Docker容器网络前提提要
docker exec -it kvstor1 /bin/sh ##【进入一个redis容器】 docker exec -it web1 /bin/sh ##【进入一个nginx容器】
###docker网络管理
##网络命令
[root@localhost ~]# ip
Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
ip [ -force ] -batch filename
where OBJECT := { link | address | addrlabel | route | rule | neigh | ntable |
tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm |
netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila |
vrf }
OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
-h[uman-readable] | -iec |
-f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |
- | - | -I | -D | -B | - |
-l[oops] { maximum-addr-flush-attempts } | -br[ief] |
-o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |
-rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}
[root@localhost ~]# ip netns help
Usage: ip netns list
ip netns add NAME
ip netns set NAME NETNSID
ip [-all] netns delete [NAME]
ip netns identify [PID]
ip netns pids NAME
ip [-all] netns exec [NAME] cmd ...
ip netns monitor
ip netns list-id
[root@localhost ~]# ifconfig
ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.163.166 netmask 255.255.255.0 broadcast 192.168.163.255
inet6 fe80::c6bd:2a97:fd69:bcb prefixlen scopeid 0x20<link>
ether :0c::b3::bf txqueuelen (Ethernet)
RX packets bytes (60.0 KiB)
RX errors dropped overruns frame
TX packets bytes (28.8 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions virbr0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether ::::f8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
#设置虚拟区域
[root@localhost ~]# ip netns add r1
[root@localhost ~]# ip netns add r2
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns list
r2
r1
[root@localhost ~]# ip netns exec r1 ifconfig
[root@localhost ~]# ip netns exec r1 ifconfig -a
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r2 ifconfig -a
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
#增加虚拟网卡相关命令
[root@localhost ~]# ip link help
Usage: ip link add [link DEV] [ name ] NAME
[ txqueuelen PACKETS ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ] [index IDX ]
[ numtxqueues QUEUE_COUNT ]
[ numrxqueues QUEUE_COUNT ]
type TYPE [ ARGS ] ip link delete { DEVICE | dev DEVICE | group DEVGROUP } type TYPE [ ARGS ] ip link set { DEVICE | dev DEVICE | group DEVGROUP }
[ { up | down } ]
[ type TYPE ARGS ]
[ arp { on | off } ]
[ dynamic { on | off } ]
[ multicast { on | off } ]
[ allmulticast { on | off } ]
[ promisc { on | off } ]
[ trailers { on | off } ]
[ carrier { on | off } ]
[ txqueuelen PACKETS ]
[ name NEWNAME ]
[ address LLADDR ]
[ broadcast LLADDR ]
[ mtu MTU ]
[ netns { PID | NAME } ]
[ link-netnsid ID ]
[ alias NAME ]
[ vf NUM [ mac LLADDR ]
[ vlan VLANID [ qos VLAN-QOS ] [ proto VLAN-PROTO ] ]
[ rate TXRATE ]
[ max_tx_rate TXRATE ]
[ min_tx_rate TXRATE ]
[ spoofchk { on | off} ]
[ query_rss { on | off} ]
[ state { auto | enable | disable} ] ]
[ trust { on | off} ] ]
[ node_guid { eui64 } ]
[ port_guid { eui64 } ]
[ xdp { off |
object FILE [ section NAME ] [ verbose ] |
pinned FILE } ]
[ master DEVICE ][ vrf NAME ]
[ nomaster ]
[ addrgenmode { eui64 | none | stable_secret | random } ]
[ protodown { on | off } ] ip link show [ DEVICE | group GROUP ] [up] [master DEV] [vrf NAME] [type TYPE] ip link xstats type TYPE [ ARGS ] ip link afstats [ dev DEVICE ] ip link help [ TYPE ] TYPE := { vlan | veth | vcan | dummy | ifb | macvlan | macvtap |
bridge | bond | team | ipoib | ip6tnl | ipip | sit | vxlan |
gre | gretap | ip6gre | ip6gretap | vti | nlmon | team_slave |
bond_slave | ipvlan | geneve | bridge_slave | vrf | macsec }
#操作
[root@localhost ~]# ip link show ##未增加前
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT group default qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT group default qlen
link/ether :0c::b3::bf brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link add name veth1. type veth peer name veth1.
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip link show ##增加后
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN mode DEFAULT group default qlen
link/loopback ::::: brd :::::
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc pfifo_fast state UP mode DEFAULT group default qlen
link/ether :0c::b3::bf brd ff:ff:ff:ff:ff:ff
: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc noqueue state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: virbr0-nic: <BROADCAST,MULTICAST> mtu qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen
link/ether ::::f8: brd ff:ff:ff:ff:ff:ff
: veth1.@veth1.: <BROADCAST,MULTICAST,M-DOWN> mtu qdisc noop state DOWN mode DEFAULT group default qlen
link/ether 2a:af:6b::fe:a7 brd ff:ff:ff:ff:ff:ff
: veth1.@veth1.: <BROADCAST,MULTICAST,M-DOWN> mtu qdisc noop state DOWN mode DEFAULT group default qlen
link/ether :bc::d1:c8: brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link set dev veth1. netns r1 ##把网卡放在区域1 [root@localhost ~]# ip netns exec r1 ifconfig -a ##未激活
lo: flags=<LOOPBACK> mtu
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions veth1.: flags=<BROADCAST,MULTICAST> mtu
ether 2a:af:6b::fe:a7 txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]# ifconfig veth1. 10.1.0.1/ up ##激活
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ifconfig
ens33: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 192.168.163.166 netmask 255.255.255.0 broadcast 192.168.163.255
inet6 fe80::c6bd:2a97:fd69:bcb prefixlen scopeid 0x20<link>
ether :0c::b3::bf txqueuelen (Ethernet)
RX packets bytes (183.1 KiB)
RX errors dropped overruns frame
TX packets bytes (90.7 KiB)
TX errors dropped overruns carrier collisions lo: flags=<UP,LOOPBACK,RUNNING> mtu
inet 127.0.0.1 netmask 255.0.0.0
inet6 :: prefixlen scopeid 0x10<host>
loop txqueuelen (Local Loopback)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions veth1.: flags=<UP,BROADCAST,MULTICAST> mtu
inet 10.1.0.1 netmask 255.255.255.0 broadcast 10.1.0.255
ether :bc::d1:c8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions virbr0: flags=<UP,BROADCAST,MULTICAST> mtu
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether ::::f8: txqueuelen (Ethernet)
RX packets bytes (0.0 B)
RX errors dropped overruns frame
TX packets bytes (0.0 B)
TX errors dropped overruns carrier collisions
[root@localhost ~]# ip netns exec r1 ifconfig veth1. 10.1.0.2/ up ##区域1的网卡也激活
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r1 ifconfig
veth1.: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.1.0.2 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::28af:6bff:fe95:fea7 prefixlen scopeid 0x20<link>
ether 2a:af:6b::fe:a7 txqueuelen (Ethernet)
RX packets bytes (1.7 KiB)
RX errors dropped overruns frame
TX packets bytes (656.0 B)
TX errors dropped overruns carrier collisions [root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ping 10.1.0.2 ##veth1.1和区域1的网卡veth1.2通信
PING 10.1.0.2 (10.1.0.2) () bytes of data.
bytes from 10.1.0.2: icmp_seq= ttl= time=0.108 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.079 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.040 ms
##操作2
[root@localhost ~]# ip link set dev veth1. netns r2 ##将网卡移向区域2 [root@localhost ~]# ip netns exec r2 ifconfig veth1. 10.1.0.3/ up ##在区域2激活网卡 [root@localhost ~]# ip netns exec r2 ifconfig
veth1.: flags=<UP,BROADCAST,RUNNING,MULTICAST> mtu
inet 10.1.0.3 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::70bc:29ff:fed1:c850 prefixlen scopeid 0x20<link>
ether :bc::d1:c8: txqueuelen (Ethernet)
RX packets bytes (1.0 KiB)
RX errors dropped overruns frame
TX packets bytes (2.7 KiB)
TX errors dropped overruns carrier collisions [root@localhost ~]# ip netns exec r2 ping 10.1.0.2 ##区域2的ping区域1的网卡
PING 10.1.0.2 (10.1.0.2) () bytes of data.
bytes from 10.1.0.2: icmp_seq= ttl= time=0.098 ms
bytes from 10.1.0.2: icmp_seq= ttl= time=0.049 ms
Docker容器网络前提提要的更多相关文章
- Docker容器网络篇
Docker容器网络篇 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.Docker的网络模型概述 如上图所示,Docker有四种网络模型: 封闭式网络(Closed conta ...
- 【转】理解Docker容器网络之Linux Network Namespace
原文:理解Docker容器网络之Linux Network Namespace 由于2016年年中调换工作的原因,对容器网络的研究中断过一段时间.随着当前项目对Kubernetes应用的深入,我感觉之 ...
- 两台主机间docker容器网络互通
服务器1: 网络172.30.0.0/16 服务器2: 网络172.31.0.0/16 服务器1和服务器2上的docker容器网络之间是无法互通的,如果需要互通,需要做以下配置: 服务器1上执行: i ...
- docker容器网络bridge
我们知道docker利用linux内核特性namespace实现了网络的隔离,让每个容器都处于自己的小世界里面,当这个小世界需要与外界(宿主机或其他容器)通信的时候docker的网络就发挥作用了,这篇 ...
- Docker容器网络-基础篇
开源Linux 一个执着于技术的公众号 Docker的技术依赖于Linux内核的虚拟化技术的发展,Docker使用到的网络技术有Network Namespace.Veth设备对.Iptables/N ...
- Docker容器网络配置
Docker容器网络配置 1.Linux内核实现名称空间的创建 1.1 ip netns命令 可以借助ip netns命令来完成对 Network Namespace 的各种操作.ip netns命令 ...
- Kubernetes & Docker 容器网络终极之战(十四)
目录 一.单主机 Docker 网络通信 1.1.host 模式 1.2 Bridge 模式 1.3 Container 模式 1.4.None 模式 二.跨主机 Docker 网络通信分类 2.1 ...
- Linux namespace技术应用实践--调用宿主机命令(tcpdump/ip/ps/top)检查docker容器网络、进程状态
背景 最近偶然听了几堂极客时间的云原生免费公开课程,首次接触到了Linux namespace技术,并了解到这正是现在风头正劲的容器技术基石,引起了自己探究一二的兴趣,结合课程+网络搜索+实践操作,也 ...
- docker容器网络
1.我们在使用docker run创建Docker容器时,可以用--net选项指定容器的网络模式,Docker有以下4种网络模式: · host模式,使用--net=host指定 · containe ...
随机推荐
- foreach与正常for循环效率对比
foreach foreach编译成字节码之后,使用的是迭代器实现的. foreach特点: 无须获取容器大小 需要创建额外的迭代器变量 遍历期间得到的是对象,没有索引位置信息,因此不能进行赋值操作. ...
- fork/join并发编程
Fork & Join 的具体含义 Fork 一词的原始含义是吃饭用的叉子,也有分叉的意思.在Linux 平台中,函数 fork()用来创建子进程,使得系统进程可以多一个执行分支.在 Java ...
- Java 实现文件复制的不同方法
用不同的方法实现文件的复制 1. 通道 Channel,它是一个对象,可以通过它读取和写入数据.拿NIO与原来的I/O比较,通道就像是流.是对接操作系统底层和缓冲区的桥梁. 2. 性能比较 内存映射最 ...
- SQL的各种连接--自联结,内连接,外连接,交叉连接
1.准备两个表:Student,Course,其中student.C_S_Id=Course.C_Id(即Student 表中的 C_S_Id 字段为外键列,关联的是 Course 表的 C_Id 主 ...
- python基础知识(1)(个人整理)
import文件夹下的py文件: 情况1: `-- src |-- mod1.py `-- test1.py 直接 import mod1.py即可 情况2: -- src |-- mod ...
- 如何做好APP功能测试?
一.如何做好app的测试工作? 22 个回答  斗魂大陆 凡是可能会出错的地方,一定会出错!--墨菲法则 腾讯有个平台可以实现适配兼容.服务器压力.性能测试.弱网络.耗电量测试等等,挺全面的.WeT ...
- pycharm 进入Pythonshell脚本调试
- Apache Flink 进阶(六):Flink 作业执行深度解析
本文根据 Apache Flink 系列直播课程整理而成,由 Apache Flink Contributor.网易云音乐实时计算平台研发工程师岳猛分享.主要分享内容为 Flink Job 执行作业的 ...
- spring-boot整合Mybatis案例(注解方式)
1.运行环境 开发工具:intellij idea JDK版本:1.8 项目管理工具:Maven 4.0.0 2.GITHUB地址 https://github.com/nbfujx/springBo ...
- powerdesigner 15.1 逆向工程 sqlserver2008 、sqlserver2005 带注释
第一种方法:在第一个网址里面的代码可以直接赋值到对应位置即可 http://wjqe.blog.163.com/blog/static/19938452011612536439/ 第二种方法:可塑性较 ...