Docker container is an open source application container engine that lets developers in a uniform manner package their applications and dependencies into a portable container, and then published to any server installation Docker engine, can be virtualized. With the diversification of cloud computing and the rapid development of business needs, Docker container technology to become one of the skills necessary for cloud computing talents. A lot of people want to quickly master the technology Docker container, then gave you on 4 network mode Docker containers.
1, closed container closed network model
No network protocol stack used for communication none mode, Docker container has its own Network Namespace, however, does not make any network configuration Docker containers. In other words, this Docker container without a network card, IP, routing information, only lo network interface. We need to add yourself to Docker container network card, and other IP configuration.
2, bridged container bridge network model
Network protocol stack between each container individually separated when Docker starts, it will automatically create a virtual bridge docker0 on the host, is actually a bridge Linux, and can be understood as a software switch, it will mount its network forwarded between ports. Meanwhile, Docker randomly assigned to a private network of a local unoccupied (defined in the RFC1918) address to a docker0 interface. When creating a Docker container when, at the same time creates a pair of veth pair interface. This end of the interface in the container, i.e. eth0; locally and the other end mounted to docker0 bridge name veth begin. In this way, the host can communicate with each other with communication between the container, the container. Docker to create a virtual shared between the host and all containers networks.
3, joined container mount joint network model
Network protocol stack can be shared between the container, i.e., can communicate through the socket specified pattern newly created containers and a container already existing share a Network Namespace, and not shared host. The newly created container does not create its own network card, configure your own IP, but the specified container and a shared IP, port range. Similarly, the two vessels in addition to the network, such as other file systems, such as the process list or isolated. Process two containers lo card communication device can pass.
4, opentainer container open network model
Shared with the host network stack using Host mode is indicated --network host start time in the container, the container at this time to share the host's Network Namespace, starting in the container port is the port directly to the host, the container does not create a network card and IP, directly using the IP host and the card, but other resources within the container is isolated, such as file systems, users and groups. Direct use of the host network. Also start a nginx, this time sharing the host network to use under the circumstances, this way they do not do port forwarding, network transmission efficiency will be higher.
Run Docker process that is pulled to the warehouse to the local mirror, then the mirror with a single command to run up and turned into container. Therefore, we also often referred to as the Docker dockers stevedores or dock, which is the Chinese translation porters and Docker exactly the same. Docker content above does not involve the installation, using a mirror, the operation of the container and the like. This part of things, I hope the reader can grasp by reading books and official documents form.