docker网络类型访问原理
• bridge
–net=bridge 默认网络,Docker启动后创建一个docker0网桥,默认创建的容器也是添加到这个网桥中。
• host –net=host
容器不会获得一个独立的network namespace,而是与宿主机共用一个。这就意味着容器不会有自己的网卡信息,而是使用宿主
机的。容器除了网络,其他都是隔离的。
• none
–net=none
获取独立的network namespace,但不为容器进行任何网络配置,需要我们手动配置。
• container
–net=container:Name/ID
与指定的容器使用同一个network namespace,具有同样的网络配置信息,两个容器除了网络,其他都还是隔离的。
(两个容器公用一个网络一个网络协议栈,即两个容器使用localhost就可以通信,除了网络,两个容器是完全隔离的。)
• 自定义网络
与默认的bridge原理一样,但自定义网络具备内部DNS发现,可以通过容器名或者主机名容器之间网络通信。 ================================bridge================================
容器通过docker0网桥进行桥接。
root@bogon: ~ ::
$ ifconfig
docker0: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80:::3ff:fe27:1f7 prefixlen scopeid 0x20<link>
ether :::::f7 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (648.0 B)
TX errors dropped overruns carrier collisions enp0s3: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.1.199 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe1e:8ac2 prefixlen scopeid 0x20<link>
ether :::1e:8a:c2 txqueuelen (Ethernet)
RX packets bytes (2.0 MiB)
RX errors dropped overruns frame
TX packets bytes (178.6 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (16.7 KiB)
RX errors dropped overruns frame
TX packets bytes (16.7 KiB)
TX errors dropped overruns carrier collisions vethc2d4dce: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet6 fe80::b8cb:20ff:fe69:4ab8 prefixlen scopeid 0x20<link>
ether ba:cb:::4a:b8 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (1.2 KiB)
TX errors dropped overruns carrier collisions root@bogon: ~ ::
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fab507bd2161 busybox "sh" seconds ago Up seconds recursing_swartz
root@bogon: ~ ::
$ docker exec -it fab507bd2161 sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr ::AC:::
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (1.2 KiB) TX bytes: (0.0 B) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (0.0 B) TX bytes: (0.0 B) / # ================================host================================
跟宿主机公用一个网络,so网卡信息都是一样的
root@bogon: ~ ::
$ docker run -itd --rm --net=host busybox
6e40617ab30e53fc8849ab580a4e7a60e4f376353a1d65cdd8febc1c8622d24f
root@bogon: ~ ::
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e40617ab30e busybox "sh" seconds ago Up second wizardly_brahmagupta
root@bogon: ~ ::
$ docker exec -it 6e40617ab30e sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr :::::F7
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80:::3ff:fe27:1f7/ Scope:Link
UP BROADCAST MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (250.0 B) TX bytes: (1.0 KiB) enp0s3 Link encap:Ethernet HWaddr :::1E:8A:C2
inet addr:192.168.1.199 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1e:8ac2/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (2.3 MiB) TX bytes: (257.7 KiB) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::/ Scope:Host
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (16.7 KiB) TX bytes: (16.7 KiB) / # root@bogon: ~ ::
$ ifconfig
docker0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80:::3ff:fe27:1f7 prefixlen scopeid 0x20<link>
ether :::::f7 txqueuelen (Ethernet)
RX packets bytes (250.0 B)
RX errors dropped overruns frame
TX packets bytes (1.0 KiB)
TX errors dropped overruns carrier collisions enp0s3: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.1.199 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::a00:27ff:fe1e:8ac2 prefixlen scopeid 0x20<link>
ether :::1e:8a:c2 txqueuelen (Ethernet)
RX packets bytes (2.3 MiB)
RX errors dropped overruns frame
TX packets bytes (262.2 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (16.7 KiB)
RX errors dropped overruns frame
TX packets bytes (16.7 KiB)
TX errors dropped overruns carrier collisions root@bogon: ~ ::
$
================================none================================
不常用,不搞了,要手动配ip
root@bogon: ~ ::
$ docker run -itd --rm --net=none busybox
ca0e32032a93e4f5562ff027f9077f28071ac0f202497ee60883cc32f715cdfc
root@bogon: ~ ::
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ca0e32032a93 busybox "sh" seconds ago Up seconds focused_ptolemy
root@bogon: ~ ::
$ docker exec -it ca0e32032a93e4f5562ff027f9077f28071ac0f202497ee60883cc32f715cdfc sh
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (0.0 B) TX bytes: (0.0 B) / #
================================container================================
创建一个host网络类型容器,然后通过--net=container:容器ID,指定新容器使用同一个网络协议栈network namespace。
root@bogon: ~ ::
$ docker run -itd --rm --net=host busybox
6f0506776fcca633d70dc7f91010b3c4c049f13aff839bd73e57e6717a8ac391
root@bogon: ~ ::
$ docker exec -it 6f0506776fcca633d70dc7f91010b3c4c049f13aff839bd73e57e6717a8ac391 sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr :::::F7
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80:::3ff:fe27:1f7/ Scope:Link
UP BROADCAST MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (250.0 B) TX bytes: (1.0 KiB) enp0s3 Link encap:Ethernet HWaddr :::1E:8A:C2
inet addr:192.168.1.199 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1e:8ac2/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (2.8 MiB) TX bytes: (579.1 KiB) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::/ Scope:Host
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (16.7 KiB) TX bytes: (16.7 KiB) / # exit
root@bogon: ~ ::
$ docker run -itd --rm --net=container:6f0506776fcca633d70dc7f91010b3c4c049f13aff839bd73e57e6717a8ac391 busybox
d020d4968fe9fa73d1dfbaef4a7b2672aa18c8806a56c54374c3b9e0ffd9ae9d
root@bogon: ~ ::
$ docker exec -it d020d4968fe9fa73d1dfbaef4a7b2672aa18c8806a56c54374c3b9e0ffd9ae9d sh
/ # ifconfig
docker0 Link encap:Ethernet HWaddr :::::F7
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80:::3ff:fe27:1f7/ Scope:Link
UP BROADCAST MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (250.0 B) TX bytes: (1.0 KiB) enp0s3 Link encap:Ethernet HWaddr :::1E:8A:C2
inet addr:192.168.1.199 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe1e:8ac2/ Scope:Link
UP BROADCAST RUNNING MULTICAST MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (2.8 MiB) TX bytes: (606.5 KiB) lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::/ Scope:Host
UP LOOPBACK RUNNING MTU: Metric:
RX packets: errors: dropped: overruns: frame:
TX packets: errors: dropped: overruns: carrier:
collisions: txqueuelen:
RX bytes: (16.7 KiB) TX bytes: (16.7 KiB) / #
================================自定义网络================================
内部有DNS发现,给你写好了hosts,一个自定义网络内部可以直接通过容器name进行访问
root@bogon: ~ ::
$ docker network create test
2c8ded728719aa5ffeba59c16264954c7eccdad7c435fae34bf39ee41dfb87d4
root@bogon: ~ ::
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
a8f190100335 bridge bridge local
1ff2dd488eff host host local
1c8102042db6 none null local
2c8ded728719 test bridge local
root@bogon: ~ ::
$ docker run -itd --name web01 --net=test busybox
28363b6fdb344d3a70d91a5eb7f6b1a5b839159d811f6caf75a2becd29b8581e
root@bogon: ~ ::
$ docker run -itd --name db01 --net=test busybox
4d7e3565eb53758e6b04c1b53a6e99e5e6f05952d447a8a77e8a62acf1278f42
root@bogon: ~ ::
$ docker exec -it 28363b6fdb344d3a70d91a5eb7f6b1a5b839159d811f6caf75a2becd29b8581e sh
/ # ping db01
PING db01 (172.18.0.3): data bytes
bytes from 172.18.0.3: seq= ttl= time=0.070 ms
bytes from 172.18.0.3: seq= ttl= time=0.080 ms
^C
--- db01 ping statistics ---
packets transmitted, packets received, % packet loss
round-trip min/avg/max = 0.070/0.075/0.080 ms
/ # root@bogon: ~ ::
$ docker exec -it 4d7e3565eb53758e6b04c1b53a6e99e5e6f05952d447a8a77e8a62acf1278f42 sh
/ # ping web01
PING web01 (172.18.0.2): data bytes
bytes from 172.18.0.2: seq= ttl= time=0.064 ms
^C
--- web01 ping statistics ---
packets transmitted, packets received, % packet loss
round-trip min/avg/max = 0.064/0.064/0.064 ms
/ # root@bogon: ~ ::
$ docker network inspect test
[
{
"Name": "test",
"Id": "2c8ded728719aa5ffeba59c16264954c7eccdad7c435fae34bf39ee41dfb87d4",
"Created": "2019-03-14T17:29:26.179582934+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"28363b6fdb344d3a70d91a5eb7f6b1a5b839159d811f6caf75a2becd29b8581e": {
"Name": "web01",
"EndpointID": "081a4d0f669d220cea6e049c0fb8c70f151e03e728f1566c6115ca84b9933fea",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"4d7e3565eb53758e6b04c1b53a6e99e5e6f05952d447a8a77e8a62acf1278f42": {
"Name": "db01",
"EndpointID": "3b696c978c70afe6464ce07a9085b658dfb63330efd80ecfa666cf852b2f96db",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
root@bogon: ~ ::
$ ================================traceroute================================
$ traceroute baidu.com
traceroute to baidu.com (220.181.57.216), hops max, byte packets
bogon (192.168.1.1) 1.418 ms 1.255 ms 1.155 ms
* * *
* * 10.20.1.113 (10.20.1.113) 4.131 ms
bogon (10.30.0.53) 4.800 ms 3.980 ms 4.595 ms
1.119.129.1 (1.119.129.1) 7.124 ms 7.235 ms 7.515 ms
33.171.143.219.broad.bj.bj.dynamic.163data.com.cn (219.143.171.33) 5.311 ms * *
* * *
36.110.244.46 (36.110.244.46) 5.232 ms 5.121 ms 220.181.0.54 (220.181.0.54) 6.399 ms
36.110.244.102 (36.110.244.102) 14.519 ms *^C
root@bogon: ~ ::
$
docker网络类型访问原理的更多相关文章
- Docker 网络类型
Docker 网络类型 前言 a. 本文主要为 Docker的视频教程 笔记. b. 环境为 CentOS 7.0 云服务器 c. 上一篇:docker-compose 的使用和负载均衡的初探 1. ...
- Docker 网络背后的原理探索
本文首发于我的公众号 Linux云计算网络(id: cloud_dev),专注于干货分享,号内有 10T 书籍和视频资源,后台回复「1024」即可领取,欢迎大家关注,二维码文末可以扫. 知其然而不知其 ...
- Docker网络详解——原理篇
安装Docker时,它会自动创建三个网络,bridge(创建容器默认连接到此网络). none .host 网络模式 简介 Host 容器将不会虚拟出自己的网卡,配置自己的IP等,而是使用宿主机的IP ...
- 浅聊几种主流Docker网络的实现原理
原文:https://mp.weixin.qq.com/s/Jdxct8qHrBUtkUq-hnxSRw 参考:https://blog.csdn.net/yarntime/article/detai ...
- docker网络
docker网络 Docker 允许通过外部访问容器或容器互联的方式来提供网络服务. 端口映射允许外部访问容器 --link 容器互联 容器桥接网络 .通过--link容器通信,给test2添加一 ...
- 16.2,docker网络
Docker 允许通过外部访问容器或容器互联的方式来提供网络服务. 端口映射允许外部访问容器 --link 容器互联 容器桥接网络 .通过--link容器通信,给test2添加一个hosts解析记 ...
- 037.集群网络-Docker网络实现
一 Docker网络 1.1 Docker网络类型 标准的Docker支持以下4类网络模式: host模式:使用--net=host指定. container模式:使用--net=container: ...
- 五、docker网络
一.Docker 网络 docker网络主要是解决容器联网问题,也是我们使用容器中最重要的一个环节,如果容器没有网络则无法向网络中提供服务. 网络管理命令:docker network [root@z ...
- Docker 网络原理
引言 学习docker网络,可以带着下面两个问题来探讨 容器之间可以相互访问的原理 容器暴露端口后,通过宿主机访问到容器内应用,并且对于访问端而言不用感知容器存在的原理 Docker 本身的技术依赖L ...
随机推荐
- 动态设置iframe高度
<%//动态设置iframe高度 %><script language="javascript" type="text/javascript" ...
- QT 开发ros gui过程中遇到:error: catkin_package() include dir 'include' does not exist relative to '/home/jun/catkin_ws/src/qt_ros_test' /opt/ros/kinetic/share/catkin/cmake/catkin_package.cmake:102 (_catkin_p
这是因为在ros工作空间的包中没有include文件夹造成的,所以在该路径下创建include的文件夹,问题就解决了.
- 当better-scroll遇见了react擦出的火花
关于better-scroll这个插件前面已经介绍过两次了 从原生js使用到结合服务端发送数据使用都有过介绍 今天给大家分享一下这款插件在react中遇见的坑 总之我真是对这款插件又爱又恨 每次各种 ...
- 洛谷P1653 猴子
#include<bits/stdc++.h> using namespace std; inline void read(int &tmp) { ;char c=getchar( ...
- SDUT-2131_数据结构实验之栈与队列一:进制转换
数据结构实验之栈与队列一:进制转换 Time Limit: 1000 ms Memory Limit: 65536 KiB Problem Description 输入一个十进制非负整数,将其转换成对 ...
- @loj - 2289@「THUWC 2017」在美妙的数学王国中畅游
目录 @description@ @solution@ @accepted code@ @details@ @description@ n 个点编号 0 到 n-1,每个点有一个从 [0,1] 映射到 ...
- Android教程 -07 Activity的任务栈和启动模式
Activity是由任务栈管理的,一般情况下一个应用程序只有一个任务栈. 什么是栈? 栈是一种常用的数据结构,栈只允许访问栈顶的元素,栈就像一个杯子,每次都只能取杯子顶上的东西 栈的特点就是先进后出, ...
- 洛谷P1288 取数游戏II 题解 博弈论
题目链接:https://www.luogu.org/problem/P1288 首先,如果你的一边的边是 \(0\) ,那么你肯定走另一边. 那么你走另一边绝对不能让这条边有剩余,因为这条边有剩余的 ...
- Codeforces Round #170 (Div. 1 + Div. 2)
A. Circle Line 考虑环上的最短距离. B. New Problem \(n\) 个串建后缀自动机. 找的时候bfs一下即可. C. Learning Languages 并查集维护可以沟 ...
- seo优化:302跳转变为301跳转
<?php header("Location: http://www.XXX.com",TRUE,301); exit; ?> 要加exit;不加exit;还是会是30 ...