• bridge
–net=bridge 默认网络,Docker启动后创建一个docker0网桥,默认创建的容器也是添加到这个网桥中。
• host –net=host
容器不会获得一个独立的network namespace,而是与宿主机共用一个。这就意味着容器不会有自己的网卡信息,而是使用宿主
机的。容器除了网络,其他都是隔离的。
• none
–net=none
获取独立的network namespace,但不为容器进行任何网络配置,需要我们手动配置。
• container
–net=container:Name/ID
与指定的容器使用同一个network namespace,具有同样的网络配置信息,两个容器除了网络,其他都还是隔离的。
(两个容器公用一个网络一个网络协议栈,即两个容器使用localhost就可以通信,除了网络,两个容器是完全隔离的。)
• 自定义网络
与默认的bridge原理一样,但自定义网络具备内部DNS发现,可以通过容器名或者主机名容器之间网络通信。
================================bridge================================
容器通过docker0网桥进行桥接。
root@bogon: ~ 16:48:28
$ ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:3ff:fe27:1f7 prefixlen 64 scopeid 0x20<link>
ether 02:42:03:27:01:f7 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.199 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe1e:8ac2 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:1e:8a:c2 txqueuelen 1000 (Ethernet)
RX packets 21860 bytes 2196175 (2.0 MiB)
RX errors 0 dropped 3 overruns 0 frame 0
TX packets 1589 bytes 182901 (178.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 180 bytes 17196 (16.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 180 bytes 17196 (16.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethc2d4dce: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::b8cb:20ff:fe69:4ab8 prefixlen 64 scopeid 0x20<link>
ether ba:cb:20:69:4a:b8 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1296 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@bogon: ~ 16:48:30
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fab507bd2161 busybox "sh" 37 seconds ago Up 37 seconds recursing_swartz
root@bogon: ~ 16:48:44
$ docker exec -it fab507bd2161 sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1296 (1.2 KiB) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ #
================================host================================
跟宿主机公用一个网络,so网卡信息都是一样的
root@bogon: ~ 16:58:59
$ docker run -itd --rm --net=host busybox
6e40617ab30e53fc8849ab580a4e7a60e4f376353a1d65cdd8febc1c8622d24f
root@bogon: ~ 16:59:04
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e40617ab30e busybox "sh" 2 seconds ago Up 1 second wizardly_brahmagupta
root@bogon: ~ 16:59:06
$ docker exec -it 6e40617ab30e sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:03:27:01:F7
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:3ff:fe27:1f7/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:250 (250.0 B) TX bytes:1043 (1.0 KiB)
enp0s3 Link encap:Ethernet HWaddr 08:00:27:1E:8A:C2
inet addr:192.168.1.199 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1e:8ac2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24898 errors:0 dropped:3 overruns:0 frame:0
TX packets:2062 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2424786 (2.3 MiB) TX bytes:263987 (257.7 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:180 errors:0 dropped:0 overruns:0 frame:0
TX packets:180 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17196 (16.7 KiB) TX bytes:17196 (16.7 KiB)
/ # root@bogon: ~ 16:59:24
$ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:3ff:fe27:1f7 prefixlen 64 scopeid 0x20<link>
ether 02:42:03:27:01:f7 txqueuelen 0 (Ethernet)
RX packets 5 bytes 250 (250.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13 bytes 1043 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.199 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe1e:8ac2 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:1e:8a:c2 txqueuelen 1000 (Ethernet)
RX packets 24920 bytes 2427186 (2.3 MiB)
RX errors 0 dropped 3 overruns 0 frame 0
TX packets 2073 bytes 268569 (262.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 180 bytes 17196 (16.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 180 bytes 17196 (16.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@bogon: ~ 16:59:26
$
================================none================================
不常用,不搞了,要手动配ip
root@bogon: ~ 17:05:41
$ docker run -itd --rm --net=none busybox
ca0e32032a93e4f5562ff027f9077f28071ac0f202497ee60883cc32f715cdfc
root@bogon: ~ 17:05:57
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ca0e32032a93 busybox "sh" 4 seconds ago Up 3 seconds focused_ptolemy
root@bogon: ~ 17:06:01
$ docker exec -it ca0e32032a93e4f5562ff027f9077f28071ac0f202497ee60883cc32f715cdfc sh
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ #
================================container================================
创建一个host网络类型容器,然后通过--net=container:容器ID,指定新容器使用同一个网络协议栈network namespace。
root@bogon: ~ 17:15:43
$ docker run -itd --rm --net=host busybox
6f0506776fcca633d70dc7f91010b3c4c049f13aff839bd73e57e6717a8ac391
root@bogon: ~ 17:16:00
$ docker exec -it 6f0506776fcca633d70dc7f91010b3c4c049f13aff839bd73e57e6717a8ac391 sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:03:27:01:F7
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:3ff:fe27:1f7/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:250 (250.0 B) TX bytes:1043 (1.0 KiB)
enp0s3 Link encap:Ethernet HWaddr 08:00:27:1E:8A:C2
inet addr:192.168.1.199 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1e:8ac2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:31244 errors:0 dropped:3 overruns:0 frame:0
TX packets:3486 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2945753 (2.8 MiB) TX bytes:593015 (579.1 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:180 errors:0 dropped:0 overruns:0 frame:0
TX packets:180 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17196 (16.7 KiB) TX bytes:17196 (16.7 KiB)
/ # exit
root@bogon: ~ 17:16:18
$ docker run -itd --rm --net=container:6f0506776fcca633d70dc7f91010b3c4c049f13aff839bd73e57e6717a8ac391 busybox
d020d4968fe9fa73d1dfbaef4a7b2672aa18c8806a56c54374c3b9e0ffd9ae9d
root@bogon: ~ 17:16:53
$ docker exec -it d020d4968fe9fa73d1dfbaef4a7b2672aa18c8806a56c54374c3b9e0ffd9ae9d sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:03:27:01:F7
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:3ff:fe27:1f7/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:250 (250.0 B) TX bytes:1043 (1.0 KiB)
enp0s3 Link encap:Ethernet HWaddr 08:00:27:1E:8A:C2
inet addr:192.168.1.199 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1e:8ac2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:31775 errors:0 dropped:3 overruns:0 frame:0
TX packets:3643 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2994351 (2.8 MiB) TX bytes:621099 (606.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:180 errors:0 dropped:0 overruns:0 frame:0
TX packets:180 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17196 (16.7 KiB) TX bytes:17196 (16.7 KiB)
/ #
================================自定义网络================================
内部有DNS发现,给你写好了hosts,一个自定义网络内部可以直接通过容器name进行访问
root@bogon: ~ 17:28:17
$ docker network create test
2c8ded728719aa5ffeba59c16264954c7eccdad7c435fae34bf39ee41dfb87d4
root@bogon: ~ 17:29:26
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
a8f190100335 bridge bridge local
1ff2dd488eff host host local
1c8102042db6 none null local
2c8ded728719 test bridge local
root@bogon: ~ 17:29:32
$ docker run -itd --name web01 --net=test busybox
28363b6fdb344d3a70d91a5eb7f6b1a5b839159d811f6caf75a2becd29b8581e
root@bogon: ~ 17:30:02
$ docker run -itd --name db01 --net=test busybox
4d7e3565eb53758e6b04c1b53a6e99e5e6f05952d447a8a77e8a62acf1278f42
root@bogon: ~ 17:30:27
$ docker exec -it 28363b6fdb344d3a70d91a5eb7f6b1a5b839159d811f6caf75a2becd29b8581e sh
/ # ping db01
PING db01 (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.070 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.080 ms
^C
--- db01 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.070/0.075/0.080 ms
/ # root@bogon: ~ 17:30:50
$ docker exec -it 4d7e3565eb53758e6b04c1b53a6e99e5e6f05952d447a8a77e8a62acf1278f42 sh
/ # ping web01
PING web01 (172.18.0.2): 56 data bytes
64 bytes from 172.18.0.2: seq=0 ttl=64 time=0.064 ms
^C
--- web01 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 0.064/0.064/0.064 ms
/ # root@bogon: ~ 17:31:10
$ docker network inspect test
[
{
"Name": "test",
"Id": "2c8ded728719aa5ffeba59c16264954c7eccdad7c435fae34bf39ee41dfb87d4",
"Created": "2019-03-14T17:29:26.179582934+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"28363b6fdb344d3a70d91a5eb7f6b1a5b839159d811f6caf75a2becd29b8581e": {
"Name": "web01",
"EndpointID": "081a4d0f669d220cea6e049c0fb8c70f151e03e728f1566c6115ca84b9933fea",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"4d7e3565eb53758e6b04c1b53a6e99e5e6f05952d447a8a77e8a62acf1278f42": {
"Name": "db01",
"EndpointID": "3b696c978c70afe6464ce07a9085b658dfb63330efd80ecfa666cf852b2f96db",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
root@bogon: ~ 17:31:21
$
================================traceroute================================
$ traceroute baidu.com
traceroute to baidu.com (220.181.57.216), 30 hops max, 60 byte packets
1 bogon (192.168.1.1) 1.418 ms 1.255 ms 1.155 ms
2 * * *
3 * * 10.20.1.113 (10.20.1.113) 4.131 ms
4 bogon (10.30.0.53) 4.800 ms 3.980 ms 4.595 ms
5 1.119.129.1 (1.119.129.1) 7.124 ms 7.235 ms 7.515 ms
6 33.171.143.219.broad.bj.bj.dynamic.163data.com.cn (219.143.171.33) 5.311 ms * *
7 * * *
8 36.110.244.46 (36.110.244.46) 5.232 ms 5.121 ms 220.181.0.54 (220.181.0.54) 6.399 ms
9 36.110.244.102 (36.110.244.102) 14.519 ms *^C
root@bogon: ~ 17:36:26
$