zoukankan      html  css  js  c++  java

  • docker_info_02_network 网络管理

    docker_info_02_network 网络管理

    2.1.网络类型(3种)

    1.默认使用的是桥接的网卡,虚拟网桥docker0,使用以下命令可以查看
brctl show

在启动网络配置的时候会自动在iptables里面配置相应的规则
iptables -nL

2.直接桥接到物理网络
优点:方便管理,
缺点:使用物理机的网络堆栈,可用 IP 端口范围端口有限制

3.使用另外一个容器的网络(很少见)

    2.2.手动进入 docker 容器

    # 首先创建个进入docker容器的脚本,方便后续操作,内容如下
mkdir -p /opt/tools
cd /opt/tools
vim into_docker.sh
----------------------------------
#!/bin/sh
# made for into docker on 20180821
CNAME=$1
CPID=$(docker inspect --format "{{.State.Pid}}" $CNAME)
nsenter --target "$CPID" --mount --uts --ipc --net --pid
----------------------------------

chmod 755 into_docker.sh
docker ps -a
docker start mydocker
./into_docker.sh mydocker

# 实例演示:
----------------------------------
[root@zuiyoujie tools]# ./into_docker.sh mydocker
[root@89e7562da7a7 /]# ping 10.0.40.21              # 测试容器与宿主机(10.0.40.21)的连通性
PING 10.0.40.21 (10.0.40.21) 56(84) bytes of data.
64 bytes from 10.0.40.21: icmp_seq=1 ttl=63 time=0.662 ms
64 bytes from 10.0.40.21: icmp_seq=2 ttl=63 time=0.544 ms
64 bytes from 10.0.40.21: icmp_seq=3 ttl=63 time=0.409 ms
^C
--- 10.0.40.21 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.409/0.538/0.662/0.105 ms
[root@89e7562da7a7 /]# ping www.baidu.com           # 测试容器与公网(百度)的连通性
PING www.a.shifen.com (220.181.111.188) 56(84) bytes of data.
64 bytes from 220.181.111.188 (220.181.111.188): icmp_seq=1 ttl=52 time=3.90 ms
64 bytes from 220.181.111.188 (220.181.111.188): icmp_seq=2 ttl=52 time=4.17 ms
64 bytes from 220.181.111.188 (220.181.111.188): icmp_seq=3 ttl=52 time=4.32 ms
^C
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 3.908/4.134/4.321/0.170 ms
[root@89e7562da7a7 /]# exit
logout
----------------------------------------

    2.3.查看 docker 宿主机系统的网卡信息(brctl由bridge-utils软件提供)

    yum install bridge-utils -y
brctl show
--------------------------------------
[root@zuiyoujie tools]# brctl show
bridge name     bridge id               STP enabled     interfaces
docker0         8000.02429af3f1a1       no              veth2a76b80
                                                        vetha2de46d
--------------------------------------
[root@zuiyoujie tools]# ifconfig 
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:9a:f3:f1:a1  txqueuelen 0  (Ethernet)
        RX packets 1711  bytes 74303 (72.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3568  bytes 13808143 (13.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
...
----------------------------------------
    • 查看docker启动后的防火墙规则变化
    iptables -nL

    2.4.docker 端口映射

    • 随机端口映射访问 nginx
    docker run -d -P --name mynginx1 nginx
-P 绑定随机端口
    • 生产环境-需要配置固定的端口访问
    docker run -d -p 91:80 --name mynginx2 nginx

-p 主机端口:容器端口
-p 主机IP:主机端口:容器端口
-p 主机IP::容器端口
实例演示:
--------------------------------------.
[root@zuiyoujie tools]# docker run -d -P --name mynginx1 nginx
[root@zuiyoujie tools]# docker run -d -p 91:80 --name mynginx2 nginx
0a5d50fd5670c694e47907fb80eaa77d8b4f62140aaa2d9a77bcabc554b0258e
[root@zuiyoujie tools]# docker ps -a                                
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                   NAMES
0a5d50fd5670        nginx               "nginx -g 'daemon of…"   4 seconds ago       Up 3 seconds        0.0.0.0:91->80/tcp      mynginx2
5b42d5e43937        nginx               "nginx -g 'daemon of…"   4 minutes ago       Up 4 minutes        0.0.0.0:32768->80/tcp   mynginx1
89e7562da7a7        centos              "/bin/bash"              2 hours ago         Up 40 minutes                               mydocker
[root@zuiyoujie tools]# curl 127.0.0.1:32768
[root@zuiyoujie tools]# curl 127.0.0.1:91
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
--------------------------------------

    END
  • 相关阅读:
    rs
    stm32f767 usoc3
    stm32f767 RTT 日志
    stm32f767 标准库 工程模板
    stm32f767 HAL 工程模板
    docker tab 补全 linux tab 补全
    docker anconda 依赖 下载 不了
    docker run 常用 指令
    linux scp 命令
    Dockerfile 常用参数说明
  • 原文地址:https://www.cnblogs.com/tssc/p/13902115.html
Copyright © 2011-2022 走看看