Docker容器网络前提提要
docker exec -it kvstor1 /bin/sh ##【进入一个redis容器】 docker exec -it web1 /bin/sh ##【进入一个nginx容器】
###docker网络管理
##网络命令
[root@localhost ~]# ip
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
ip [ -force ] -batch filename
where OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
vrf }
OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
-h[uman-readable] | -iec |
-f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |
- | - | -I | -D | -B | - |
-l[oops] { maximum-addr-flush-attempts } | -br[ief] |
-o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
-rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}
[root@localhost ~]# ip netns help
Usage: ip netns list
ip netns add NAME
ip netns set NAME NETNSID
ip [-all] netns delete [NAME]
ip netns identify [PID]
ip netns pids NAME
ip [-all] netns exec [NAME] cmd ...
ip netns monitor
ip netns list-id
[root@localhost ~]# ifconfig
ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.163.166 netmask 255.255.255.0 broadcast 192.168.163.255
inet6 fe80::c6bd:2a97:fd69:bcb prefixlen scopeid 0x20<link>
ether :0c::b3::bf txqueuelen (Ethernet)
RX packets bytes (60.0 KiB)
RX errors dropped overruns frame
TX packets bytes (28.8 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions virbr0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether ::::f8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
#设置虚拟区域
[root@localhost ~]# ip netns add r1
[root@localhost ~]# ip netns add r2
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns list
r2
r1
[root@localhost ~]# ip netns exec r1 ifconfig
[root@localhost ~]# ip netns exec r1 ifconfig -a
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r2 ifconfig -a
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
#增加虚拟网卡相关命令
[root@localhost ~]# ip link help
Usage: ip link add [link DEV] [ name ] NAME
[ txqueuelen PACKETS ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ] [index IDX ]
[ numtxqueues QUEUE_COUNT ]
[ numrxqueues QUEUE_COUNT ]
type TYPE [ ARGS ] ip link delete { DEVICE | dev DEVICE | group DEVGROUP } type TYPE [ ARGS ] ip link set { DEVICE | dev DEVICE | group DEVGROUP }
[ { up | down } ]
[ type TYPE ARGS ]
[ arp { on | off } ]
[ dynamic { on | off } ]
[ multicast { on | off } ]
[ allmulticast { on | off } ]
[ promisc { on | off } ]
[ trailers { on | off } ]
[ carrier { on | off } ]
[ txqueuelen PACKETS ]
[ name NEWNAME ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ]
[ netns { PID | NAME } ]
[ link-netnsid ID ]
[ alias NAME ]
[ vf NUM [ mac LLADDR ]
[ vlan VLANID [ qos VLAN-QOS ] [ proto VLAN-PROTO ] ]
[ rate TXRATE ]
[ max_tx_rate TXRATE ]
[ min_tx_rate TXRATE ]
[ spoofchk { on | off} ]
[ query_rss { on | off} ]
[ state { auto | enable | disable} ] ]
[ trust { on | off} ] ]
[ node_guid { eui64 } ]
[ port_guid { eui64 } ]
[ xdp { off |
object FILE [ section NAME ] [ verbose ] |
pinned FILE } ]
[ master DEVICE ][ vrf NAME ]
[ nomaster ]
[ addrgenmode { eui64 | none | stable_secret | random } ]
[ protodown { on | off } ] ip link show [ DEVICE | group GROUP ] [up] [master DEV] [vrf NAME] [type TYPE] ip link xstats type TYPE [ ARGS ] ip link afstats [ dev DEVICE ] ip link help [ TYPE ] TYPE := { vlan | veth | vcan | dummy | ifb | macvlan | macvtap |
bridge | bond | team | ipoib | ip6tnl | ipip | sit | vxlan |
gre | gretap | ip6gre | ip6gretap | vti | nlmon | team_slave |
bond_slave | ipvlan | geneve | bridge_slave | vrf | macsec }
#操作
[root@localhost ~]# ip link show ##未增加前
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT group default qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT group default qlen
link/ether :0c::b3::bf brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link add name veth1. type veth peer name veth1.
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip link show ##增加后
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT group default qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT group default qlen
link/ether :0c::b3::bf brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: veth1.@veth1.: <BROADCAST,MULTICAST,M-DOWN> mtu qdisc noop state DOWN mode DEFAULT group default qlen
link/ether 2a:af:6b::fe:a7 brd ff:ff:ff:ff:ff:ff
: veth1.@veth1.: <BROADCAST,MULTICAST,M-DOWN> mtu qdisc noop state DOWN mode DEFAULT group default qlen
link/ether :bc::d1:c8: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link set dev veth1. netns r1 ##把网卡放在区域1 [root@localhost ~]# ip netns exec r1 ifconfig -a ##未激活
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions veth1.: flags=<BROADCAST,MULTICAST> mtu
ether 2a:af:6b::fe:a7 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]# ifconfig veth1. 10.1.0.1/ up ##激活
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ifconfig
ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.163.166 netmask 255.255.255.0 broadcast 192.168.163.255
inet6 fe80::c6bd:2a97:fd69:bcb prefixlen scopeid 0x20<link>
ether :0c::b3::bf txqueuelen (Ethernet)
RX packets bytes (183.1 KiB)
RX errors dropped overruns frame
TX packets bytes (90.7 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions veth1.: flags=<UP,BROADCAST,MULTICAST> mtu
inet 10.1.0.1 netmask 255.255.255.0 broadcast 10.1.0.255
ether :bc::d1:c8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions virbr0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether ::::f8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
[root@localhost ~]# ip netns exec r1 ifconfig veth1. 10.1.0.2/ up ##区域1的网卡也激活
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r1 ifconfig
veth1.: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.1.0.2 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::28af:6bff:fe95:fea7 prefixlen scopeid 0x20<link>
ether 2a:af:6b::fe:a7 txqueuelen (Ethernet)
RX packets bytes (1.7 KiB)
RX errors dropped overruns frame
TX packets bytes (656.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ping 10.1.0.2 ##veth1.1和区域1的网卡veth1.2通信
PING 10.1.0.2 (10.1.0.2) () bytes of data.
bytes from 10.1.0.2: icmp_seq= ttl= time=0.108 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.079 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.040 ms
##操作2
[root@localhost ~]# ip link set dev veth1. netns r2 ##将网卡移向区域2 [root@localhost ~]# ip netns exec r2 ifconfig veth1. 10.1.0.3/ up ##在区域2激活网卡 [root@localhost ~]# ip netns exec r2 ifconfig
veth1.: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.1.0.3 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::70bc:29ff:fed1:c850 prefixlen scopeid 0x20<link>
ether :bc::d1:c8: txqueuelen (Ethernet)
RX packets bytes (1.0 KiB)
RX errors dropped overruns frame
TX packets bytes (2.7 KiB)
TX errors dropped overruns carrier collisions [root@localhost ~]# ip netns exec r2 ping 10.1.0.2 ##区域2的ping区域1的网卡
PING 10.1.0.2 (10.1.0.2) () bytes of data.
bytes from 10.1.0.2: icmp_seq= ttl= time=0.098 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.049 ms
Docker容器网络前提提要的更多相关文章
- Docker容器网络篇
Docker容器网络篇 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.Docker的网络模型概述 如上图所示,Docker有四种网络模型: 封闭式网络(Closed conta ...
- 【转】理解Docker容器网络之Linux Network Namespace
原文:理解Docker容器网络之Linux Network Namespace 由于2016年年中调换工作的原因,对容器网络的研究中断过一段时间.随着当前项目对Kubernetes应用的深入,我感觉之 ...
- 两台主机间docker容器网络互通
服务器1: 网络172.30.0.0/16 服务器2: 网络172.31.0.0/16 服务器1和服务器2上的docker容器网络之间是无法互通的,如果需要互通,需要做以下配置: 服务器1上执行: i ...
- docker容器网络bridge
我们知道docker利用linux内核特性namespace实现了网络的隔离,让每个容器都处于自己的小世界里面,当这个小世界需要与外界(宿主机或其他容器)通信的时候docker的网络就发挥作用了,这篇 ...
- Docker容器网络-基础篇
开源Linux 一个执着于技术的公众号 Docker的技术依赖于Linux内核的虚拟化技术的发展,Docker使用到的网络技术有Network Namespace.Veth设备对.Iptables/N ...
- Docker容器网络配置
Docker容器网络配置 1.Linux内核实现名称空间的创建 1.1 ip netns命令 可以借助ip netns命令来完成对 Network Namespace 的各种操作.ip netns命令 ...
- Kubernetes & Docker 容器网络终极之战(十四)
目录 一.单主机 Docker 网络通信 1.1.host 模式 1.2 Bridge 模式 1.3 Container 模式 1.4.None 模式 二.跨主机 Docker 网络通信分类 2.1 ...
- Linux namespace技术应用实践--调用宿主机命令(tcpdump/ip/ps/top)检查docker容器网络、进程状态
背景 最近偶然听了几堂极客时间的云原生免费公开课程,首次接触到了Linux namespace技术,并了解到这正是现在风头正劲的容器技术基石,引起了自己探究一二的兴趣,结合课程+网络搜索+实践操作,也 ...
- docker容器网络
1.我们在使用docker run创建Docker容器时,可以用--net选项指定容器的网络模式,Docker有以下4种网络模式: · host模式,使用--net=host指定 · containe ...
随机推荐
- Dev控件
在DevExpress程序中使用PopupContainerEdit和PopupContainer实现数据展示 使用PopupContainerEdit和PopupContainerControl制作 ...
- Sass函数-comparable 判断两个数是否可进行加减、合并
comparable() 函数主要是用来判断两个数是否可以进行“加,减”以及“合并”.如果可以返回的值为 true,如果不可以返回的值是 false: >> comparable(2px, ...
- python3修改文件指定行
方法可以有三个,但其实是一个方法,因为不同的方法都是文件存储的方法,文件修改就只有一个方法: 将文件导入list后,重新写入文件(另一个文件或者当前文件) 1.当前文件读取后,list修改内容,写入另 ...
- Autoit脚本调用pscp上传小程序
linux上传文件用pscp上传相对麻烦,如下写了个脚本方便上传 代码如下: $fileURL=@ScriptDir & "pscp.ini" If (FileExists ...
- NET Core SDK 已安装在VS2017不可见
本地装了6个版本的net core sdk,但是在vs2017,vs2019 只是显示1.0和1.1: 重装,重启了好几遍也没用,没想到是环境变量PATH顺序问题,将x64的放在x86前,就OK了~:
- markdown解析与着色
markdown解析与着色 简介 最近在调整博客园博客样式,使用markdown发表的博客.这个不要太好用,有道云+markdown简直绝配,可以发在任何支持markdwon的博客网站,样式基本不会走 ...
- iOS项目开发中的知识点与问题收集整理①
前言部分 注:本文并非绝对原创 大部分内容摘自 http://blog.csdn.net/hengshujiyi/article/details/20943045 文中有些方法可能已过时并不适用于现在 ...
- java 根据excel模板导出文件
<!--读取excel文件,配置POI框架的依赖--> <dependency> <groupId>org.apache.poi</groupId> & ...
- php mt_rand()函数 语法
php mt_rand()函数 语法 mt_rand()函数怎么用? php mt_rand()函数表示从参数范围内得到一个随机数,语法是mt_rand(X,Y),从两个参数范围内得到一个随机数,随机 ...
- spfa模板(洛谷3371)
洛谷P3371 //spfa:求s到各点的最短路,可含负权边 #include <cstdio> using namespace std; ,max_m=,inf=; struct ety ...