1 Docker repository access
Third-party mirroring
need to log docker account
root@slave1:/home/xxx/Documents# docker pull index.tenxcloud.com/docker_library/node:latest
Error response from daemon: pull access denied for index.tenxcloud.com/docker_library/node, repository does not exist or may require 'docker login'Setting up a local private warehouse
1) Use a mirror to create a registry of private high warehouse
after installing Docker, it can be provided by official registrysimply set up a local private warehouse environment Mirror:
root@slave1:/home/xxx/Documents# docker run -d -p 5000:5000 registry:2 #自动下载井启动一个registry容器,创建本地的私有仓库服务。
Unable to find image 'registry:2' locally
2: Pulling from library/registry
c87736221ed0: Pull complete
1cc8e0bb44df: Pull complete
54d33bcb37f5: Pull complete
e8afc091c171: Pull complete
b4541f6d3db6: Pull complete
Digest: sha256:8004747f1e8cd820a148fb7499d71a76d45ff66bac6a29129bfdbfdc0154d146
Status: Downloaded newer image for registry:2
40761724cd46b129753d1d74bf51a4744d609b68a00edfc5179a922510fab1e7View all containers
root@slave1:/home/xxx/Documents# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
40761724cd46 registry:2 "/entrypoint.sh /etc…" 10 minutes ago Up 10 minutes 0.0.0.0:5000->5000/tcp dazzling_hopperBy default, the warehouse will be created in the container /var/lib/registrydirectory. You can -vbe image files stored in the local path specified parameters. The uploaded image into /opt/data/registrythe directory:
docker run -d -p 5000 5000 -v /opt / data/registry:/var/l ib/registry registry :2At this point in the local warehouse will start a private service, listening on port 5000.
2) warehouse management
view existing mirror
root@slave1:/home/xxx/Documents# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 16.04 5e13f8dd4c1a 6 weeks ago 120MBUse docker tagcommand to the image mark 10.0.2.2:5000/test(format docker tag IMAGE [:TAG] [REGISTRY.HOST/] [USERNAME/] NAME [:TAG ])
root@slave1:/home/xxx/Documents# docker tag ubuntu:16.04 10.0.2.2:5000/test
root@slave1:/home/xxx/Documents# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.0.2.2:5000/test latest 5e13f8dd4c1a 6 weeks ago 120MB
ubuntu 16.04 5e13f8dd4c1a 6 weeks ago 120MBUse docker pushupload tagged image:
# docker push 10.0.2.2:5000/testWith a curlview warehouse 10.0.2.2:5000in the mirror:
# curl http://10.0.2.2:5000/v2/searchOnce uploaded, you can have access to in to any 10.0.2.2machine addresses to download this image. Docker relatively new version of the higher security requirements, will be asked to support the warehouse SSL/TLScertificate. Private warehouse for internal use, you can configure the certificate itself on or off the security checks on warehouses. First, modify the Docker daemonstartup parameters, add the following parameters, expressed confidence in the private warehouse, no safety certificate check: DOCKER_OPTS;”-- insecure-registry 10.0.2.2:500 ”After the restart Docker services, and download the image from the warehouse to the local private
root@slave1:/home/xxx/Documents# service docker restart
root@slave1:/home/xxx/Documents# docker pull 10.0.2.2:5000/test
root@slave1:/home/xxx/Documents# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.0.2.2:5000/test latest 5e13f8dd4c1a 6 weeks ago 120MBAfter downloading, you can also add a more generic tag ubuntu: 16. 04, to facilitate subsequent use:
root@slave1:/home/xxx/Documents# docker tag 10.0.2.2:5000/test ubuntu:16.042 Docker Data Management
Docker use in a production environment, often you need to be persistent data, or the data needs to be shared among a plurality of containers, which necessarily involves data management operations of the container.
Management data container mainly in two ways:
port data volume ( Data Volumes): container data mapped directly to the local host environment;
port data volume container ( Data Volume Containers): maintenance data using a particular container volume.
It describes how to create a data volume in the container, and to mount local directories or files to a data volume in the container. Next, how to use the data volume of the container vessel and to share data between hosts, container and container, and backup and restore data.
Data volume
data volume ( Data Volumes) is a container for use in a special directory, it will host operating system directory directly mapped into the container, similar to Linux in mountbehavior.
Data volume can provide many useful features:
port data volume data can be transferred between the work becomes easy and efficient reuse of the container between the container;
the mouth of the data within the data volume changes will take effect immediately, or whether it is operating in the vessel local operation;
port update will not affect the image data volume, and the application solution pick open transactions;
port volumes will exist until the container is not used, it can safely unload.
Create a data volume
Docker provides a volumesub-commands to manage data volumes, the following command can quickly create a data volume locally:
root@slave1:/home/xxx/Documents# docker volume create -d local test
testView /var/lib/docker /volumesof the path, you will find the volume location data created:
root@slave1:/home/xxx/Documents# ls -l /var/lib/docker/volumes
-rw------- 1 root root 32768 9月 10 11:04 metadata.db
drwxr-xr-x 3 root root 4096 9月 10 11:04 testIn addition to createoutside the sub-command, docker volumealso supported inspect(see details), ls(list the available data volume), prune(cleaning up unwanted data volume), rm(delete data volume), etc.
root@slave1:/home/xxx/Documents# docker volume inspect test #数据卷查看详细信息
[
{
"CreatedAt": "2019-09-10T11:04:12+08:00",
"Driver": "local",
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/test/_data",
"Name": "test",
"Options": {},
"Scope": "local"
}
]root@slave1:/home/xxx/Documents# docker volume ls #列出已有数据卷
DRIVER VOLUME NAME
local 8ed823897243d9ef96538d5362760c81c8612e7a35380dfb599178e612325b93
local testBinding data volume
except volumesubcommands data volume, but also can create the container when the local host to mount an arbitrary path within the container as a data volume, the data volume to create this form is called binding data volume.
With docker [container] runtime command, you can use the -mountoption to use data volumes.
- mountOption supports three types of data volume, comprising:
port volume: normal data volume, mapped to the host /var/ lib /docke r /volumesof the path;
mouth bind: Binding data volume, the host mapped to the specified path;
mouth tmpfs: temporary data volume, only exists in memory.
Used below training/webappto create a Web container image, and creates a data volume of the container to mount /opt/webappthe directory:
root@slave1:/home/xxx/Documents# docker run -d -P --name web --mount type=bind,source=/webapp,destination=/opt/webapp training/webapp python app.py #报错 不存在/webapp 使
用下面命令之后 再试一下
The above command is equivalent to using the old -vtag can create a data volume in the container:
root@slave1:/home/xxx/Documents# docker run -d -P --name web -v /webapp:/opt/webapp training/webapp python app.py
Unable to find image 'training/webapp:latest' locally
latest: Pulling from training/webapp
e190868d63f8: Pull complete
909cd34c6fd7: Pull complete
0b9bfabab7c1: Pull complete
a3ed95caeb02: Pull complete
10bbbc0fc0ff: Pull complete
fca59b508e9f: Pull complete
e7ae2541b15b: Pull complete
9dd97ef58ce9: Pull complete
a4c1b0cb7af7: Pull complete
Digest: sha256:06e9c1983bd6d5db5fba376ccd63bfa529e8d02f23d5079b8f74a616308fb11d
Status: Downloaded newer image for training/webapp:latest
4bcc83dac6efb860a4590fb1c3540759876417714c52bb33a73013ec38414a1fUse training/webappmirror Web1 create a container and create a data volume of the container to mount /opt/webappthe directory:
root@slave1:/home/xxx/Documents# docker run -d -P --name web1 --mount type=bind,source=/webapp,destination=/opt/webapp training/webapp python app.py
d7a066b7f5aaf384ac5871d50c94e4985107869b34129181d9ebd188f010501cThis feature making application testing time is very convenient, for example, the user can place a number of programs or data to the local directory is updated in real time, and then run and use within the container.
Further, the local directory path must be absolute, the container may be a path relative path. If the directory does not exist, Docker will be created automatically.
Docker mount default permissions data volume is read ( rw), the user can also rospecify read-only:
root@slave1:/home/xxx/Documents# docker run -d -P --name d7a066b7f5aaf384ac5871d50c94e4985107869b34129181d9ebd188f010501c -v /webapp:/opt/webapp:ro training/webapp python app.py
ee35606b7e5dec26e544d60878f94137973c691ad0821a8604730a95f97f3863He added: roThereafter, the data within the data volume mounted in the container can not be changed.
If mounted directly to a file container, file editing tool, including vior sed - - in placetime, may cause the file inodeto change. From Docker 1.1.0 onwards, this report will lead to error messages. Therefore, the recommended way is to directly mount the directory where the file into the container.
Data volume container
if the users need to share some data is updated continuously between a plurality of containers, the easiest way is to use the data volume container. Data volume container is a container, but its purpose is to provide specialized data volume to mount other containers.
First, create a data volume of the container dbdata, and which creates a mount data volume /dbdata:
root@slave1:/home/xxx/Documents# docker run -it -v /dbdata --name dbdata ubuntu
root@257d18f2f4dd:/#View /dbdatacatalog:
root@257d18f2f4dd:/# ls
bin dbdata etc lib media opt root sbin sys usr
boot dev home lib64 mnt proc run srv tmp varThen, other containers may be used --volumes-fromto mount dbdatathe data volume container, such as creating dbland db2two containers to and from dbdatathe container mount data volume:
root@slave1:/home/xxx/Documents# docker run -it --volumes-from dbdata --name db1 ubuntu
root@1709a48e760e:/# exit
exit
root@slave1:/home/xxx/Documents# docker run -it --volumes-from dbdata --name db2 ubuntu
root@94eeab14f62c:/# exit
exitIn this case, the container dbland db2are mounted with a data volume into the same /dbdatadirectory, either written into three containers in the directory, and other containers can be seen
in dbdatacreate a container testfile:
root@slave1:/home/xxx/Documents# docker start 94eeab14f62c #启动db2容器
94eeab14f62c
root@slave1:/home/xxx/Documents# docker attach 94eeab14f62c #进入容器
root@94eeab14f62c:/# ls #查看目录
bin dbdata etc lib media opt root sbin sys usr
boot dev home lib64 mnt proc run srv tmp var
root@94eeab14f62c:/# cd /dbdata #进入dbdata目录
root@94eeab14f62c:/dbdata# touch test #创建test文件
root@94eeab14f62c:/dbdata# ls
test
In dbl1view it in the container:
root@slave1:/home/xxx/Documents# docker run -it --volumes-from dbdata --name 1709a48e760e ubuntu #db1容器
root@6cc5d2d5ad79:/# ls
bin dbdata etc lib media opt root sbin sys usr
boot dev home lib64 mnt proc run srv tmp var
root@6cc5d2d5ad79:/# cd dbdata
root@6cc5d2d5ad79:/dbdata# ls
testOr use the above-mentioned attachcommand to enter db1the vessel View:
root@slave1:/home/xxx/Documents# docker start 1709a48e760e #启动db1容器
1709a48e760e
root@slave1:/home/xxx/Documents# docker attach 1709a48e760e
root@6cc5d2d5ad79:/# ls
bin dbdata etc lib media opt root sbin sys usr
boot dev home lib64 mnt proc run srv tmp var
root@6cc5d2d5ad79:/# cd dbdata
root@6cc5d2d5ad79:/dbdata# ls
testNote: Use attachwhen entering the container, you need to start a container, otherwise it will appear the following tips:
root@slave1:/home/xxx/Documents# docker attach 1709a48e760e
You cannot attach to a stopped container, start it firstCan be repeatedly used --volumes-fromparameters to mount a plurality of data volumes from a plurality of containers, can also be mounted from the other container volumes has been to mount the data volume of the container
root@slave1:/home/xxx/Documents# docker run -d --name db3 --volumes-from db1 training/postgres
Unable to find image 'training/postgres:latest' locally
latest: Pulling from training/postgres
a3ed95caeb02: Pull complete
6e71c809542e: Pull complete
2978d9af87ba: Pull complete
e1bca35b062f: Pull complete
500b6decf741: Pull complete
74b14ef2151f: Pull complete
7afd5ed3826e: Pull complete
3c69bb244f5e: Pull complete
d86f9ec5aedf: Pull complete
010fabf20157: Pull complete
Digest: sha256:a945dc6dcfbc8d009c3d972931608344b76c2870ce796da00a827bd50791907e
Status: Downloaded newer image for training/postgres:latest
c06bced08bd6946ce2167eb7f02dcf3da796c540b0eafb380951d57a3ae4ecd2Note that, using --volumes-fromthe parameters of the data volume of the container itself does not need to mount retaining run state.
If you remove the mounted containers (including dbdata, db ``和DB2 ),数据卷并不会被自动删除。如果要删除一个数据卷,必须在删除最后一个还挂载着它的容器时显式使用Dock ER RM -v` delete command to specify the associated container
using the data volume of the container allows the user to freely move and upgrade data volume between the containers, the specific operation below a.
using data volume container to migrate data
using the data volume of the vessel volume wherein the data backup, recovery, data migration to achieve.
1) to back up
using the following command to back up dbdatathe data volume in the data volume container:
root@slave1:/home/xxx/Documents# docker run --volumes-from dbdata -v $(pwd):/backup --name worker ubuntu tar cvf /backup/backup.tar /dbdataFirst, create a container worker use ubuntu mirror. Using the --volumes-from dbdataparameters to be mounted container worker dbdatacontainer volume data (i.e., dbdatadata volume); using the -v$ (pwd) : /bac kupparameter to mount the local current directory to / backup directory container worker.
After the container starting worker, using the tar cvf /backup/backup.tar /dbdatacommand to /dbdatathe backup content in the container /backup/backup. tar, i.e. the current directory homed host backup.tar.
2) Recovery
To restore the data to a container, first create a container having a volume of data dbdata2:
root@slave1:/home/xxx/Documents# docker run -v /dbdata --name dbdata2 ubuntu /bin/bashThen create another new container, mount dbdata2the container and use untarunzip the backup files to the mounted volume in the container:
root@slave1:/home/xxx/Documents# docker run --volumes-from dbdata2 -v $(pwd):/backup busybox tar xvf /backup/backup.tar
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
7c9d20b9b6cd: Pull complete
Digest: sha256:fe301db49df08c384001ed752dff6d52b4305a73a7f608f21528048e8a08b51e
Status: Downloaded newer image for busybox:latest
dbdata/
dbdata/testBy data volume and data volumes on the container in the container and other data sharing, backup and restore operations, through these mechanisms, even if the container failure during operation, users do not have to worry about data loss occurs, only need to re-create the container can be quickly .
3 container port mapping Interconnection
In practice, often encounter situations require multiple service components work together containers, which often need to be able to access each other between a plurality of containers to other services. Docker outer than through the network access, but also provides two very convenient features to meet the basic needs of service access: a mapping service application is to allow the host to the local host port of the container; the other is a mechanism to achieve interconnection between the plurality of containers quick access to the container name.
Mapping of access port of the container
1) applied externally access the container
during starting container, if the corresponding parameter is not specified, the outer container is unable to access the network services and applications within the container through the network. When some network applications running in the container, to let the external access them, or may be refers -P -p parameter
set port mapping.
root@slave1:/home/xxx/Documents# docker run -d -P training/webapp python app.py
419bf896b24023396c411dc6e9718c415505f69184fa807074b4a9b0eeec7ab3
root@slave1:/home/zyy/Documents# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
419bf896b240 training/webapp "python app.py" 9 seconds ago Up 7 seconds 0.0.0.0:32771->5000/tcp hardcore_shamirCan docker psbe seen, the local host 32771 is mapped to a port 5000 of the container. 32771 visits between the host port host interface to access the web application in the container provided.
Also, you can docker logsview information about the application of command:
root@slave1:/home/xxx/Documents# docker logs -f hardcore_shamir
* Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)Note: -pYou can specify the port to be mapped, and, on a specified port can only bind a container. Supported formats are IP:HostPort:ContainerPortIIP:: ContainerPortIHostPort:ContainerPort.
2) maps all the interface address
using HostPort:ContainerPortport 5000 format local mapping to the container port 5000, execute the following command:
root@slave1:/home/xxx/Documents# docker run -d -p 5000:5000 training/webapp python app.py
2ebb57dad1d4430133f56c8a9e238b9c0622d4036c2fd063fd01cc2d8de70e5dAt this time, the default will bind all local addresses on all interfaces. Use multiple -pmarkers can be bound to multiple ports. E.g:
docker run -d -p 5000:5000 -p 3000:80 training/webapp python app.py3) to the specified port specified address
can be used IP:HostPart:ContainerPortthe format used to specify a particular address map, such as the address localhost 127.0.0.1:
docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py4) any port mapped to the specified address
Using IP::ContainerPortbinding localhost port 5000 to the arbitrary port, the local host is automatically assigned a container port:
root@slave1:/home/xxx/Documents# docker run -d -p 127.0.0.1::5000 training/webapp python app.py
13c8e9e5123b6731c91b7e60cd95050d8067dd23420c828cb7508ee711320170You can also use the udptag to specify the udpport:
root@slave1:/home/xxx/Documents# docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py
2f0c22deff8877fe1b711446e536edee1117a4e27b4b00f2e8787267d18a30595) Check the port mapping configuration
Use docker portto view the current port configuration mapping, you can also view the address binding:
root@slave1:/home/xxx/Documents# docker port hardcore_shamir 5000
0.0.0.0:32771In addition, the container has its own internal network and IP addresses, using docker [container] inspect+容器IDspecific information may be obtained container.
Internet mechanism to achieve quick visits
Interconnection (linking) the container is an application more containers let you perform quick way to interact. It creates between a source and a receiver connected relationship, the receptacle can quickly access to the source container by container name, without specifying a specific IP address.
1) Custom container after
the connection system is performed based on the name of the container. First, we need to customize a catchy name the container. Although the time when the container is created, the system will assign a default name, but the custom naming container has two advantages:
- Name a custom, more easy to remember, such as a Web application container can give it the name web, at a glance;
- when to connect to another container when (even reboot), you can use without having to change the name of the vessel, such as connecting to the web container db container.
Using --namelabeled container can be custom-named:
root@slave1:/home/xxx/Documents# docker run -d -P --name web training/webapp python app.py
511678ee937939e33c935d364375edc3b61acd3e299c6b2b63e65b2a2523f48aUse docker psto verify the name of the set:
root@slave1:/home/xxx/Documents# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
511678ee9379 training/webapp "python app.py" About a minute ago Up About a minute 0.0.0.0:32772->5000/tcp webAlso use docker [container) inspectto see the vessel's name:
root@slave1:/home/xxx/Documents# docker inspect -f "{{.Name}}" 511678ee9379
/webNote: The name of the container is unique. If you have a named vessel called the web, when you want to use the web name again, you need to use docker rmthe same name created by the container before the command to delete.
2) container interconnected
using --linkparameter allows interaction between the container safely. Create a new database container:
root@slave1:/home/xxx/Documents# docker run -d --name db training/postgres
048e7b6c61e9ec56e0462c5076d09d00255d932c380bfc4c9127958143777e42
root@slave1:/home/xxx/Documents# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
048e7b6c61e9 training/postgres "su postgres -c '/us…" About a minute ago Up About a minute 5432/tcp dbDelete web container created earlier:
root@slave1:/home/xxx/Documents# docker rm -f web
webCreate a new web container, and connect it to the db container:
root@slave1:/home/xxx/Documents# docker run -d -P --name web --link db:db training/webapp python app.py
e88a580668bc18733f6f685817430b37e8f072a1aaf08462f7cb3c0dc3c9fc3bAt this point, db container and web container creation of Internet relationships. --linkFormat parameter --link name: alias, where name is the name to be linked containers, alias is an alias. Now using docker psto view containers connected:
root@slave1:/home/xxx/Documents# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e88a580668bc training/webapp "python app.py" 2 minutes ago Up About a minute 0.0.0.0:32773->5000/tcp web
048e7b6c61e9 training/postgres "su postgres -c '/us…" 5 minutes ago Up 5 minutes 5432/tcp dbSee the custom named container: db and web, names db db container lists are also web / db. This means that the web container linked to the db container, web container will be allowed access to information db container.
Docker equivalent between two interconnected container creates a virtual machine channel, and do not mapped into the host port on the host thereof. It did not use at startup db container -pand -Pmark, thus avoiding exposure database service port to an external network.
Docker discloses a container connection information in two ways:
oral update the environment variables;
mouth update /etc/hostsfile.
Use envthe command to view the web container environment variables:
root@slave1:/home/xxx/Documents# docker run --rm --name web2 --link db:db training/webapp env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=226b133d997a
DB_PORT=tcp://172.17.0.2:5432
DB_PORT_5432_TCP=tcp://172.17.0.2:5432
DB_PORT_5432_TCP_ADDR=172.17.0.2
DB_PORT_5432_TCP_PORT=5432
DB_PORT_5432_TCP_PROTO=tcp
DB_NAME=/web2/db
DB_ENV_PG_VERSION=9.3
HOME=/rootWherein the environment variable for the beginning of the web container is connected DB_ db containers prefix uppercase connection alias. In addition to environment variables, Docker also add information to the host parent container /etc/hostsfile. Here is a web-parent container hostsfile:
root@slave1:/home/xxx/Documents# docker run -t -i --rm --link db:db training/webapp /bin/bash
root@e9e98e537bec:/opt/webapp# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 db b3c84640e83a
172.17.0.4 e9e98e537becThere are two hosts information, db is the first vessel of IP and hostname, and the second is a web container, web container with their own id as the default host name.
Web may be installed in the vessel pingin communication with the command to test the container db:
root@e9e98e537bec:/opt/webapp# apt-get install -yqq inetutils-ping
(Reading database ... 18233 files and directories currently installed.)
Removing ubuntu-minimal (1.325) ...
Removing iputils-ping (3:20121221-4ubuntu1.1) ...
Selecting previously unselected package inetutils-ping.
(Reading database ... 18221 files and directories currently installed.)
Preparing to unpack .../inetutils-ping_2%3a1.9.2-1_amd64.deb ...
Unpacking inetutils-ping (2:1.9.2-1) ...
Setting up inetutils-ping (2:1.9.2-1) ...
root@e9e98e537bec:/opt/webapp# ping db
PING db (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: icmp_seq=0 ttl=64 time=0.528 ms
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.193 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.112 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.207 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.114 ms
64 bytes from 172.17.0.2: icmp_seq=5 ttl=64 time=0.175 ms
64 bytes from 172.17.0.2: icmp_seq=6 ttl=64 time=0.115 ms
64 bytes from 172.17.0.2: icmp_seq=7 ttl=64 time=0.113 ms
64 bytes from 172.17.0.2: icmp_seq=8 ttl=64 time=0.114 ms
64 bytes from 172.17.0.2: icmp_seq=9 ttl=64 time=0.115 ms
64 bytes from 172.17.0.2: icmp_seq=10 ttl=64 time=0.115 ms
64 bytes from 172.17.0.2: icmp_seq=11 ttl=64 time=0.222 ms
64 bytes from 172.17.0.2: icmp_seq=12 ttl=64 time=0.287 ms
64 bytes from 172.17.0.2: icmp_seq=13 ttl=64 time=0.116 ms
64 bytes from 172.17.0.2: icmp_seq=14 ttl=64 time=0.210 ms
64 bytes from 172.17.0.2: icmp_seq=15 ttl=64 time=0.115 ms
^C--- db ping statistics ---
16 packets transmitted, 16 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.112/0.178/0.528/0.105 msUse pingto test db container, it will resolve to 172.17.0.2. Users can link a plurality of sub-containers to the parent vessel, such as a plurality of web can be linked to the same container db.
In a production environment, the demand for networking is more complex and varied, including cross-even across host communications data center, this time often need to introduce additional mechanisms, such as SDN (Software Defined Network) or NFV (network functions virtualization) related technologies.
The following subsections will further explore how libnetworkthe advanced features and configuration of the container to achieve communications across hosts, and Docker network.