docker网络的创建
-
docker network create [options]
参数:-d:指定driver,如bridge
例子:docker network create -d bridge mybridge
[root@localhost ~]# docker network create -d bridge mybridge
a0bc67bd61e96496569fe5cb99cf3541a94fb5344ab78744d017ce68b08e56de
[root@localhost ~]#
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
c4b678a93972 bridge bridge local
d0763579887a host host local
a0bc67bd61e9 mybridge bridge local
6a03d63270a6 none null local
[root@localhost ~]#
[root@localhost ~]# docker network inspect a0b
[
{
"Name": "mybridge",
"Id": "a0bc67bd61e96496569fe5cb99cf3541a94fb5344ab78744d017ce68b08e56de",
"Created": "2021-12-12T15:39:11.777904385+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
- 可看到新创建的bridge子网为
172.18.0.0/16
使用自定义bridge
- 创建container时使用
--network [network_name]来指定网络
[root@localhost ~]# docker container run -d --name box3 --network mybridge busybox /bin/sh -c "while true; do sleep 3600; done"
d4d224ad1847593352e11877e2264797129c3205d13aae42c227c50fea6b903a
[root@localhost ~]#
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d4d224ad1847 busybox "/bin/sh -c 'while t…" 11 seconds ago Up 10 seconds box3
a99bb30012ad busybox "/bin/sh -c 'while t…" 19 hours ago Up 19 hours box2
80c4a01d050e busybox "/bin/sh -c 'while t…" 19 hours ago Up 19 hours box1
-
使用
docker container inspect box3查看容器信息,发现网络使用的是自定义的bridge
image.png
-
使用
docker network inspect mybridge查看自定义的bridge信息,发现container下有box3
image.png
自定义网络提供类似DNS功能
- 使用
docker network connect bridge box3来使容器box3连接默认的bridge网络 - 连接完成后
docker container inspect box3来查看box3的信息,发现box3同时连接了自定义的mybridge和默认的bridge
image.png
- 进入到容器中
docker container exec -it box3 sh查看ip信息ip a,也能查看到此容器连接了172.18.0.2/16以及172.17.0.4/16两个接口
[root@localhost ~]# docker container exec -it box3 sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
29: eth0@if30: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
31: eth1@if32: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.4/16 brd 172.17.255.255 scope global eth1
valid_lft forever preferred_lft forever
- 使用
docker network inspect bridge也能查看到container中多了box3这个容器
image.png
关闭网络连接
docker network disconnect [network_name] [container_name]
容器网络互通实验()
-
创建第四个容器box4,网络连接至mybridge:
docker container run -d --name box4 --network mybridge busybox /bin/sh -c "while true; do sleep 3600; done" -
查看box3和box4的网络连接
[root@localhost ~]# docker container exec -it box3 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
29: eth0@if30: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@localhost ~]#
[root@localhost ~]# docker container exec -it box4 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
33: eth0@if34: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.3/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
-
在box3中使用box4的ip以及名字进行网络连接(ping)
Note
由此可见自定义的mybridge提供了类似DNS的功能,可以通过容器名称查询其ip地址。但是默认的bridge不提供类似的DNS的功能。
docker network其他参数
[root@localhost ~]# docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which to copy the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
- 指定网关和子网
docker network create -d bridge --gateway 172.200.0.1 --subnet 172.200.0.0/16 demo-bridge
[root@localhost ~]# docker network create -d bridge --gateway 172.200.0.1 --subnet 172.200.0.0/16 demo-bridge
18294d3e66dd7004ff956f8f1243ffcaf2d29940f3e024dfcd70c41814cc1b01
[root@localhost ~]#
[root@localhost ~]# docker network inspect demo-bridge
[
{
"Name": "demo-bridge",
"Id": "18294d3e66dd7004ff956f8f1243ffcaf2d29940f3e024dfcd70c41814cc1b01",
"Created": "2021-12-12T16:19:44.154286168+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.200.0.0/16",
"Gateway": "172.200.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
网友评论