docker-bridge network
根据下面这图示,可以了解两个container之间是如何通信的
通过ip link 和 ip a可以看到本地有个docker0 link。
[root@localhost ~]# ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
inet 10.173.236.35/ brd 10.173.236.255 scope global dynamic ens33
valid_lft 676660sec preferred_lft 676660sec
inet6 fe80:::ec13:6b54:b6ea/ scope link
valid_lft forever preferred_lft forever
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/ brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/ brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80:::e8ff:fe50:c76c/ scope link
valid_lft forever preferred_lft forever
[root@localhost ~]#
通过docker network inspect bridge可以查看bridge网络
[root@localhost ~]# docker network inspect
bridge host none
[root@localhost ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "4e8172ef8e0169e74285225030d0b5f271494df46c4f7bc3ba38e9ca87a1c6f9",
"Created": "2019-07-17T06:50:29.144315528-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": ""
},
"Labels": {}
}
]
[root@localhost ~]#
上面bridge里"Containers": {}, 原因是目前没有正在运行的container,下面我添加两个container在后台运行:
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker run --name test1 -d busybox /bin/sh -c "while true;do sleep 3600;done" #-d 放后台运行
cba62587107007983d45a4383598dbec18a37d33e415f2325572e8f98f36a32a
[root@localhost ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "4e8172ef8e0169e74285225030d0b5f271494df46c4f7bc3ba38e9ca87a1c6f9",
"Created": "2019-07-17T06:50:29.144315528-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"cba62587107007983d45a4383598dbec18a37d33e415f2325572e8f98f36a32a": {
"Name": "test1",
"EndpointID": "00bcbb182eaf78e390c842e5edc5af27b2df2db2c3905e76f816828d7a9eadc3",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": ""
},
"Labels": {}
}
]
[root@localhost ~]#
本地 ip link 多了一个19 link
[root@localhost ~]# ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue state UP mode DEFAULT
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
: vethfdefc77@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue master docker0 state UP mode DEFAULT
link/ether d2:1a:0d:9c:: brd ff:ff:ff:ff:ff:ff link-netnsid
查看container test1 的link “eth0@if19“ 是和本地的“vethfdefc77@if18“ 构成一对的。
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cba625871070 busybox "/bin/sh -c 'while t…" minutes ago Up minutes test1
[root@localhost ~]# docker exec test1 ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue qlen
link/loopback ::::: brd :::::
: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu qdisc noqueue
link/ether ::ac::: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]#
本地新增的link “vethfdefc77“ 是和docker0相连的,可以通过brctl show 查看
[root@localhost ~]# yum install bridge-utils
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.njupt.edu.cn
* extras: mirrors.tuna.tsinghua.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Package bridge-utils-1.5-.el7.x86_64 already installed and latest version
Nothing to do
[root@localhost ~]# brctl
Usage: brctl [commands]
commands:
addbr <bridge> add bridge
delbr <bridge> delete bridge
addif <bridge> <device> add interface to bridge
delif <bridge> <device> delete interface from bridge
hairpin <bridge> <port> {on|off} turn hairpin on/off
setageing <bridge> <time> set ageing time
setbridgeprio <bridge> <prio> set bridge priority
setfd <bridge> <time> set bridge forward delay
sethello <bridge> <time> set hello time
setmaxage <bridge> <time> set max message age
setpathcost <bridge> <port> <cost> set path cost
setportprio <bridge> <port> <prio> set port priority
show [ <bridge> ] show a list of bridges
showmacs <bridge> show a list of mac addrs
showstp <bridge> show bridge stp info
stp <bridge> {on|off} turn stp on/off
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 .0242e850c76c no vethfdefc77
virbr0 .525400105abe yes virbr0-nic
[root@localhost ~]#
接下来再运行一个container
[root@localhost ~]# docker run --name test2 -d busybox /bin/sh -c "while true;do sleep 3600;done"
f81ab807503c0506d3e6a0375e2179eb0ddc0203162faf60117fc393187c59ac
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f81ab807503c busybox "/bin/sh -c 'while t…" seconds ago Up seconds test2
cba625871070 busybox "/bin/sh -c 'while t…" minutes ago Up minutes test1
[root@localhost ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "4e8172ef8e0169e74285225030d0b5f271494df46c4f7bc3ba38e9ca87a1c6f9",
"Created": "2019-07-17T06:50:29.144315528-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"cba62587107007983d45a4383598dbec18a37d33e415f2325572e8f98f36a32a": {
"Name": "test1",
"EndpointID": "00bcbb182eaf78e390c842e5edc5af27b2df2db2c3905e76f816828d7a9eadc3",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"f81ab807503c0506d3e6a0375e2179eb0ddc0203162faf60117fc393187c59ac": {
"Name": "test2",
"EndpointID": "d80d942aad5ea4e0322be344756317d61ad850ad45ad1d3e086b6d2e43879ead",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": ""
},
"Labels": {}
}
]
[root@localhost ~]#
查看新增ip link,可以看到新增的link也是连接到docker0上
[root@localhost ~]# ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue state UP mode DEFAULT
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
: vethfdefc77@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue master docker0 state UP mode DEFAULT
link/ether d2:1a:0d:9c:: brd ff:ff:ff:ff:ff:ff link-netnsid
: veth39873ad@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue master docker0 state UP mode DEFAULT
link/ether e6:e5:::: brd ff:ff:ff:ff:ff:ff link-netnsid
[root@localhost ~]# docker exec test2 ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
: eth0@if21: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu qdisc noqueue
link/ether ::ac::: brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/ brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@localhost ~]# br
brctl break bridge brltty brltty-config brltty-ctb brltty-install brltty-trtxt brltty-ttb
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 .0242e850c76c no veth39873ad
vethfdefc77
virbr0 .525400105abe yes virbr0-nic
[root@localhost ~]#
docker0 和网卡之间做了nat,如果网卡能连外网,则container也能连外网
docker-bridge network的更多相关文章
- 【Network】Calico, Flannel, Weave and Docker Overlay Network 各种网络模型之间的区别
From the previous posts, I have analysed 4 different Docker multi-host network solutions - Calico, F ...
- Docker bridge探索
作者:ellen.sun链接:http://blog.daocloud.io/docker-bridge/著作权归作者所有.商业转载请联系作者获得授权,非商业转载请注明出处. 早期的二层网络中,bri ...
- [头脑风暴] 解读Docker Bridge网络模型
背景 这几天在研究Kubernetes, 遇到一个有意思的nodejs镜像:luksa/kubia # 不带端口映射启动容器docker run -it -d luksa/kubia# 连接到默认的B ...
- (转)Docker - 创建 Docker overlay network (containers 通信)
原文链接: http://www.cnblogs.com/AlanWalkOn/p/6101875.html --- 创建基于Key-Value的Docker overlay network. 这样运 ...
- [Docker] Driver Bridge network for linking containers
In previous postwe have seen how to link two container together by using `--link`: # docker run -d - ...
- Docker container network configuration
http://xmodulo.com/networking-between-docker-containers.html How to set up networking between Docker ...
- docker - 关于network的一些理解
docker 提供给我们多种(4种)网络模式,我们可以根据自己的需求来使用.例如我们在一台主机(host)或者同一个docker engine上面运行continer的时候,我们就可以选择bridge ...
- Docker bridge、host、container other、overlay 网络模式
docker run创建Docker容器时,可以用--net 选项指定容器的网络模式,Docker有以下5种网络模式: bridge模式:使用–net =bridge指定,默认设置: host模式:使 ...
- Docker bridge br0 pipework
Docker Centos7 下建立 Docker 桥接网络 - weifengCorp - 博客园https://www.cnblogs.com/weifeng1463/p/7468497.html ...
- docker 解决network has active endpoints
解决方式 使用 docker network disconnect -f {network} {endpoint-name},其中的 {endpoint-name} 可以使用命令 docker net ...
随机推荐
- uoj396 [NOI2018]屠龙勇士
[NOI2018]屠龙勇士 描述 小 D 最近在网上发现了一款小游戏.游戏的规则如下: 游戏的目标是按照编号 1∼n 顺序杀掉 n 条巨龙,每条巨龙拥有一个初始的生命值 ai .同时每条巨龙拥有恢复能 ...
- linux误用rm删除文件后恢复
linux 系统:ubuntu16.04 误把/usr/local local文件删除了,要疯 步骤: 1.对于文件系统为ext3文件系统 sudo apt-get install ext3grep ...
- 从“中产梦”中醒来,好好打工吧
"中产"定义 自打"中产阶级/阶层"概念出现,总有人试图给出定义.搞不清何为"中产"却试图定义"中产阶级/阶层",注定是 ...
- 【转载】windows 开启 nginx 监听80 端口 以及 禁用 http 服务后,无法重启 HTTP 服务,提示 系统错误 123,文件目录、卷标出错
https://www.cnblogs.com/TianyuSu/p/9509873.html location / { proxy_set_header Host $Host; proxy_set_ ...
- 2018-2-13-WPF-绑定密码
title author date CreateTime categories WPF 绑定密码 lindexi 2018-2-13 17:23:3 +0800 2018-2-13 17:23:3 + ...
- 关于.net中使用reportview所需注意
参考文章链接:http://www.cnblogs.com/watercold/p/5258608.html 这段时间在做一个winform的小项目时,发现使用.net中的ReportViewer插件 ...
- tomcat启动一闪而过解决办法报错The CATALINA_HOME environment variable is not defined correctly
解决办法: Tomcat无论在windows上还是Linux上只需要吧安装包传上去解压就行,不需要配置环境变量,吧之前有可能别人别配置的环境变量统一删掉即可(网上一大堆说需要配置的都是胡说八道).把以 ...
- IBM和DoE推出世界上最快的超级计算机
IBM和美国能源部的橡树岭国家实验室今天发布了该部门最新的超级计算机Summit.IBM声称峰会目前是世界上“最强大,最聪明的科学超级计算机”,其峰值性能每秒高达20万亿次.当新的榜单在本月晚些时候发 ...
- python基础:1.位、字节、字的关系
1.位,简称b,或bit,比特,数据存储的最小单位.每个二进制数字0或1就是一个位(bit),网络通信常用bps,bit per second ,每秒传输多少位 2.字节,简称byte, 1byte ...
- docker-compose.yml rabbitmq
version: '3.1'services: mq: image: 'rabbitmq:management' restart: always ports: - '5672:5672' - '156 ...