Docker容器网络前提提要
docker exec -it kvstor1 /bin/sh ##【进入一个redis容器】 docker exec -it web1 /bin/sh ##【进入一个nginx容器】
###docker网络管理
##网络命令
[root@localhost ~]# ip
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
ip [ -force ] -batch filename
where OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
vrf }
OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
-h[uman-readable] | -iec |
-f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |
- | - | -I | -D | -B | - |
-l[oops] { maximum-addr-flush-attempts } | -br[ief] |
-o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
-rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}
[root@localhost ~]# ip netns help
Usage: ip netns list
ip netns add NAME
ip netns set NAME NETNSID
ip [-all] netns delete [NAME]
ip netns identify [PID]
ip netns pids NAME
ip [-all] netns exec [NAME] cmd ...
ip netns monitor
ip netns list-id
[root@localhost ~]# ifconfig
ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.163.166 netmask 255.255.255.0 broadcast 192.168.163.255
inet6 fe80::c6bd:2a97:fd69:bcb prefixlen scopeid 0x20<link>
ether :0c::b3::bf txqueuelen (Ethernet)
RX packets bytes (60.0 KiB)
RX errors dropped overruns frame
TX packets bytes (28.8 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions virbr0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether ::::f8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
#设置虚拟区域
[root@localhost ~]# ip netns add r1
[root@localhost ~]# ip netns add r2
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns list
r2
r1
[root@localhost ~]# ip netns exec r1 ifconfig
[root@localhost ~]# ip netns exec r1 ifconfig -a
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r2 ifconfig -a
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
#增加虚拟网卡相关命令
[root@localhost ~]# ip link help
Usage: ip link add [link DEV] [ name ] NAME
[ txqueuelen PACKETS ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ] [index IDX ]
[ numtxqueues QUEUE_COUNT ]
[ numrxqueues QUEUE_COUNT ]
type TYPE [ ARGS ] ip link delete { DEVICE | dev DEVICE | group DEVGROUP } type TYPE [ ARGS ] ip link set { DEVICE | dev DEVICE | group DEVGROUP }
[ { up | down } ]
[ type TYPE ARGS ]
[ arp { on | off } ]
[ dynamic { on | off } ]
[ multicast { on | off } ]
[ allmulticast { on | off } ]
[ promisc { on | off } ]
[ trailers { on | off } ]
[ carrier { on | off } ]
[ txqueuelen PACKETS ]
[ name NEWNAME ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ]
[ netns { PID | NAME } ]
[ link-netnsid ID ]
[ alias NAME ]
[ vf NUM [ mac LLADDR ]
[ vlan VLANID [ qos VLAN-QOS ] [ proto VLAN-PROTO ] ]
[ rate TXRATE ]
[ max_tx_rate TXRATE ]
[ min_tx_rate TXRATE ]
[ spoofchk { on | off} ]
[ query_rss { on | off} ]
[ state { auto | enable | disable} ] ]
[ trust { on | off} ] ]
[ node_guid { eui64 } ]
[ port_guid { eui64 } ]
[ xdp { off |
object FILE [ section NAME ] [ verbose ] |
pinned FILE } ]
[ master DEVICE ][ vrf NAME ]
[ nomaster ]
[ addrgenmode { eui64 | none | stable_secret | random } ]
[ protodown { on | off } ] ip link show [ DEVICE | group GROUP ] [up] [master DEV] [vrf NAME] [type TYPE] ip link xstats type TYPE [ ARGS ] ip link afstats [ dev DEVICE ] ip link help [ TYPE ] TYPE := { vlan | veth | vcan | dummy | ifb | macvlan | macvtap |
bridge | bond | team | ipoib | ip6tnl | ipip | sit | vxlan |
gre | gretap | ip6gre | ip6gretap | vti | nlmon | team_slave |
bond_slave | ipvlan | geneve | bridge_slave | vrf | macsec }
#操作
[root@localhost ~]# ip link show ##未增加前
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT group default qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT group default qlen
link/ether :0c::b3::bf brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link add name veth1. type veth peer name veth1.
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip link show ##增加后
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT group default qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT group default qlen
link/ether :0c::b3::bf brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: veth1.@veth1.: <BROADCAST,MULTICAST,M-DOWN> mtu qdisc noop state DOWN mode DEFAULT group default qlen
link/ether 2a:af:6b::fe:a7 brd ff:ff:ff:ff:ff:ff
: veth1.@veth1.: <BROADCAST,MULTICAST,M-DOWN> mtu qdisc noop state DOWN mode DEFAULT group default qlen
link/ether :bc::d1:c8: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link set dev veth1. netns r1 ##把网卡放在区域1 [root@localhost ~]# ip netns exec r1 ifconfig -a ##未激活
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions veth1.: flags=<BROADCAST,MULTICAST> mtu
ether 2a:af:6b::fe:a7 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]# ifconfig veth1. 10.1.0.1/ up ##激活
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ifconfig
ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.163.166 netmask 255.255.255.0 broadcast 192.168.163.255
inet6 fe80::c6bd:2a97:fd69:bcb prefixlen scopeid 0x20<link>
ether :0c::b3::bf txqueuelen (Ethernet)
RX packets bytes (183.1 KiB)
RX errors dropped overruns frame
TX packets bytes (90.7 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions veth1.: flags=<UP,BROADCAST,MULTICAST> mtu
inet 10.1.0.1 netmask 255.255.255.0 broadcast 10.1.0.255
ether :bc::d1:c8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions virbr0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether ::::f8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
[root@localhost ~]# ip netns exec r1 ifconfig veth1. 10.1.0.2/ up ##区域1的网卡也激活
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r1 ifconfig
veth1.: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.1.0.2 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::28af:6bff:fe95:fea7 prefixlen scopeid 0x20<link>
ether 2a:af:6b::fe:a7 txqueuelen (Ethernet)
RX packets bytes (1.7 KiB)
RX errors dropped overruns frame
TX packets bytes (656.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ping 10.1.0.2 ##veth1.1和区域1的网卡veth1.2通信
PING 10.1.0.2 (10.1.0.2) () bytes of data.
bytes from 10.1.0.2: icmp_seq= ttl= time=0.108 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.079 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.040 ms
##操作2
[root@localhost ~]# ip link set dev veth1. netns r2 ##将网卡移向区域2 [root@localhost ~]# ip netns exec r2 ifconfig veth1. 10.1.0.3/ up ##在区域2激活网卡 [root@localhost ~]# ip netns exec r2 ifconfig
veth1.: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.1.0.3 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::70bc:29ff:fed1:c850 prefixlen scopeid 0x20<link>
ether :bc::d1:c8: txqueuelen (Ethernet)
RX packets bytes (1.0 KiB)
RX errors dropped overruns frame
TX packets bytes (2.7 KiB)
TX errors dropped overruns carrier collisions [root@localhost ~]# ip netns exec r2 ping 10.1.0.2 ##区域2的ping区域1的网卡
PING 10.1.0.2 (10.1.0.2) () bytes of data.
bytes from 10.1.0.2: icmp_seq= ttl= time=0.098 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.049 ms
Docker容器网络前提提要的更多相关文章
- Docker容器网络篇
Docker容器网络篇 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.Docker的网络模型概述 如上图所示,Docker有四种网络模型: 封闭式网络(Closed conta ...
- 【转】理解Docker容器网络之Linux Network Namespace
原文:理解Docker容器网络之Linux Network Namespace 由于2016年年中调换工作的原因,对容器网络的研究中断过一段时间.随着当前项目对Kubernetes应用的深入,我感觉之 ...
- 两台主机间docker容器网络互通
服务器1: 网络172.30.0.0/16 服务器2: 网络172.31.0.0/16 服务器1和服务器2上的docker容器网络之间是无法互通的,如果需要互通,需要做以下配置: 服务器1上执行: i ...
- docker容器网络bridge
我们知道docker利用linux内核特性namespace实现了网络的隔离,让每个容器都处于自己的小世界里面,当这个小世界需要与外界(宿主机或其他容器)通信的时候docker的网络就发挥作用了,这篇 ...
- Docker容器网络-基础篇
开源Linux 一个执着于技术的公众号 Docker的技术依赖于Linux内核的虚拟化技术的发展,Docker使用到的网络技术有Network Namespace.Veth设备对.Iptables/N ...
- Docker容器网络配置
Docker容器网络配置 1.Linux内核实现名称空间的创建 1.1 ip netns命令 可以借助ip netns命令来完成对 Network Namespace 的各种操作.ip netns命令 ...
- Kubernetes & Docker 容器网络终极之战(十四)
目录 一.单主机 Docker 网络通信 1.1.host 模式 1.2 Bridge 模式 1.3 Container 模式 1.4.None 模式 二.跨主机 Docker 网络通信分类 2.1 ...
- Linux namespace技术应用实践--调用宿主机命令(tcpdump/ip/ps/top)检查docker容器网络、进程状态
背景 最近偶然听了几堂极客时间的云原生免费公开课程,首次接触到了Linux namespace技术,并了解到这正是现在风头正劲的容器技术基石,引起了自己探究一二的兴趣,结合课程+网络搜索+实践操作,也 ...
- docker容器网络
1.我们在使用docker run创建Docker容器时,可以用--net选项指定容器的网络模式,Docker有以下4种网络模式: · host模式,使用--net=host指定 · containe ...
随机推荐
- java 指定日期后n天
RT 算时间本来就是我的弱项:不废话了,贴代码 想传什么参数自己在改改就ok,传入String,放回String public class Text { public static void main ...
- 初学Java 使用输入对话框
import javax.swing.JOptionPane; public class ComputeLoanUsingInputDialog { public static void main(S ...
- [POJ1821]Fence(单调队列优化dp)
[poj1821]Fence 有 N 块木板从左至右排成一行,有 M 个工匠对这些木板进行粉刷,每块木板至多被粉刷一次.第 i 个工匠要么不粉刷,要么粉刷包含木板 Si 的,长度不超过Li 的连续一段 ...
- Python 分段利润提成
题目:企业发放的奖金根据利润提成.利润(I)低于或等于10万元时,奖金可提10%:利润高于10万元,低于20万元时,低于10万元的部分按10%提成,高于10万元的部分,可提成7.5%:20万到40万之 ...
- CONNECT_BY_ROOT
1.select * from EMP t where t.deptno = 10; EMPNO ENAME JOB MGR HIREDATE SAL ...
- Vue-Cli 安装使用 moment.js
1.npm install moment -- save 2.main.js 引入moment //定义全局 时间过滤器 S import Moment from 'moment'; Vue.filt ...
- python之字符串切分
在工作中,经常遇到字符串切分,尤其是操作linux命令,返回一段文本,如下面这种格式 Filesystem Size Used Avail Use% Mounted on /dev/vda1 40G ...
- Angular JS - 3 - Angular JS 双向数据绑定
一 .数据绑定 1. 数据绑定: 数据从一个地方A转移(传递)到另一个地方B, 而且这个操作由框架来完成2. 双向数据绑定: 数据可以从View(视图层)流向Model(模型,也就是数据), 也可以从 ...
- PHP之GET和POST小结
PHP之GET和POST小结 PHP $_GET 变量 $_GET 变量 预定义的 $_GET 变量用于收集来自 method="get" 的表单中的值. 从带有 GET 方法的表 ...
- [CSP-S模拟测试]:x(数学+并查集)
题目背景 $\frac{1}{4}$遇到了一道水题,叒完全不会做,于是去请教小$D$.小$D$都没看就切掉了这题,嘲讽了$\frac{1}{4}$一番就离开了.于是,$\frac{1}{4}$只好来问 ...