zoukankan      html  css  js  c++  java

  • docker网络(一)

    构建两个busybox容器

    构建两个busybox容器

    docker run -d --name test1 busybox /bin/sh -c "while true; do sleep 3000; done"
docker run -d --name test2 busybox /bin/sh -c "while true; do sleep 3000; done"

    然后我们分别执行ip a命令,看看各个容器的网络地址 

    docker exec -it test1  ip a

    可以看到test1的网络地址 

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
806: eth0@if807: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:12:00:05 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.5/16 brd 172.18.255.255 scope global eth0
       valid_lft forever preferred_lft forever

    看看test2 

    docker exec -it test2  ip a

    可以看到test2的网络地址 

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
808: eth0@if809: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:12:00:06 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.6/16 brd 172.18.255.255 scope global eth0
       valid_lft forever preferred_lft forever

    我们通过test1 ping test2 

    docker exec -it test2  ping 172.18.0.5

    可以看到ping成功了 

    64 bytes from 172.18.0.5: seq=0 ttl=64 time=0.092 ms
64 bytes from 172.18.0.5: seq=1 ttl=64 time=0.074 ms
64 bytes from 172.18.0.5: seq=2 ttl=64 time=0.073 ms

    linux 构建network namespace联通 

    本节在linux系统设置两个namespace连接,两个network namespace就好比是docker
    这样方便我们了解网络连接的原理
    查看本机net namespace

    ip netns list

    添加network namespace 

    sudo ip netns add network1
sudo ip netns add network2 

    查看network1 ip link 信息

    sudo ip netns exec network1 ip link

    可以看到network1的link信息 

    1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    设置network1的link信息 

    sudo ip netns exec network1 ip link set dev lo up

    可以看到lo信息不再时DOWN,而是UNKNOWN模式了 

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    用同样的方法把network2的命名空间的模式也打开 

    sudo ip netns exec network2 ip link set dev lo up

    通过veth技术将两个network连接起来

    sudo ip link add veth-network1 type veth peer name veth-network2

    此时执行

    sudo ip link

    可以看到link信息新增了两个veth,接下来将veth-network1接口添加到network1里 

    将veth-network2接口添加到network2里

    sudo ip link set veth-network1 netns network1
sudo ip link set veth-network2 netns network2

    接下来我们查看network1的link信息 

    sudo ip netns exec network1 ip link

    可以看到network1的ip link信息 

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
811: veth-network1@if810: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether ca:dd:69:8a:59:18 brd ff:ff:ff:ff:ff:ff link-netnsid 1

    接下来为两个namespace设置地址 

    sudo ip netns exec network1  ip addr add 192.168.1.1/24 dev veth-network1
sudo ip netns exec network2  ip addr add 192.168.1.2/24 dev veth-network2

    然后将两个namespace的veth设置启动 

    sudo ip netns exec network1 ip link set dev veth-network1 up
sudo ip netns exec network2 ip link set dev veth-network2 up

    这时候再查看ip信息 

    sudo ip netns exec network1 ip link

    可以看到network1的veth端口up 

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
811: veth-network1@if810: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
    link/ether ca:dd:69:8a:59:18 brd ff:ff:ff:ff:ff:ff link-netnsid

    然后查看两个网络的ip信息 

    sudo ip netns exec network1 ip a

    可以看到network1的ip信息 

    811: veth-network1@if810: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether ca:dd:69:8a:59:18 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet 192.168.1.1/24 scope global veth-network1
       valid_lft forever preferred_lft forever
    inet6 fe80::c8dd:69ff:fe8a:5918/64 scope link 
       valid_lft forever preferred_lft forever

    然后通过network2去ping包给network1 

    sudo ip netns exec network2 ping 192.168.1.1

    可以看到这两个网络现在互通了。 

    64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.036 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.024 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.046 ms

    以上就是linux环境下通过network的namespace方式达到网络互联的。 

    个人公众号

    wxgzh.jpg
  • 相关阅读:
    航班延误来领钱,信用卡航班延误险最全攻略(2018年版)
    各银行信用卡延误险整理
    酒店web认证802.11x+ROS共享NAT上网
    登机牌,机票,行程单的区别
    ros6.0的包转发图解
    一将成,万骨枯,趣店上市背后的残酷游戏
    异常值检验实战1--风控贷款年龄变量(附python代码)
    outlier异常值检验算法之_箱型图(附python代码)
    sklearn11_函数汇总
    python高级数据可视化Dash2
  • 原文地址:https://www.cnblogs.com/secondtonone1/p/14062183.html
Copyright © 2011-2022 走看看