容器的网络模式

bridge

-net=bridge 默认网络。docker启动后创建一个docker0网桥,默认创建的容器也添加到这个网桥

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:9e:10:d9 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.60/24 brd 192.168.10.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::a9bf:2d8e:93ae:ec02/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:22:bb:c4:51 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:22ff:febb:c451/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# docker pull busybox
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx web4 58f1e3f2b46e 23 hours ago 109MB
busybox latest d8233ab899d4 8 days ago 1.2MB
nginx latest f09fe80eb0e7 2 weeks ago 109MB
centos latest 1e1148e4cc2c 2 months ago 202MB
[root@localhost ~]# docker run -itd --name cf busybox
2a522e6c07026d034e2eb659ee93fc97939c9c0389ae38385d4b50c0efbf0dfa
[root@localhost ~]# docker exec -it cf sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
48: eth0@if49: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
valid_lft forever preferred_lft forever
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

  

host

-net=host 容器不会获得一个独立network namespace .而是与宿主机共用一个,这就意味着容器不会有自己的网卡信息,而是使用宿主机的。容器出来网络其他都是隔离

[root@localhost ~]# docker run -itd --net=host --name host busybox
aa9742b7b5cfb39a7cd3e69b3244f5b70c1e45bf622102344bdd841bc83ca84d
[root@localhost ~]# docker exec -it host sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:22:BB:C4:51
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:22ff:febb:c451/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:74 errors:0 dropped:0 overruns:0 frame:0
TX packets:89 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8289 (8.0 KiB) TX bytes:8030 (7.8 KiB) ens33 Link encap:Ethernet HWaddr 00:0C:29:9E:10:D9
inet addr:192.168.10.60 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::a9bf:2d8e:93ae:ec02/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:221842 errors:0 dropped:0 overruns:0 frame:0
TX packets:64829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:246421922 (235.0 MiB) TX bytes:5781625 (5.5 MiB) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:68 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5912 (5.7 KiB) TX bytes:5912 (5.7 KiB) veth3d56f5a Link encap:Ethernet HWaddr 9E:28:5C:41:88:F2
inet6 addr: fe80::9c28:5cff:fe41:88f2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:648 (648.0 B) veth4da077b Link encap:Ethernet HWaddr DA:8D:86:62:1B:E7
inet6 addr: fe80::d88d:86ff:fe62:1be7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13 errors:0 dropped:0 overruns:0 frame:0
TX packets:26 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1046 (1.0 KiB) TX bytes:2085 (2.0 KiB) veth84f1299 Link encap:Ethernet HWaddr BE:B2:C0:E4:97:EE
inet6 addr: fe80::bcb2:c0ff:fee4:97ee/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:648 (648.0 B) veth90b019f Link encap:Ethernet HWaddr 66:BC:2B:2A:71:0F
inet6 addr: fe80::64bc:2bff:fe2a:710f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:19 errors:0 dropped:0 overruns:0 frame:0
TX packets:31 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1963 (1.9 KiB) TX bytes:2597 (2.5 KiB) veth9fb9b9e Link encap:Ethernet HWaddr 9A:C9:A0:BB:67:30
inet6 addr: fe80::98c9:a0ff:febb:6730/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:648 (648.0 B) vetheee52bb Link encap:Ethernet HWaddr AE:39:80:8E:59:33
inet6 addr: fe80::ac39:80ff:fe8e:5933/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14 errors:0 dropped:0 overruns:0 frame:0
TX packets:26 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1695 (1.6 KiB) TX bytes:2351 (2.2 KiB) vethf4afa27 Link encap:Ethernet HWaddr 16:D6:9E:3E:99:91
inet6 addr: fe80::14d6:9eff:fe3e:9991/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:756 (756.0 B)
[root@localhost ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:22ff:febb:c451 prefixlen 64 scopeid 0x20<link>
ether 02:42:22:bb:c4:51 txqueuelen 0 (Ethernet)
RX packets 74 bytes 8289 (8.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 89 bytes 8030 (7.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.10.60 netmask 255.255.255.0 broadcast 192.168.10.255
inet6 fe80::a9bf:2d8e:93ae:ec02 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:9e:10:d9 txqueuelen 1000 (Ethernet)
RX packets 221899 bytes 246427013 (235.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64859 bytes 5788303 (5.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 68 bytes 5912 (5.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 68 bytes 5912 (5.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 veth3d56f5a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::9c28:5cff:fe41:88f2 prefixlen 64 scopeid 0x20<link>
ether 9e:28:5c:41:88:f2 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 veth4da077b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::d88d:86ff:fe62:1be7 prefixlen 64 scopeid 0x20<link>
ether da:8d:86:62:1b:e7 txqueuelen 0 (Ethernet)
RX packets 13 bytes 1046 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 26 bytes 2085 (2.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 veth84f1299: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::bcb2:c0ff:fee4:97ee prefixlen 64 scopeid 0x20<link>
ether be:b2:c0:e4:97:ee txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 veth90b019f: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::64bc:2bff:fe2a:710f prefixlen 64 scopeid 0x20<link>
ether 66:bc:2b:2a:71:0f txqueuelen 0 (Ethernet)
RX packets 19 bytes 1963 (1.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 31 bytes 2597 (2.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 veth9fb9b9e: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::98c9:a0ff:febb:6730 prefixlen 64 scopeid 0x20<link>
ether 9a:c9:a0:bb:67:30 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vetheee52bb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::ac39:80ff:fe8e:5933 prefixlen 64 scopeid 0x20<link>
ether ae:39:80:8e:59:33 txqueuelen 0 (Ethernet)
RX packets 14 bytes 1695 (1.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 26 bytes 2351 (2.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 vethf4afa27: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::14d6:9eff:fe3e:9991 prefixlen 64 scopeid 0x20<link>
ether 16:d6:9e:3e:99:91 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10 bytes 756 (756.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

  

none

-net=none

获取独立的network namespace,但不为容器进行任何网络配置,需要我们手动配置

[root@localhost ~]# docker run -itd --net=none --name none busybox
fccad0839a9ffa8d78a8e9eb3061d3ed8e845c6bb93c30d6bf9d4c58e3091660
[root@localhost ~]# docker exec -it none sh
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) / #

  

container

-net=container:name /ID

与指定的容器使用同一个network namespace 具有同样的网络配置信息,两个容器处了网络其他都是隔离的

自定网络

与默认的bridge 原理一样,但自定义网络具备内部网络dns发现,可以通过容器名或者主机名容器之间网络通信

[root@mast ~]# docker network create  hh
9d52280e25e2bec6f1d5c8091811bcad7eb1c1479e7254d0fc507dcc721ff311
[root@mast ~]# docker network create cx
6c588fcfe16b98274b0e0990021db79ba8cd7e1d1c8cd4694bc5a8b836a36d82
[root@mast ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7b27fa407bcb bridge bridge local
6c588fcfe16b cx bridge local
9d52280e25e2 hh bridge local
c71c8fa068ab host host local
1827f413f2f4 none null local
[root@mast ~]# docker run -it -d --name bs1 --net=hh busybox
a6f0b62f758990000fd67eeb983f8530ea01dde6b1ad5f2ef793264758a97687
[root@mast ~]# docker run -it -d --name bs2 --net=hh busybox
30ed71b23da1d62b21faeb6449e51661dec49bb740b4837d6b7c2459df6e2b96
[root@mast ~]# docker run -it -d --name bs3 --net=cx busybox
37d2b2c0e7407ff456e258e9e0acb78be96aeea65ac9670bfad8f9a35d4988d5
[root@mast ~]# docker exec -it bs1 sh
/ # ping bs2
PING bs2 (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.570 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.572 ms
64 bytes from 172.18.0.3: seq=2 ttl=64 time=0.196 ms
64 bytes from 172.18.0.3: seq=3 ttl=64 time=0.193 ms
^C
--- bs2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.193/0.382/0.572 ms
/ # ping bs3
PING bs3 (211.137.170.246): 56 data bytes
^C
--- bs3 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
/ # exit
[root@mast ~]# docker exec -it bs2 sh
/ # ping bs3
ping: bad address 'bs3'
/ # ping bs3
PING bs3 (211.137.170.246): 56 data bytes
^C
--- bs3 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
/ # exit [root@mast ~]# docker network connect cx bs2
[root@mast ~]# docker exec -it bs2 sh
/ # ping bs3
PING bs3 (172.19.0.2): 56 data bytes
64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.521 ms
64 bytes from 172.19.0.2: seq=1 ttl=64 time=0.159 ms
64 bytes from 172.19.0.2: seq=2 ttl=64 time=0.156 ms
^C
--- bs3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.156/0.278/0.521 ms
/ # exit

  

docker 容器的网络的更多相关文章

  1. Docker容器的网络连接

    Docker容器的网络连接 Docker容器的网络连接 我们用ifconfig命令来查看网络设备 我们可以看到上面有个叫docker0的网络设备,docker守护进程就是通过docker0为docke ...

  2. Docker基本命令与使用 —— Docker容器的网络连接(四)

    一.Docker容器的网络基础 通过ifconfig查看docker0的网络设备,docker守护进程就是通过docker0为docker的容器提供网络连接的各种服务. docker0是Linux虚拟 ...

  3. Docker容器的网络连接:

    yw1989@ubuntu:~$ ifconfig docker0 Link encap:Ethernet HWaddr 02:42:97:61:42:9f inet addr:172.17.0.1 ...

  4. Docker学习(13) Docker容器的网络连接

    Docker容器的网络连接 Docker容器的网络基础 先安装网桥管理工具 Docker容器的互联 默认 Docker容器与外部网络的连接

  5. Docker学习笔记 - Docker容器的网络基础

    一.虚拟网桥 docker0 docker0 是 linux的虚拟网桥,守护进程通过docker0给容器提供网络连接的各种服务. 网桥是数据链路层设备,通常ip地址是网络层的设置.linux的虚拟网桥 ...

  6. Docker 容器的网络连接 & 容器互联

    1. Docker 容器网络基础架构 Docker0 ifconfig查看到的 docker0 是linux的虚拟网桥(OSI数据链路层) docker0 地址划分: 172.17.42.1 255. ...

  7. 从宿主机直接进入docker容器的网络空间

    Docker dns nameserver 也是进入容器网络空间,监听53端口,但它通过iptable把端口映射到宿主机上,处理DNS请求的进程就在宿主机上. how does Docker Embe ...

  8. MacOS下解决宿主机和docker容器之间网络互通

    docker在Mac下使用非常方便,官网提供了desktop版本的可视化软件,甚至还十分贴心地集成好了k8s套件.然而如果想同时部署和使用多个容器,每个容器不使用127.0.0.1地址,而是各自有ip ...

  9. Docker容器间网络互联原理,讲不明白算我输....

    @ 目录 一.今天我们要搞明白的实验 二.前置网络知识 2.1.docker默认为我们创建的网络 2.2.怎么理解docker0网桥 2.3.什么是veth-pair技术? 三.同一个局域网中不同主机 ...

随机推荐

  1. Vue.nextTick()的正确使用

    Vue异步执行DOM更新.只要观察导数据变化,Vue将开启一个队列,并缓冲在同一事件循环中发生的所有数据改变,如果同一个watcher被多次触发,只会一次推入到队列中.这种在缓冲时去除重复数据对于避免 ...

  2. emacs在org-mode时输出pdf时,只输出为链接

    这个找到问题了,写错格式了,输出pdf中要内嵌图像,格式要写成[[file:/home/xxx/yyy.jpg]],不能写成file:/home/xxx/yyy.jpg或者[[file:/home/x ...

  3. 利用ffmpeg0.6.1把.h264纯码流打包成.mp4 .avi等格式 (转载)

    转自:http://cache2.weidaohang.org/h/index.php?q=aHR0cDovL2Jsb2cuY3Nkbi5uZXQvemh1cWluZ183MzkvYXJ0aWNsZS ...

  4. IT兄弟连 JavaWeb教程 Servlet会话跟踪 Cookie技术简介

    Cookie的英文原意是“点心”,它是在客户端访问Web服务器时,服务器在客户端硬盘上存放的信息,好像是服务器送给客户的“点心”.服务器可以根据Cookie来跟踪客户状态,这对于需要区别客户的场合(如 ...

  5. pip 国内安装镜像源

    转自: https://blog.csdn.net/xuezhangjun0121/article/details/81664260 pip国内的一些镜像   阿里云 http://mirrors.a ...

  6. 基于.NetCore和ABP框架如何让Windows服务执行Quartz定时作业

    demo地址:ABP.WindowsService 该系列文章启发自 How to: Create a Windows Service that schedules jobs, logs and is ...

  7. kettle 导入xml 资源文件

    Repository | ExploreRight click the root node of the repositorySelect Import objects from an XML fil ...

  8. 浅谈算法——KMP

    KMP是啥?KMP当然是KMPlayer的简称啦 KMP算法是用来解决字符串匹配的一种算法,由D.E.Knuth.J.H.Morris和V.R.Pratt同时发现,然后它可以用来干啥呢?我们上个例题: ...

  9. Sublime Text3 配置C++(附oj刷题常用模板)

    # 下载对应平台的sublime sublime最新版下载, 字体样式个人喜欢Consolas, 另附注册码: -– BEGIN LICENSE -– TwitterInc 200 User Lice ...

  10. C语言精确微秒级的延时

    //----------------------------------------------------------------------------- // Delay_us //------ ...