Docker13_3：Docker自定义网络

查看所有的docker网络

docker network ls

docker网络网络模式初始只有3种：bridge、host、none

[root@VM-0-3-centos pdx_haokai]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
ed8612b1d525   bridge    bridge    local
efbd70fbac53   host      host      local
8b375c8baa85   none      null      local
[root@VM-0-3-centos pdx_haokai]#

docker网络模式介绍

bridge：桥接(docker0的网络模式起的名字也叫bridge，默认网络模式就是桥接，自定义网络也是桥接模式)
比如三个网段，0.1，0.2，0.3，它们之间不能互相访问，这个时候0.1作为桥

none：不配置网络
host：和宿主机共享网络
container：容器内网络联通(用的少，可以让容器之间直接互连，但是局限性很大)

启动容器默认追加–net bridge命令

# 启动容器命令的--net bridge，是默认添加的，因此我们不加就是默认使用docker0
# docker0局限：域名不能访问，可以通过--link来打通连接，但是太繁琐，所以不建议--link，更建议新建网络
# docker run -d -P --name tomcat01 --net bridge tomcat:0.1
docker run -d -P --name tomcat01 -tomcat:0.1

创建自定义网络

docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet

参数解析：
–driver bridge：是默认的，可以不写
–subnet：子网，最多支持65535个，配置/16就是，配置/24就是255
–gateway：网关，表示从哪里路由出去，一般为子网对应的0.1，路由器为0.1也是这个原理

运行输出：

[root@VM-0-3-centos pdx_haokai]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
a8a455ea111c8b3458d0ae24e76dc47b8eb64c65ef42ccb7ef4412559ce78e69
[root@VM-0-3-centos pdx_haokai]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
ed8612b1d525   bridge    bridge    local
efbd70fbac53   host      host      local
a8a455ea111c   mynet     bridge    local
8b375c8baa85   none      null      local
[root@VM-0-3-centos pdx_haokai]#

查看自定义网络

[root@VM-0-3-centos pdx_haokai]# docker network inspect a8a455ea111c
[
    {
        "Name": "mynet",
        "Id": "a8a455ea111c8b3458d0ae24e76dc47b8eb64c65ef42ccb7ef4412559ce78e69",
        "Created": "2022-01-19T21:30:34.564255758+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.0.0/16",
                    "Gateway": "192.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]
[root@VM-0-3-centos pdx_haokai]#

通过自定义网络启动两个容器测试

通过自定义容器启动两个tomcat

docker run -d -P --name tomcat-mynet-01 --net mynet mytomcat9.0.39:0.1

docker run -d -P --name tomcat-mynet-02 --net mynet mytomcat9.0.39:0.1

启动后查看mynet网络

[
    {
        "Name": "mynet",
        "Id": "a8a455ea111c8b3458d0ae24e76dc47b8eb64c65ef42ccb7ef4412559ce78e69",
        "Created": "2022-01-19T21:30:34.564255758+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "192.168.0.0/16",
                    "Gateway": "192.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "0944bb6991f8affc4de8305185491055ce5bb7e91ea09658ce0bba12e73435af": {
                "Name": "tomcat-mynet-02",
                "EndpointID": "f01053fd50e6e4497a74f943ce7190a978ada2269c93c89106ecd6db3828cf99",
                "MacAddress": "02:42:c0:a8:00:03",
                "IPv4Address": "192.168.0.3/16",
                "IPv6Address": ""
            },
            "54198e4aa6594c27aff1ab617e79278be56036567cf413664d39491114e8c262": {
                "Name": "tomcat-mynet-01",
                "EndpointID": "6579b71c42ec82639f1a00583beee78adceb39ab56274a0c5a33d07c47a5a6f5",
                "MacAddress": "02:42:c0:a8:00:02",
                "IPv4Address": "192.168.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]
[root@VM-0-3-centos pdx_haokai]#

ping IP和ping 容器名 进行测试，可以ping通，修复了docker0的缺点

[root@VM-0-3-centos pdx_haokai]# docker exec -it tomcat-mynet-01 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.087 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.050 ms
^C
--- 192.168.0.3 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.050/0.068/0.087/0.020 ms
[root@VM-0-3-centos pdx_haokai]# docker exec -it tomcat-mynet-01 ping tomcat-mynet-02
PING tomcat-mynet-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-mynet-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.039 ms
64 bytes from tomcat-mynet-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.057 ms
64 bytes from tomcat-mynet-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.059 ms
^C
--- tomcat-mynet-02 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.039/0.051/0.059/0.012 ms
[root@VM-0-3-centos pdx_haokai]#

自定义网络的好处

1.修复了docker0的缺点，可以通过容器名ping通
2.不同类型的集群可以使用不同的网络，保证集群网络的安全和健康，比如redis集群用192.160，mysql用192.161，那么它们两个网段之间也是可以打通网络的(网络连通)。