402dfa2d233cef8f49",
"MacAddress": "02:42:ac:11:00:07",
"IPv4Address": "172.17.0.7/16",
"IPv6Address": ""
},
"a2334430a3f284a9f64a71f99fef4e9cbb60e40e8f4d393d99450830e2f92aca": {
"Name": "ecstatic_euler",
"EndpointID": "d8bc6b072bcdb5ff22d51198169aacf36e0032475568c298f88d5e960fad3868",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"a8320c759fe277788e19c9435a7a102ef6e52792ae403717af3e6ea8700868ad": {
"Name": "nginx-wyf-1",
"EndpointID": "5668b42b4c3a4718ace725862e560c6f2a729a8dca0d8e6c7120fa2888dbb276",
"MacAddress": "02:42:ac:11:00:0a",
"IPv4Address": "172.17.0.10/16",
"IPv6Address": ""
},
"b2b295d86c505d3d603b7b9b18c26c01980f952e6ddf616d4a084ba5b94d3964": {
"Name": "sweet_elgamal",
"EndpointID": "ab8ead7abf43416c4b3cada548893b70dc338f110291ac0acd368a18b8cd0d09",
"MacAddress": "02:42:ac:11:00:08",
"IPv4Address": "172.17.0.8/16",
"IPv6Address": ""
},
"fda95bab83df3af6dc806100e2e275b47e3ed86b3847e6f6787a0fde9d1d0d78": {
"Name": "nginx-wyf-2",
"EndpointID": "443ade95bf68e9f28b1e450fea4751963bd82e4005b253c237db5b9a10398f12",
"MacAddress": "02:42:ac:11:00:0b",
"IPv4Address": "172.17.0.11/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
2.inspect
1.获取帮助
docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
https://docs.docker.com/engine/reference/commandline/inspect/
2.命令格式
后续inspect查看网络相关的以当前查看运行的容器信息为实验
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fda95bab83df nginx "nginx -g 'daemon of…" 24 minutes ago Up 24 minutes 0.0.0.0:9999->80/tcp, 0.0.0.0:8888->443/tcp nginx-wyf-2
a8320c759fe2 nginx "nginx -g 'daemon of…" 30 minutes ago Up 30 minutes 192.168.234.62:8989->80/tcp nginx-wyf-1
340605f1190c nginx "nginx -g 'daemon of…" 50 minutes ago Up 50 minutes 192.168.234.62:32772->80/tcp nginx-wyf
b2b295d86c50 nginx "nginx -g 'daemon of…" 59 minutes ago Up 59 minutes 0.0.0.0:32771->80/tcp sweet_elgamal
86a2c1ff3da3 nginx "nginx -g 'daemon of…" 59 minutes ago Up 59 minutes 0.0.0.0:32770->80/tcp condescending_spence
60decfc922ce nginx "nginx -g 'daemon of…" 59 minutes ago Up 59 minutes 0.0.0.0:32769->80/tcp stoic_mirzakhani
1d37e6d9f116 nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:32768->80/tcp hardcore_bartik
a2334430a3f2 nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 80/tcp ecstatic_euler
799ceb41a562 ubuntu "/bin/bash" 2 hours ago Up 2 hours vf-ubunt-3
3d392914e276 ubuntu "/bin/bash" 21 hours ago Up 3 hours vf-ubunt-1
1.查看容器IP地址
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' 容器ID
例:
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' fda95bab83df
2.查看容器MAC地址
docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' 容器ID
例:
docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' fda95bab83df
3.查看容器的所有端口绑定
docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' 容器ID
例:
docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' fda95bab83df
4.查找特定的端口映射
当字段名称以数字开头时,.Field语法不起作用,但是模板语言的索引函数起作用。 .NetworkSettings.Ports部分包含内部端口映射到外部地址/端口对象列表的映射。 要仅获取数字公共端口,可使用index查找特定的端口映射,然后index 0包含其中的第一个对象。 然后,我们要求HostPort字段获取公共地址。
docker inspect --format='{{(index (index .NetworkSettings.Ports "容器端口号/tcp") 0).HostPort}}' 容器ID
例:
1.查找容器端口号为80映射到宿主机的端口号
docker inspect --format='{{(index (index .NetworkSettings.Ports "80/tcp") 0).HostPort}}' fda95bab83df
2.查找容器端口号为443映射到宿主机的端口号
docker inspect --format='{{(index (index .NetworkSettings.Ports "443/tcp") 0).HostPort}}' fda95bab83df
3.port
1.获取帮助
docker port --help
Usage: docker port CONTAINER [PRIVATE_PORT[/PROTO]]
List port mappings or a specific mapping for the container
https://docs.docker.com/engine/reference/commandline/port/
2.命令格式
查看端口信息
docker port [容器id]
例:
1.获取最近创建的第一个容器
docker ps -n 1
2.获取第一列第二行的值【第一列是容器ID,第一行是标题,所以取第二行】
awk '{print $1}'|sed -n '2p'
3.查找对应的端口信息【$1:前面执行的结果的第一个参数】
xargs docker port $1
完整命令
docker ps -n 1|awk '{print $1}'|sed -n '2p'| xargs docker port $1
手动查找的效果一样,完整指令简化了步骤而已。
3.网络模式
从1.7.0版本开始,Docker正式把网络跟存储这两个部分的功能实现都以插件化的形式剥离出来,允许用户通过指令来选择不同的后端实现。这也就是Docker希望构建围绕着容器的强大生态系统的一些积极尝试。
剥离出来的独立网络项目叫做libnetwork,libnetwork中的网络模型(Container Networking Model ,CNM)十分简洁,可以让上层的大量应用容器最大程度上不去关心底层实现。
Docker的常用网络模式
1.bridge模式【默认】
Docker的默认模式,它会在docker容器启动时候,自动配置好自己的网络信息,同一宿主机的所有容器都在一个网络下,彼此间可以通信。类似于vmware虚拟机的桥接模式。
利用宿主机的网卡进行通信,因为涉及到网络转换,所以会造成资源消耗,网络效率会低。
2.host模式
容器使用宿主机的ip地址进行通信。
特点:容器和宿主机共享网络。
3.container模式
新创建的容器间使用,使用已创建的容器网络,类似一个局域网。
特点:容器和容器共享网络
4.none模式
不做任何网络的配置,可以最大限度的定制化。
不提供网络服务,容器启动后无网络连接。
5.overlay模式
容器彼此不再同一网络,而且能互相通行。
1.bridge模式
获取帮助
docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which copying the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
1.定制bridge方式一【默认Docker0网桥】
网桥一种设备,根据设备的物理地址来划分网段,并传输数据的,docker0就是默认的网桥,如下创建的容器,它们的ip都是从网桥【docker0】自动获取的。
1.创建桥接网络
docker network create --driver [网络类型][网络名称]
#create 创建一个网络
#--driver 指定网络类型
例:
1.创建一个名为bridge-test的bridge网络
docker network create --driver bridge bridge-test
2.查看主机网络类型
docker network ls
3.查看新建网络bridge-test的网络信息
docker network inspect bridge-test
[
{
"Name": "bridge-test",
"Id": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"Created": "2020-04-14T18:03:27.075651663+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
4.查看宿主机的网卡
ifconfig
br-2d515e0d7ecd: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:c3:38:ec:76 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:5fff:fe9e:daa2 prefixlen 64 scopeid 0x20<link>
ether 02:42:5f:9e:da:a2 txqueuelen 0 (Ethernet)
RX packets 49 bytes 5932 (5.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 82 bytes 7928 (7.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.234.62 netmask 255.255.255.0 broadcast 192.168.234.255
inet6 fe80::20c:29ff:fe1e:a361 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:a3:61 txqueuelen 1000 (Ethernet)
RX packets 951867 bytes 1225269259 (1.2 GB)
RX errors 57 dropped 70 overruns 0 frame 0
TX packets 510581 bytes 180833416 (180.8 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x2000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 3539 bytes 306743 (306.7 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3539 bytes 306743 (306.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2556e5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4cc0:bdff:fe42:bfc1 prefixlen 64 scopeid 0x20<link>
ether 4e:c0:bd:42:bf:c1 txqueuelen 0 (Ethernet)
RX packets 49 bytes 6618 (6.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 108 bytes 10872 (10.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2ac7e58: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::60b4:f9ff:fe5d:6bbf prefixlen 64 scopeid 0x20<link>
ether 62:b4:f9:5d:6b:bf txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 52 bytes 5444 (5.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth330c413: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::9c08:b7ff:fed3:7a65 prefixlen 64 scopeid 0x20<link>
ether 9e:08:b7:d3:7a:65 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 5927 (5.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth353b303: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4410:a5ff:fef6:61a2 prefixlen 64 scopeid 0x20<link>
ether 46:10:a5:f6:61:a2 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 63 bytes 6368 (6.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth619ddad: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::c884:10ff:fef9:8715 prefixlen 64 scopeid 0x20<link>
ether ca:84:10:f9:87:15 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 57 bytes 5885 (5.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth666aefd: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::34aa:38ff:fec8:3785 prefixlen 64 scopeid 0x20<link>
ether 36:aa:38:c8:37:85 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 57 bytes 5885 (5.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth8d2f186: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::5c5d:ecff:fecd:b479 prefixlen 64 scopeid 0x20<link>
ether 5e:5d:ec:cd:b4:79 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 5815 (5.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth9b13e13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::d8bf:efff:fe0c:fc5a prefixlen 64 scopeid 0x20<link>
ether da:bf:ef:0c:fc:5a txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 57 bytes 5885 (5.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethbfd3ef0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2c01:e7ff:fe21:493e prefixlen 64 scopeid 0x20<link>
ether 2e:01:e7:21:49:3e txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 71 bytes 7139 (7.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethca68399: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2ce8:82ff:fe97:4f75 prefixlen 64 scopeid 0x20<link>
ether 2e:e8:82:97:4f:75 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 52 bytes 5444 (5.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
多出了一张br-2d515e0d7ecd网卡
br-2d515e0d7ecd: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:c3:38:ec:76 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.自定义网段与网关
docker network create --driver [网络类型] --gateway [网关] --subnet [子网] [网络名称]
#--gateway strings IPv4 or IPv6 Gateway for the master subnet
# 主子网的IPv4或IPv6网关。
#--subnet strings Subnet in CIDR format that represents a network segment
# 表示网络段的CIDR格式的子网。
上述创建桥接网络的时候的网络信息:
docker network inspect bridge-test
[
{
"Name": "bridge-test",
"Id": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"Created": "2020-04-14T18:03:27.075651663+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
对应的网关和子网信息为:
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16", # 子网信息
"Gateway": "172.18.0.1" # 网关
}
]
},
例:
1.创建自定义名为bridge-test1的网关为:172.66.0.1,子网为:172.66.0.0/16,bridge模式的网络
docker network create --driver bridge --gateway 172.66.0.1 --subnet 172.66.0.0/16 bridge-test1
创建成功返回对应的sha256码:
0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b
2.查看网络列表
docker network ls
NETWORK ID NAME DRIVER SCOPE
8e8b24ce3a07 bridge bridge local
2d515e0d7ecd bridge-test bridge local
0638f8a6598b bridge-test1 bridge local
59f27d5cdcbc host host local
26dd69b9aac8 none null local
3.查看自定义网络bridge-test1的网关与网络信息
docker network inspect bridge-test1
[
{
"Name": "bridge-test1",
"Id": "0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b",
"Created": "2020-04-14T18:20:25.712472704+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.66.0.0/16",
"Gateway": "172.66.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
4.查看宿主机的网卡
ifconfig
br-0638f8a6598b: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.66.0.1 netmask 255.255.0.0 broadcast 172.66.255.255
ether 02:42:ec:f7:89:73 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-2d515e0d7ecd: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:c3:38:ec:76 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:5fff:fe9e:daa2 prefixlen 64 scopeid 0x20<link>
ether 02:42:5f:9e:da:a2 txqueuelen 0 (Ethernet)
RX packets 49 bytes 5932 (5.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 83 bytes 8015 (8.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.234.62 netmask 255.255.255.0 broadcast 192.168.234.255
inet6 fe80::20c:29ff:fe1e:a361 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:a3:61 txqueuelen 1000 (Ethernet)
RX packets 952114 bytes 1225287595 (1.2 GB)
RX errors 57 dropped 70 overruns 0 frame 0
TX packets 510667 bytes 180850219 (180.8 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x2000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 3572 bytes 309420 (309.4 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3572 bytes 309420 (309.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2556e5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4cc0:bdff:fe42:bfc1 prefixlen 64 scopeid 0x20<link>
ether 4e:c0:bd:42:bf:c1 txqueuelen 0 (Ethernet)
RX packets 49 bytes 6618 (6.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 109 bytes 10959 (10.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2ac7e58: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::60b4:f9ff:fe5d:6bbf prefixlen 64 scopeid 0x20<link>
ether 62:b4:f9:5d:6b:bf txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 54 bytes 5601 (5.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth330c413: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::9c08:b7ff:fed3:7a65 prefixlen 64 scopeid 0x20<link>
ether 9e:08:b7:d3:7a:65 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 59 bytes 6014 (6.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth353b303: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4410:a5ff:fef6:61a2 prefixlen 64 scopeid 0x20<link>
ether 46:10:a5:f6:61:a2 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64 bytes 6455 (6.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth619ddad: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::c884:10ff:fef9:8715 prefixlen 64 scopeid 0x20<link>
ether ca:84:10:f9:87:15 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 5972 (5.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth666aefd: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::34aa:38ff:fec8:3785 prefixlen 64 scopeid 0x20<link>
ether 36:aa:38:c8:37:85 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 5972 (5.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth8d2f186: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::5c5d:ecff:fecd:b479 prefixlen 64 scopeid 0x20<link>
ether 5e:5d:ec:cd:b4:79 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 5972 (5.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth9b13e13: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::d8bf:efff:fe0c:fc5a prefixlen 64 scopeid 0x20<link>
ether da:bf:ef:0c:fc:5a txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 5972 (5.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethbfd3ef0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2c01:e7ff:fe21:493e prefixlen 64 scopeid 0x20<link>
ether 2e:01:e7:21:49:3e txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 73 bytes 7333 (7.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethca68399: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2ce8:82ff:fe97:4f75 prefixlen 64 scopeid 0x20<link>
ether 2e:e8:82:97:4f:75 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 55 bytes 5708 (5.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
多出了一张br-0638f8a6598b网卡
br-0638f8a6598b: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.66.0.1 netmask 255.255.0.0 broadcast 172.66.255.255
ether 02:42:ec:f7:89:73 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
3.在自定义网络中启动容器
docker run --net=[网络名称] -itd --name=[容器名称][镜像名称]
在上述创建的两个bridge模式的网络中:
查看容器信息:
docker network inspect bridge-test | grep -Po 'Containers[" :]+\K[^"]+'
docker network inspect bridge-test1 | grep -Po 'Containers[" :]+\K[^"]+'
对应命令:
docker network inspect bridge-test
docker network inspect bridge-test1
中取出json的"Containers"的键对应的值:
bridge-test 和 bridge-test1的容器都是空的。
1.创建启动1个使用网络为【bridge-test1】名为【nginx-wyf-bridge-1】的容器
docker run --net=bridge-test1 -itd --name nginx-wyf-bridge-1 nginx
2.查看运行的容器和容器信息
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2ca0dbed742c nginx "nginx -g 'daemon of…" About a minute ago Up About a minute 80/tcp nginx-wyf-bridge-1
docker inspect 2ca0dbed742c
[
{
"Id": "2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29",
"Created": "2020-04-15T01:42:32.64388843Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4364,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T01:42:33.696309008Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/hostname",
"HostsPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/hosts",
"LogPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29-json.log",
"Name": "/nginx-wyf-bridge-1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge-test1",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/merged",
"UpperDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/diff",
"WorkDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "2ca0dbed742c",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <[email protected]>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "cb9bedd6c0b6f17f608ecd788101bbc1dc89dc421fcc9ae3531af3bf8c199d4c",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/cb9bedd6c0b6",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge-test1": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"2ca0dbed742c"
],
"NetworkID": "0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b",
"EndpointID": "3d9ee47114aabde7af56e00a80d776918dc1313deef62bd195020f2f9fcb535d",
"Gateway": "172.66.0.1",
"IPAddress": "172.66.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:42:00:02",
"DriverOpts": null
}
}
}
}
]
在容器 nginx-wyf-bridge-1中的网络出现了bridge-test1的信息:
"Networks": {
"bridge-test1": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"2ca0dbed742c"
],
"NetworkID": "0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b",
"EndpointID": "3d9ee47114aabde7af56e00a80d776918dc1313deef62bd195020f2f9fcb535d",
"Gateway": "172.66.0.1",
"IPAddress": "172.66.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:42:00:02",
"DriverOpts": null
}
}
3.查看网络信息
docker network inspect bridge-test
[
{
"Name": "bridge-test",
"Id": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"Created": "2020-04-14T18:03:27.075651663+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
因为没有在bridge-test中启动容器,“Containers”: {},容器依然是空的
docker network inspect bridge-test1
[
{
"Name": "bridge-test1",
"Id": "0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b",
"Created": "2020-04-14T18:20:25.712472704+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.66.0.0/16",
"Gateway": "172.66.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29": {
"Name": "nginx-wyf-bridge-1",
"EndpointID": "3d9ee47114aabde7af56e00a80d776918dc1313deef62bd195020f2f9fcb535d",
"MacAddress": "02:42:ac:42:00:02",
"IPv4Address": "172.66.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
bridge-test1中有了容器nginx-wyf-bridge-1的信息
"Containers": {
"2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29": {
"Name": "nginx-wyf-bridge-1",
"EndpointID": "3d9ee47114aabde7af56e00a80d776918dc1313deef62bd195020f2f9fcb535d",
"MacAddress": "02:42:ac:42:00:02",
"IPv4Address": "172.66.0.2/16",
"IPv6Address": ""
}
},
4.创建启动1个使用网络为【bridge-test】名为【nginx-wyf-bridge-2】的容器
docker run --net=bridge-test -itd --name nginx-wyf-bridge-2 nginx && docker ps && docker inspect nginx-wyf-bridge-2
57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57ab1e2a80ed nginx "nginx -g 'daemon of…" 1 second ago Up Less than a second 80/tcp nginx-wyf-bridge-2
2ca0dbed742c nginx "nginx -g 'daemon of…" 5 minutes ago Up 5 minutes 80/tcp nginx-wyf-bridge-1
[
{
"Id": "57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712",
"Created": "2020-04-15T01:47:48.93949876Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4558,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T01:47:49.757267457Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/hostname",
"HostsPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/hosts",
"LogPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712-json.log",
"Name": "/nginx-wyf-bridge-2",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge-test",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/merged",
"UpperDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/diff",
"WorkDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "57ab1e2a80ed",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <[email protected]>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "76c7aec0e9ee9fcc7d49918bf6554c32a85e26160615ac11c87fa64c569f0de0",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/76c7aec0e9ee",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge-test": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"57ab1e2a80ed"
],
"NetworkID": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"EndpointID": "0b3c5c5716d4f82dbb3cb99fd695d7819256cb1886759f927cb5a074d83f4ec4",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:02",
"DriverOpts": null
}
}
}
}
]
此时的容器nginx-wyf-bridge-2中已经有了bridge-test的网络信息
"Networks": {
"bridge-test": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"57ab1e2a80ed"
],
"NetworkID": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"EndpointID": "0b3c5c5716d4f82dbb3cb99fd695d7819256cb1886759f927cb5a074d83f4ec4",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:02",
"DriverOpts": null
}
}
}
3.查看网络bridge-test信息
docker network inspect bridge-test
[
{
"Name": "bridge-test",
"Id": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"Created": "2020-04-14T18:03:27.075651663+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712": {
"Name": "nginx-wyf-bridge-2",
"EndpointID": "0b3c5c5716d4f82dbb3cb99fd695d7819256cb1886759f927cb5a074d83f4ec4",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
此时的bridge-test中启动容器nginx-wyf-bridge-2,bridge-test中也有了nginx-wyf-bridge-2的信息
"Containers": {
"57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712": {
"Name": "nginx-wyf-bridge-2",
"EndpointID": "0b3c5c5716d4f82dbb3cb99fd695d7819256cb1886759f927cb5a074d83f4ec4",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
}
},
1. 使用默认的桥接模型创建的容器是可以直接联网的。
2. 使用自定义的桥接模型创建的容器不可以直接联网,但是可以通过端口映射来实现联网。
也就意味着:
nginx-wyf-bridge-2和nginx-wyf-bridge-1不能联网, nginx-wyf-bridge-2采用的是自定义的bridge网络bridge-test,nginx-wyf-bridge-1采用的是自定义的bridge网络bridge-test1,所以需要通过端口映射来实现联网。
4.容器断开网络
docker network disconnect [网络名][容器名]
例:
1.断开容器nginx-wyf-bridge-2网络bridge-test
docker network disconnect bridge-test nginx-wyf-bridge-2
2.查看运行的容器
docke ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57ab1e2a80ed nginx "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes nginx-wyf-bridge-2
2ca0dbed742c nginx "nginx -g 'daemon of…" 9 minutes ago Up 9 minutes 80/tcp nginx-wyf-bridge-1
发现nginx-wyf-bridge-2的网络消失
3.断开容器nginx-wyf-bridge-1网络bridge-test1
docker network disconnect bridge-test1 nginx-wyf-bridge-1
4.查看运行的容器
docke ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57ab1e2a80ed nginx "nginx -g 'daemon of…" 7 minutes ago Up 7 minutes nginx-wyf-bridge-2
2ca0dbed742c nginx "nginx -g 'daemon of…" 12 minutes ago Up 12 minutes nginx-wyf-bridge-1
发现nginx-wyf-bridge-1的网络也消失了
5.分别查看网络bridge-test bridge-test1的网络
docker network inspect bridge-test | grep -Po 'Containers[" :]+\K[^"]+'
docker network inspect bridge-test1 | grep -Po 'Containers[" :]+\K[^"]+'
发现网络bridge-test、bridge-test1中的容器的信息都没有了
6.分别查看两个容器nginx-wyf-bridge-1、nginx-wyf-bridge-2的信息
docker inspect nginx-wyf-bridge-1
docker inspect nginx-wyf-bridge-2
[
{
"Id": "2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29",
"Created": "2020-04-15T01:42:32.64388843Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4364,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T01:42:33.696309008Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/hostname",
"HostsPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/hosts",
"LogPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29-json.log",
"Name": "/nginx-wyf-bridge-1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge-test1",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/merged",
"UpperDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/diff",
"WorkDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "2ca0dbed742c",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <[email protected]>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "cb9bedd6c0b6f17f608ecd788101bbc1dc89dc421fcc9ae3531af3bf8c199d4c",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/cb9bedd6c0b6",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {}
}
}
]
nginx-wyf-bridge-1的 “Networks”: {},没有了网络信息
[
{
"Id": "57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712",
"Created": "2020-04-15T01:47:48.93949876Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4558,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T01:47:49.757267457Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/hostname",
"HostsPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/hosts",
"LogPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712-json.log",
"Name": "/nginx-wyf-bridge-2",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge-test",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/merged",
"UpperDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/diff",
"WorkDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "57ab1e2a80ed",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <[email protected]>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "76c7aec0e9ee9fcc7d49918bf6554c32a85e26160615ac11c87fa64c569f0de0",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/76c7aec0e9ee",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {}
}
}
]
nginx-wyf-bridge-2的 “Networks”: {},没有了网络信息
5.容器连接网络
docker network connect [网络名][容器名]
例:
1.查看运行的容器
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57ab1e2a80ed nginx "nginx -g 'daemon of…" 18 minutes ago Up 18 minutes nginx-wyf-bridge-2
2ca0dbed742c nginx "nginx -g 'daemon of…" 24 minutes ago Up 24 minutes nginx-wyf-bridge-1
运行的容器nginx-wyf-bridge-1和nginx-wyf-bridge-2都没有网络信息。
2.将容器nginx-wyf-bridge-1连接到bridge-test1网络,并查看运行的容器变化
docker network connect bridge-test1 nginx-wyf-bridge-1 && docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57ab1e2a80ed nginx "nginx -g 'daemon of…" 22 minutes ago Up 21 minutes nginx-wyf-bridge-2
2ca0dbed742c nginx "nginx -g 'daemon of…" 27 minutes ago Up 27 minutes 80/tcp nginx-wyf-bridge-1
容器nginx-wyf-bridge-1有了网络信息
3.将容器nginx-wyf-bridge-2连接到bridge-test网络,并查看运行的容器变化
docker network connect bridge-test nginx-wyf-bridge-2 && docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57ab1e2a80ed nginx "nginx -g 'daemon of…" 24 minutes ago Up 24 minutes 80/tcp nginx-wyf-bridge-2
2ca0dbed742c nginx "nginx -g 'daemon of…" 30 minutes ago Up 30 minutes 80/tcp nginx-wyf-bridge-1
容器nginx-wyf-bridge-2也有了网络信息
4.查看网络bridge-test和bridge-test1的容器信息
docker network inspect bridge-test
docker network inspect bridge-test1
5.查看容器是否含有对应的网络信息
docker inspect nginx-wyf-bridge-1
[
{
"Id": "2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29",
"Created": "2020-04-15T01:42:32.64388843Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4364,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T01:42:33.696309008Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/hostname",
"HostsPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/hosts",
"LogPath": "/var/lib/docker/containers/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29/2ca0dbed742c428a989f4c955840a6608de4839092314c226751d6033d0f9d29-json.log",
"Name": "/nginx-wyf-bridge-1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge-test1",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/merged",
"UpperDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/diff",
"WorkDir": "/var/lib/docker/overlay2/c63b9df9a361f2becb66b486a21b1c7479224063a56a9ab1118a2aced6f359a4/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "2ca0dbed742c",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <[email protected]>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "cb9bedd6c0b6f17f608ecd788101bbc1dc89dc421fcc9ae3531af3bf8c199d4c",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/cb9bedd6c0b6",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge-test1": {
"IPAMConfig": {},
"Links": null,
"Aliases": [
"2ca0dbed742c"
],
"NetworkID": "0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b",
"EndpointID": "4ed1b4eec88fe9872fc8d405ff3aec451efcc25b9e8cc492c4a016d627f9d02d",
"Gateway": "172.66.0.1",
"IPAddress": "172.66.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:42:00:02",
"DriverOpts": {}
}
}
}
}
]
nginx-wyf-bridge-1容器中有了bridge-test1的网络信息
"Networks": {
"bridge-test1": {
"IPAMConfig": {},
"Links": null,
"Aliases": [
"2ca0dbed742c"
],
"NetworkID": "0638f8a6598bd0dadfe98c07735e0208444e2315855c19a70121d249fa08965b",
"EndpointID": "4ed1b4eec88fe9872fc8d405ff3aec451efcc25b9e8cc492c4a016d627f9d02d",
"Gateway": "172.66.0.1",
"IPAddress": "172.66.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:42:00:02",
"DriverOpts": {}
}
}
docker inspect nginx-wyf-bridge-2
[
{
"Id": "57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712",
"Created": "2020-04-15T01:47:48.93949876Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4558,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T01:47:49.757267457Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/hostname",
"HostsPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/hosts",
"LogPath": "/var/lib/docker/containers/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712/57ab1e2a80ed797bf6e77af22926463aaa03711c746f26d710058471931b9712-json.log",
"Name": "/nginx-wyf-bridge-2",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge-test",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/merged",
"UpperDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/diff",
"WorkDir": "/var/lib/docker/overlay2/6aa84fe3cd0b8fddcb088be117297720adc3d736cbebb78b4aa4a3deccf681a9/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "57ab1e2a80ed",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <[email protected]>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "76c7aec0e9ee9fcc7d49918bf6554c32a85e26160615ac11c87fa64c569f0de0",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/76c7aec0e9ee",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge-test": {
"IPAMConfig": {},
"Links": null,
"Aliases": [
"57ab1e2a80ed"
],
"NetworkID": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"EndpointID": "c4bfbc6829be8e5cd4d942902ad83da63c671ab7f75d2dfd4ff11f1098168c34",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:02",
"DriverOpts": {}
}
}
}
}
]
nginx-wyf-bridge-2容器中有了bridge-test的网络信息
"Networks": {
"bridge-test": {
"IPAMConfig": {},
"Links": null,
"Aliases": [
"57ab1e2a80ed"
],
"NetworkID": "2d515e0d7ecd73fb56059b81342cbfcb91208ce9593c16751ee8ca08d729396d",
"EndpointID": "c4bfbc6829be8e5cd4d942902ad83da63c671ab7f75d2dfd4ff11f1098168c34",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:02",
"DriverOpts": {}
}
}
2.定制bridge方式二【定制Docker网桥】
网桥一种设备,根据设备的物理地址来划分网段,并传输数据的,docker0就是默认的网桥,如下创建的容器,通过自定义一个br0网桥,然后启动的容器就用自定义的网桥获取。
需求:
定制docker网桥br0
分析:
1、网桥的创建
2、docker服务使用新网桥
3、测试
知识点:
1.bridge-utils软件的brctl工具可以实现创建网桥
2.配置/etc/default/docker文件
3.编辑systemctl的配置文件使用该docker文件
4.重载systemctl配置
5.重启docker
6.创建容器,查看容器信息即可
1.网桥环境部署
1.网桥软件部署
ubuntu默认不自带网桥管理工具,需要自行安装网桥软件
1.安装网桥管理软件
sudo apt install -y bridge-utils
2.查看网卡
brctl show
bridge name bridge id STP enabled interfaces
br-0638f8a6598b 8000.0242da3e7e61 no veth1958f6e
br-2d515e0d7ecd 8000.0242f4770011 no veth7af2da6
docker0 8000.0242331f861f no
| 标题 | 说明 |
|---|---|
| bridge name | 网卡名称 |
| bridge id | 网卡id |
| STP enabled | STP是否启用 |
| interfaces | 物理接口 |
2.创建网桥
1.创建网桥br0
sudo brctl addbr br0
2.查看网卡
brctl show
bridge name bridge id STP enabled interfaces
br-0638f8a6598b 8000.0242da3e7e61 no veth1958f6e
br-2d515e0d7ecd 8000.0242f4770011 no veth7af2da6
br0 8000.000000000000 no
docker0 8000.0242331f861f no
3.设置网桥网段
1.给网桥br0设置网段
网络地址是192.168.66.1,掩码:255.255.255.0
sudo ifconfig br0 192.168.66.1 netmask 255.255.255.0
2.查看网卡信息
ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.66.1 netmask 255.255.255.0 broadcast 192.168.66.255
inet6 fe80::b027:76ff:fe31:d6f6 prefixlen 64 scopeid 0x20<link>
ether b2:27:76:31:d6:f6 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 41 bytes 5473 (5.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-0638f8a6598b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.66.0.1 netmask 255.255.0.0 broadcast 172.66.255.255
inet6 fe80::42:daff:fe3e:7e61 prefixlen 64 scopeid 0x20<link>
ether 02:42:da:3e:7e:61 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 6099 (6.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-2d515e0d7ecd: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::42:f4ff:fe77:11 prefixlen 64 scopeid 0x20<link>
ether 02:42:f4:77:00:11 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 45 bytes 5748 (5.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:33:1f:86:1f txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.234.62 netmask 255.255.255.0 broadcast 192.168.234.255
inet6 fe80::20c:29ff:fe1e:a361 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:a3:61 txqueuelen 1000 (Ethernet)
RX packets 6543 bytes 6184327 (6.1 MB)
RX errors 4 dropped 4 overruns 0 frame 0
TX packets 3063 bytes 358676 (358.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x2000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 407 bytes 33811 (33.8 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 407 bytes 33811 (33.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth1958f6e: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::2880:dfff:fe0d:bdf4 prefixlen 64 scopeid 0x20<link>
ether 2a:80:df:0d:bd:f4 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 40 bytes 4468 (4.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth7af2da6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::c823:dcff:fe0e:10f1 prefixlen 64 scopeid 0x20<link>
ether ca:23:dc:0e:10:f1 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 40 bytes 4468 (4.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.Docker配置网桥
1.配置docker文件
1.备份源文件
sudo cp /etc/default/docker /etc/default/docker.backup
2.在/etc/default/docker末尾追加DOCKER_OPTS="-b=br0"
sudo sh -c 'echo DOCKER_OPTS=\"-b=br0\" >> /etc/default/docker'
3.确认
cat /etc/default/docker
2.systemctl使用docker文件
更多请参考:
https://docs.docker.com/engine/reference/commandline/docker/
或:
https://docker-doc.readthedocs.io/zh_CN/latest/reference/commandline/cli.html
