docker基础_网络模式

docker网络

网络模式:

bridge:docker默认

自己创建会默认使用bridge模式 类似vmware中的NAT模式

其中192.168.1.203是本机在现实世界局域网的ip、172.17.0.1是本机作为bridge模式的网关在docker中的ip，172.17.0.2、172.17.0.3、172.17.0.4这三个ip是三个容器对应的ip

none:不配置网络

此时容器只有本地回环网络 没有网卡、IP、路由等信息

host:和宿主机共享网络

如果启动容器的时候使用host模式，那么这个容器将不会获得一个独立的Network Namespace，而是和宿主机共用一个Network Namespace。容器将不会虚拟出自己的网卡，配置自己的IP等，而是使用宿主机的IP和端口。但是，容器的其他方面，如文件系统、进程列表等还是和宿主机隔离的。

使用host模式的容器可以直接使用宿主机的IP地址与外界通信，容器内部的服务端口也可以使用宿主机的端口，不需要进行NAT，host最大的优势就是网络性能比较好，但是docker host上已经使用的端口就不能再用了，网络的隔离性不好。

container:容器网络连通!(用的很少)

略

自定义网络

# driver是bridge模式(默认)    --subnet 是设置子网  --gateway 配置网关(例如docker0)
beginner@beginner-virtual-machine:~$ docker network create --driver bridge --subnet 111.111.0.0/24 --gateway 111.111.0.1 mynet
7c806260fc5f2827fa1b6698c9b704c31b77730c3d86b94c54cccc18d84530c3

# 现在本地网络中就多路mynet这个网络 驱动是bridge
# 官方自带三个 网络 bridge host none  前两个与驱动重名注意区分
beginner@beginner-virtual-machine:~$ docker network ls
NETWORK ID     NAME                DRIVER    SCOPE
172e6878311f   bridge              bridge    local
264f73f29c24   desktop_redis_net   bridge    local
700a25830a95   host                host      local
7c806260fc5f   mynet               bridge    local
de08c55033d0   none                null      local

# 现在即可使用自定义的网络
beginner@beginner-virtual-machine:~$ docker run -d -it --name xxxxx --net mynet 镜像id

在命令中查看，加深理解

• 显示docker的网络情况与本机的网卡情况

#显示本机的所有网络
beginner@beginner-virtual-machine:~$ docker network ls
NETWORK ID     NAME                DRIVER    SCOPE
172e6878311f   bridge              bridge    local
264f73f29c24   desktop_redis_net   bridge    local   #自定义网络
700a25830a95   host                host      local
de08c55033d0   none                null      local

beginner@beginner-virtual-machine:~$ ifconfig
#一个主机可以有多个ip
#这是自定义网络desktop_redis_net本机对应的ip 本机作为网关与同网段的主机通信
br-264f73f29c24: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.2.1  netmask 255.255.255.0  broadcast 192.168.2.255
        ether 02:42:cd:cb:3b:8d  txqueuelen 0  (以太网)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
# 系统自带的bridge网络 本机对应的ip
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        inet6 fe80::42:46ff:fec8:d331  prefixlen 64  scopeid 0x20<link>
        ether 02:42:46:c8:d3:31  txqueuelen 0  (以太网)
        RX packets 51291  bytes 3642933 (3.6 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 77991  bytes 154775800 (154.7 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

# 本机在现实局域网中的地址
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.106  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::3c6c:1530:5c72:d562  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:2b:90:45  txqueuelen 1000  (以太网)
        RX packets 484838  bytes 671416037 (671.4 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 163810  bytes 12705677 (12.7 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
# 回环地址127.0.0.1
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (本地环回)
        RX packets 1895  bytes 166608 (166.6 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1895  bytes 166608 (166.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

#下面两个是两个容器的ip
veth7cab0bc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::10a7:e6ff:feb0:3f4b  prefixlen 64  scopeid 0x20<link>
        ether 12:a7:e6:b0:3f:4b  txqueuelen 0  (以太网)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 53  bytes 5652 (5.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vetha887cda: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::e881:92ff:fed7:8261  prefixlen 64  scopeid 0x20<link>
        ether ea:81:92:d7:82:61  txqueuelen 0  (以太网)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 58  bytes 6176 (6.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

• 查看运行中的容器发现均在名bridge的网络下

beginner@beginner-virtual-machine:~$ docker container ls
CONTAINER ID   IMAGE           COMMAND             CREATED       STATUS       PORTS                                       NAMES
b42d286b72af   5cc8c           "python3"           5 hours ago   Up 5 hours                                               dreamy_rubin
5cc1beeff39b   tomcat:latest   "catalina.sh run"   6 hours ago   Up 6 hours   0.0.0.0:8080->8080/tcp, :::8080->8080/tcp   clever_goldberg

beginner@beginner-virtual-machine:~$ docker network inspect bridge
#下面显示在bridge网络下的主机
"Containers": {
            "5cc1beeff39b8b249b4329ff9319737062693f7b3817eedd8b9d757498cc42b1": {
                "Name": "clever_goldberg",
                "EndpointID": "e971452f34c6330897e0b877cba2151e1d8b5141bff4a3b19754b7346f42c098",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            },
            "b42d286b72af73b006819b28b11e235677d87f47ee2c19c6cfaec78d030cda09": {
                "Name": "dreamy_rubin",
                "EndpointID": "08a4acef8b848e2276206a5c3f787d3fe10377ae363c65569a72e72f7ee14420",
                "MacAddress": "02:42:ac:11:00:03",
                "IPv4Address": "172.17.0.3/16",
                "IPv6Address": ""
            }