Preface
During the front-end time, while using docker, I came into contact with the relevant knowledge that requires docker network. My previous understanding was that it can meet daily use. This time, I took the opportunity to learn more about it. Of course, for network
knowledge A more in-depth understanding may not be as good as that of a big guy who is proficient in the Internet.
Docker network types and corresponding structures
It is reported that docker 1.7 and docker1.8 have 4 default network types, which are: None/ Host/ Bridge(default)/ .Container
- by
docker network lsviewing
Docker will create the following types of networks by default. Host/ /NoneBridge
- None
--net=noneNo related network is created. That is, it can only be executed within the container. The container does not perform network virtualization, and the container cannot communicate with the outside.
- host
--net=hostHost mode. The container and the host use the same network. For example, if a process in the container uses 8080a port, the host cannot use this port. Vice versa, the same principle applies.
- bridge (default)
--net=bridgeEach container performs network virtualization and communicates with the host through port mapping.
- container
--net=container:Name_or_IdWhen a container starts, it does not need to virtualize its own network. Instead, it uses the network of other containers.
bridge mode
For example, generally Docker will use the network segment 172.17.0.0/16 and assign 172.17.0.1/16 to the docker0 bridge (you can see docker0 by using the ifconfig command on the host, which can be considered as the management interface of the bridge) , used as a virtual network card on the host machine). The network topology in a stand-alone environment is as follows, and the host address is 10.10.0.186/24.
Commonly used docker network commands
- Create network
docker network create --driver=bridge --subnet=192.168.88.0/24 demo
# driver 网络模式
# subnet 网段 默认网段为172.17.0.0/16
# demo 名称
- When the container starts, use the network
#运行redis容器
docker run -itd --name redis --network mynet --network-alias redis -p 6379:6379 redis
#运行nginx容器
docker run -d --name nginx -p 80:80 --network mynet --network-alias nginx --privileged=true -v /home/wwwroot:/home/wwwroot -v /home/wwwlogs:/home/wwwlogs nginx
- Query the container’s network
docker inspect <containerName_or_Id>
# 运行容器;
$ docker run --name=nginx_bridge --net=bridge -p 80:80 -d nginx
9582dbec7981085ab1f159edcc4bf35e2ee8d5a03984d214bce32a30eab4921a
# 查看容器;
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9582dbec7981 nginx "nginx -g 'daemon ..." 3 seconds ago Up 2 seconds 0.0.0.0:80->80/tcp nginx_bridge
# 查看容器网络;
$ docker inspect 9582dbec7981
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "9e017f5d4724039f24acc8aec634c8d2af3a9024f67585fce0a0d2b3cb470059",
"EndpointID": "81b94c1b57de26f9c6690942cd78689041d6c27a564e079d7b1f603ecc104b3b",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
- Query the entire network network
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "9e017f5d4724039f24acc8aec634c8d2af3a9024f67585fce0a0d2b3cb470059",
"Created": "2017-08-09T23:20:28.061678042-04:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"Containers": {
"9582dbec7981085ab1f159edcc4bf35e2ee8d5a03984d214bce32a30eab4921a": {
"Name": "nginx_bridge",
"EndpointID": "81b94c1b57de26f9c6690942cd78689041d6c27a564e079d7b1f603ecc104b3b",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
- link related containers
#1. 运行nginx和docker容器
docker run -itd --name redis -p 6379:6379 redis
docker run -d --name nginx -p 80:80 --privileged=true -v /home/wwwroot:/home/wwwroot -v /home/wwwlogs:/home/wwwlogs nginx
# 2. 链接网络
#加入nginx到mynet网络
[root@localhost /]# docker network connect mynet nginx
#加入redis到mynet网络
[root@localhost /]# docker network connect mynet redis
#查看mynet网络包含的容器,会发现两个容器都加入当前网络了,后面使用ping命令是能够ping通容器名称的。
[root@localhost /]# docker network inspect mynet
# 3. 取消链接网络
#将nginx移除mynet局域网络
docker network disconnect mynet nginx
Reference
[1]. Docker: Detailed explanation of network mode
[2]. Detailed explanation and tutorial of docker network
[3]. Docker network organization
Official command reference
Parent command
| Command | Description |
|---|---|
| docker | The base command for the Docker CLI. |
Child commands
| Command | Description |
|---|---|
| docker network connect | Connect a container to a network |
| docker network create | Create a network |
| docker network disconnect | Disconnect a container from a network |
| docker network inspect | Display detailed information on one or more networks |
| docker network ls | List networks |
| docker network prune | Remove all unused networks |
| docker network rm | Remove one or more networks |