docker-bridge network
根据下面这图示,可以了解两个container之间是如何通信的
通过ip link 和 ip a可以看到本地有个docker0 link。
[root@localhost ~]# ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
inet 10.173.236.35/ brd 10.173.236.255 scope global dynamic ens33
valid_lft 676660sec preferred_lft 676660sec
inet6 fe80:::ec13:6b54:b6ea/ scope link
valid_lft forever preferred_lft forever
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/ brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/ brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80:::e8ff:fe50:c76c/ scope link
valid_lft forever preferred_lft forever
[root@localhost ~]#
通过docker network inspect bridge可以查看bridge网络
[root@localhost ~]# docker network inspect
bridge host none
[root@localhost ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "4e8172ef8e0169e74285225030d0b5f271494df46c4f7bc3ba38e9ca87a1c6f9",
"Created": "2019-07-17T06:50:29.144315528-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": ""
},
"Labels": {}
}
]
[root@localhost ~]#
上面bridge里"Containers": {}, 原因是目前没有正在运行的container,下面我添加两个container在后台运行:
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker run --name test1 -d busybox /bin/sh -c "while true;do sleep 3600;done" #-d 放后台运行
cba62587107007983d45a4383598dbec18a37d33e415f2325572e8f98f36a32a
[root@localhost ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "4e8172ef8e0169e74285225030d0b5f271494df46c4f7bc3ba38e9ca87a1c6f9",
"Created": "2019-07-17T06:50:29.144315528-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"cba62587107007983d45a4383598dbec18a37d33e415f2325572e8f98f36a32a": {
"Name": "test1",
"EndpointID": "00bcbb182eaf78e390c842e5edc5af27b2df2db2c3905e76f816828d7a9eadc3",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": ""
},
"Labels": {}
}
]
[root@localhost ~]#
本地 ip link 多了一个19 link
[root@localhost ~]# ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue state UP mode DEFAULT
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
: vethfdefc77@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue master docker0 state UP mode DEFAULT
link/ether d2:1a:0d:9c:: brd ff:ff:ff:ff:ff:ff link-netnsid
查看container test1 的link “eth0@if19“ 是和本地的“vethfdefc77@if18“ 构成一对的。
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cba625871070 busybox "/bin/sh -c 'while t…" minutes ago Up minutes test1
[root@localhost ~]# docker exec test1 ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue qlen
link/loopback ::::: brd :::::
: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu qdisc noqueue
link/ether ::ac::: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]#
本地新增的link “vethfdefc77“ 是和docker0相连的,可以通过brctl show 查看
[root@localhost ~]# yum install bridge-utils
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.njupt.edu.cn
* extras: mirrors.tuna.tsinghua.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Package bridge-utils-1.5-.el7.x86_64 already installed and latest version
Nothing to do
[root@localhost ~]# brctl
Usage: brctl [commands]
commands:
addbr <bridge> add bridge
delbr <bridge> delete bridge
addif <bridge> <device> add interface to bridge
delif <bridge> <device> delete interface from bridge
hairpin <bridge> <port> {on|off} turn hairpin on/off
setageing <bridge> <time> set ageing time
setbridgeprio <bridge> <prio> set bridge priority
setfd <bridge> <time> set bridge forward delay
sethello <bridge> <time> set hello time
setmaxage <bridge> <time> set max message age
setpathcost <bridge> <port> <cost> set path cost
setportprio <bridge> <port> <prio> set port priority
show [ <bridge> ] show a list of bridges
showmacs <bridge> show a list of mac addrs
showstp <bridge> show bridge stp info
stp <bridge> {on|off} turn stp on/off
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 .0242e850c76c no vethfdefc77
virbr0 .525400105abe yes virbr0-nic
[root@localhost ~]#
接下来再运行一个container
[root@localhost ~]# docker run --name test2 -d busybox /bin/sh -c "while true;do sleep 3600;done"
f81ab807503c0506d3e6a0375e2179eb0ddc0203162faf60117fc393187c59ac
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f81ab807503c busybox "/bin/sh -c 'while t…" seconds ago Up seconds test2
cba625871070 busybox "/bin/sh -c 'while t…" minutes ago Up minutes test1
[root@localhost ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "4e8172ef8e0169e74285225030d0b5f271494df46c4f7bc3ba38e9ca87a1c6f9",
"Created": "2019-07-17T06:50:29.144315528-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"cba62587107007983d45a4383598dbec18a37d33e415f2325572e8f98f36a32a": {
"Name": "test1",
"EndpointID": "00bcbb182eaf78e390c842e5edc5af27b2df2db2c3905e76f816828d7a9eadc3",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"f81ab807503c0506d3e6a0375e2179eb0ddc0203162faf60117fc393187c59ac": {
"Name": "test2",
"EndpointID": "d80d942aad5ea4e0322be344756317d61ad850ad45ad1d3e086b6d2e43879ead",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": ""
},
"Labels": {}
}
]
[root@localhost ~]#
查看新增ip link,可以看到新增的link也是连接到docker0上
[root@localhost ~]# ip link
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT qlen
link/ether :0c:::e1:eb brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen
link/ether ::::5a:be brd ff:ff:ff:ff:ff:ff
: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue state UP mode DEFAULT
link/ether ::e8::c7:6c brd ff:ff:ff:ff:ff:ff
: vethfdefc77@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue master docker0 state UP mode DEFAULT
link/ether d2:1a:0d:9c:: brd ff:ff:ff:ff:ff:ff link-netnsid
: veth39873ad@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc noqueue master docker0 state UP mode DEFAULT
link/ether e6:e5:::: brd ff:ff:ff:ff:ff:ff link-netnsid
[root@localhost ~]# docker exec test2 ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
: eth0@if21: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu qdisc noqueue
link/ether ::ac::: brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/ brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@localhost ~]# br
brctl break bridge brltty brltty-config brltty-ctb brltty-install brltty-trtxt brltty-ttb
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 .0242e850c76c no veth39873ad
vethfdefc77
virbr0 .525400105abe yes virbr0-nic
[root@localhost ~]#
docker0 和网卡之间做了nat,如果网卡能连外网,则container也能连外网
docker-bridge network的更多相关文章
- 【Network】Calico, Flannel, Weave and Docker Overlay Network 各种网络模型之间的区别
From the previous posts, I have analysed 4 different Docker multi-host network solutions - Calico, F ...
- Docker bridge探索
作者:ellen.sun链接:http://blog.daocloud.io/docker-bridge/著作权归作者所有.商业转载请联系作者获得授权,非商业转载请注明出处. 早期的二层网络中,bri ...
- [头脑风暴] 解读Docker Bridge网络模型
背景 这几天在研究Kubernetes, 遇到一个有意思的nodejs镜像:luksa/kubia # 不带端口映射启动容器docker run -it -d luksa/kubia# 连接到默认的B ...
- (转)Docker - 创建 Docker overlay network (containers 通信)
原文链接: http://www.cnblogs.com/AlanWalkOn/p/6101875.html --- 创建基于Key-Value的Docker overlay network. 这样运 ...
- [Docker] Driver Bridge network for linking containers
In previous postwe have seen how to link two container together by using `--link`: # docker run -d - ...
- Docker container network configuration
http://xmodulo.com/networking-between-docker-containers.html How to set up networking between Docker ...
- docker - 关于network的一些理解
docker 提供给我们多种(4种)网络模式,我们可以根据自己的需求来使用.例如我们在一台主机(host)或者同一个docker engine上面运行continer的时候,我们就可以选择bridge ...
- Docker bridge、host、container other、overlay 网络模式
docker run创建Docker容器时,可以用--net 选项指定容器的网络模式,Docker有以下5种网络模式: bridge模式:使用–net =bridge指定,默认设置: host模式:使 ...
- Docker bridge br0 pipework
Docker Centos7 下建立 Docker 桥接网络 - weifengCorp - 博客园https://www.cnblogs.com/weifeng1463/p/7468497.html ...
- docker 解决network has active endpoints
解决方式 使用 docker network disconnect -f {network} {endpoint-name},其中的 {endpoint-name} 可以使用命令 docker net ...
随机推荐
- httpclient请求接口,上传文件附加参数(.net core)
/// <summary> /// 上传文件 - 武汉站点 /// </summary> [HttpPost] public IActionResult UploadWH(Re ...
- JSON —— 数据结构
1.什么是 JSON JSON(JavaScript Object Notation) 是一种轻量级的数据交换格式. 易于人阅读和编写 JSON 采用完全独立于语言的文本格式,但是也使用了类似于 C ...
- XSLT学习(九)通过JavaScript转化xml
如果您的浏览器支持 XSLT,那么在浏览器中它可被用来将文档转换为 XHTML. JavaScript 解决方案 在前面的章节,我们已向您讲解如何使用 XSLT 将某个 XML 文档转换为 XHTML ...
- django 常用 import
from django.shortcuts import HttpResponse, render, redirect def yimi(request): #直接返回页面内容 return Http ...
- Codeforces Round #420 (Div. 2) - A
题目链接:http://codeforces.com/contest/821/problem/A 题意:给定一个n*n的矩阵. 问你这个矩阵是否满足矩阵里的元素除了1以外,其他元素都可以在该元素的行和 ...
- OutOfMemoryError系列(2): GC overhead limit exceeded
原因分析 JVM抛出 java.lang.OutOfMemoryError: GC overhead limit exceeded 错误就是发出了这样的信号: 执行垃圾收集的时间比例太大, 有效的运算 ...
- css3 清除浮动
eg:三个div,父级div下面有两个div分别float:left和float:right <style> .container{width:400px;border:3px soild ...
- svnkit 异常:Exception in thread "main" org.tmatesoft.svn.core.SVNException: svn: E200030: SQLite error
https://stackoverflow.com/questions/16063105/org-tmatesoft-sqljet-core-sqljetexception-busy-error-co ...
- 动态规划之数字三角形(POJ1163)
在下面的数字三角形中寻找一条从顶部到底边的路径,使得路径上所经过的数字之和最大.路径上的每一步都只能往左下或 右下走.只需要求出这个最大和即可,不必给出具体路径. 既然求目标问题是根据查表得来的,自然 ...
- 开源大数据生态下的 Flink 应用实践
过去十年,面向整个数字时代的关键技术接踵而至,从被人们接受,到开始步入应用.大数据与计算作为时代的关键词已被广泛认知,算力的重要性日渐凸显并发展成为企业新的增长点.Apache Flink(以下简称 ...