本文概述
让我们学习Docker Networking…。
docker中主要有五个网络-桥, 主机, 覆盖, 无和macvlan。
桥接网络是docker中的默认网络。我在上一篇有关Docker体系结构的文章中已对这些网络进行了介绍。
在本文中, 我将向你展示docker联网的实际部分。你将了解如何检查docker网络详细信息, 如何连接到网络, 如何创建网络等。因此, 让我们开始吧。
每当你运行Docker容器时, 默认的桥接网络调用docker0都会与该容器相关联, 除非指定了任何其他网络。例如, 当我运行ifconfig命令时, 你将获得网桥类型的docker0网络的详细信息以及其他网络详细信息。
[email protected]:~$ ifconfig
docker0: flags=4099<UP, BROADCAST, MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:f6:59:4a:5f txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s3: flags=4163<UP, BROADCAST, RUNNING, MULTICAST> mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
inet6 fe80::763e:c0b4:14df:b273 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:68:64:9a txqueuelen 1000 (Ethernet)
RX packets 2157 bytes 2132896 (2.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 952 bytes 151610 (151.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s8: flags=4163<UP, BROADCAST, RUNNING, MULTICAST> mtu 1500
inet 192.168.56.102 netmask 255.255.255.0 broadcast 192.168.56.255
inet6 fe80::20a:6c57:839d:2652 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:53:45:82 txqueuelen 1000 (Ethernet)
RX packets 10597 bytes 1497146 (1.4 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12058 bytes 1730219 (1.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP, LOOPBACK, RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1196 bytes 105396 (105.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1196 bytes 105396 (105.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
查看网络
运行ls命令, 检查当前主机上运行的所有网络。你可以看到, 当前存在七个网络, 包括网桥, 主机和安装Docker时不会自动创建的网络。根据我过去运行的容器, 还有其他自定义网络的详细信息。
[email protected]:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
fec751a6ae21 bridge bridge local
21943b20735d docker_gwbridge bridge local
f51d1f3379e0 host host local
ppp8i7tvrxa0 ingress overlay swarm
ba68f73abeed mean-app_default bridge local
d466e75d86fa mean_default bridge local
5e5d9a192c00 none null local
检查网络
你可以运行inspect命令以获取有关网络类型的所有详细信息。它提供有关网络的信息, 包括名称, ID, 创建时间, 范围, 驱动程序, 配置详细信息, 例如子网和网关地址。如果有任何容器正在运行, 我还将提供容器详细信息。否则, 它将返回一个空字符串。
[email protected]:~$ docker network inspect bridge
[
{
"Name": "bridge", "Id": "fec751a6ae21f20a06cdc6eb823e773caec063b6bf9a388016594e59fd1db475", "Created": "2019-08-01T10:30:27.595054009-04:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": {
"Driver": "default", "Options": null, "Config": [
{
"Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1"
}
]
}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {
"Network": ""
}, "ConfigOnly": false, "Containers": {}, "Options": {
"com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500"
}, "Labels": {}
}
]
建立网络
使用create命令, 你可以创建自己的网络。你需要使用–driver标志提及驱动程序类型, 在下面的示例中, 我正在使用网桥类型。
[email protected]:~$ docker network create --driver bridge geekflare_network
08e0da91f6de6c640b1b6f8a8602973f310b8ee9b04961389b7dfda842ccc409
运行ls命令以检查是否已创建网络。
[email protected]:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
fec751a6ae21 bridge bridge local
21943b20735d docker_gwbridge bridge local
08e0da91f6de geekflare_network bridge local
f51d1f3379e0 host host local
ppp8i7tvrxa0 ingress overlay swarm
ba68f73abeed mean-app_default bridge local
d466e75d86fa mean_default bridge local
5e5d9a192c00 none null local
现在, 我将在创建的网络上运行一个docker容器。我在下面的命令中运行一个简单的Apache服务器容器。
[email protected]:~$ docker run -it -d --network=geekflare_network httpd
38a0b0646da1a0045afcf7aa0cd6228b851f74107a6718bb19d599e896df1002
运行inspect命令检查geekflare_network的所有信息。你可以在这次检查输出中找到容器的详细信息。容器名称确定为_dubinsky。
[email protected]:~$ docker network inspect geekflare_network
[
{
"Name": "geekflare_network", "Id": "08e0da91f6de6c640b1b6f8a8602973f310b8ee9b04961389b7dfda842ccc409", "Created": "2019-09-03T13:56:36.244295204-04:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": {
"Driver": "default", "Options": {}, "Config": [
{
"Subnet": "172.21.0.0/16", "Gateway": "172.21.0.1"
}
]
}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {
"Network": ""
}, "ConfigOnly": false, "Containers": {
"38a0b0646da1a0045afcf7aa0cd6228b851f74107a6718bb19d599e896df1002": {
"Name": "determined_dubinsky", "EndpointID": "30d252720e0f381ba01d6f5414525dff8587abcf3c4920100f112898a52c8a23", "MacAddress": "02:42:ac:15:00:02", "IPv4Address": "172.21.0.2/16", "IPv6Address": ""
}
}, "Options": {}, "Labels": {}
}
]
断开网络
要从容器断开网络连接, 请运行以下命令。你需要在断开连接命令中提及网络名称和容器名称。
[email protected]:~$ docker network disconnect geekflare_network determined_dubinsky
该网络将不再运行named_dubinsky容器;容器字段将为空。
[email protected]:~$ docker network inspect geekflare_network
[
{
"Name": "geekflare_network", "Id": "08e0da91f6de6c640b1b6f8a8602973f310b8ee9b04961389b7dfda842ccc409", "Created": "2019-09-03T13:56:36.244295204-04:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": {
"Driver": "default", "Options": {}, "Config": [
{
"Subnet": "172.21.0.0/16", "Gateway": "172.21.0.1"
}
]
}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {
"Network": ""
}, "ConfigOnly": false, "Containers": {}, "Options": {}, "Labels": {}
}
]
要创建除网桥以外的网络, 你需要提及网桥以外的驱动程序名称。要创建覆盖网络, 请运行以下命令。
[email protected]:~$ docker network create --driver overlay geekflare_network_2
ynd2858eu1cngwhpc40m3h1nx
[email protected]:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
fec751a6ae21 bridge bridge local
21943b20735d docker_gwbridge bridge local
08e0da91f6de geekflare_network bridge local
f51d1f3379e0 host host local
ppp8i7tvrxa0 ingress overlay swarm
ba68f73abeed mean-app_default bridge local
d466e75d86fa mean_default bridge local
5e5d9a192c00 none null local
ynd2858eu1cn geekflare_network_2 overlay swarm
要创建主机网络, 请使用–driver标志提及host。下面的示例返回一个错误, 因为仅允许一个主机网络实例, 该实例之前已经运行过。因此, 此命令不会创建另一个主机网络。
[email protected]:~$ docker network create --driver host geekflare_network_3
Error response from daemon: only one instance of "host" network is allowed
总结
这就是有关Docker网络以及如何连接, 断开连接, 创建, 检查Docker网络的全部内容。试用这些命令以熟悉Docket网络。如果你对学习Net Devops感到好奇, 请查看此Udemy课程。
评论前必须登录!
注册