Docker 网络
理解Docker0
测试
三个网络
# 问题: docker 是如何处理容器网络访问的?
注:那个容器的ID(ca5d44e0a844)是我创建的centos的容器的ID
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -it centos /bin/bash
[root@ca5d44e0a844 /]# [root@iZuf61n8ywv9zx27oeoajoZ /] #这里按了 Ctrl + P + Q
#查看容器的内部网络地址 ip addr , 发现容器启动的时候会得到一个 eth0@if2176 ip地址 , docker分配的
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it ca5d44e0a844 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2175: eth0@if2176: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
#思考:linux能不能 ping 通容器内部!
[root@iZuf61n8ywv9zx27oeoajoZ /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.052 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.039 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.042 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.042 ms
#linux 可以ping 通 docker 容器内部
原理
-
我们每安装一个docker容器, docker就会给docker容器分配一个ip, 我们只要安装了docker, 就会有一个网卡 docker0
桥接模式, 使用的技术是 evth-pair技术
再次测试 ip addr
[root@iZuf61n8ywv9zx27oeoajoZ /]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:16:3e:16:93:3d brd ff:ff:ff:ff:ff:ff inet 172.19.14.174/20 brd 172.19.15.255 scope global dynamic eth0 valid_lft 315301052sec preferred_lft 315301052sec 3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:64:79:d4:89 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever 6: br-a8b173597bb8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:c3:7c:be:ea brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global br-a8b173597bb8 valid_lft forever preferred_lft forever 2176: veth9a1d701@if2175: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 16:85:4a:83:39:57 brd ff:ff:ff:ff:ff:ff link-netnsid 0 # 可以看到 启动一个容器后, 再次测试, 又多了一个地址(并且紧接着容器的序号2175) -
再启动一个容器测试 , 发现又多了一对网卡~
注意:我们前台没有进程,所以采用 下面第一行的方式(在上面一个小坑里有讲)
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos03 centos /bin/bash
b65544cf33c7be0495fe10c104ee21f8c8dfb96148bd89811aff2d0f49e58e98
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b65544cf33c7 centos "/bin/bash" 4 seconds ago Up 3 seconds centos03
ca5d44e0a844 centos "/bin/bash" 2 hours ago Up 2 hours angry_albattani
[root@iZuf61n8ywv9zx27oeoajoZ /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:16:93:3d brd ff:ff:ff:ff:ff:ff
inet 172.19.14.174/20 brd 172.19.15.255 scope global dynamic eth0
valid_lft 315295582sec preferred_lft 315295582sec
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:64:79:d4:89 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
6: br-a8b173597bb8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:c3:7c:be:ea brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-a8b173597bb8
valid_lft forever preferred_lft forever
2176: veth9a1d701@if2175: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 16:85:4a:83:39:57 brd ff:ff:ff:ff:ff:ff link-netnsid 0
2184: vethba9afa3@if2183: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 52:a3:09:4b:af:a3 brd ff:ff:ff:ff:ff:ff link-netnsid 1
# 可以发现, 当我又启动一个容器之后,发现又多了一对网卡 2184: vethba9afa3@if2183
#我们发现这个容器带来网卡, 都是一对对的
#evth-pair 就是一对的虚拟设备接口, 它们都是成对出现的, 一段接着协议, 一段彼此连接
#正因为有了这个特性, evth-pair 充当一个桥梁, 连接各种虚拟网络设备的
#OpenStac, Docker容器之间的连接, ovs的连接,都是使用 evth-pair技术
-
我们在测试一下 centos03 和 angry_albattani(第一个创建的centos容器,忘记起名了) 是否可以 ping 通
注:172.17.0.3就是 centos03 的地址
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it angry_albattani ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.070 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.050 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.052 ms
# 结论: 容器和容器之间是可以互相 ping 通的 !
网络模型图
结论:
- tomcat01 和 tomcat02 是公用的一个路由器 , docker0
- 所有的容器不指定网络的情况下, 都是docker0 路由的, docker 会给我们的容器分配一个默认的可用ip
- 再来个图
Docker中所有的网络接口都是虚拟的。 虚拟的转发效率高!(内网传递文件!)
(注: 由上图还可以知道bridge 是 默认的)
只要容器删除, 对应的网桥就没了
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b65544cf33c7 centos "/bin/bash" 29 minutes ago Up 29 minutes centos03
ca5d44e0a844 centos "/bin/bash" 2 hours ago Up 2 hours angry_albattani
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker stop ca5d44e0a844
ca5d44e0a844
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b65544cf33c7 centos "/bin/bash" 29 minutes ago Up 29 minutes centos03
[root@iZuf61n8ywv9zx27oeoajoZ /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:16:93:3d brd ff:ff:ff:ff:ff:ff
inet 172.19.14.174/20 brd 172.19.15.255 scope global dynamic eth0
valid_lft 315293800sec preferred_lft 315293800sec
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:64:79:d4:89 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
6: br-a8b173597bb8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:c3:7c:be:ea brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-a8b173597bb8
valid_lft forever preferred_lft forever
2184: vethba9afa3@if2183: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 52:a3:09:4b:af:a3 brd ff:ff:ff:ff:ff:ff link-netnsid 1
# 我们可以发现, 一开始的centos镜像的那对网卡 2176: veth9a1d701@if2175: 没了
–link
思考一个场景, 我们编写了一个微服务, database url=ip:,项目不重启, 数据库ip换掉了, 我么希望可以处理这个问题,可以用名字来进行访问容器?
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos04 centos /bin/bash
43d1f86349ce46b03a091761fd6ff4a97b192e7b642c6463173f3f7316616337
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
43d1f86349ce centos "/bin/bash" 6 seconds ago Up 5 seconds centos04
b65544cf33c7 centos "/bin/bash" 38 minutes ago Up 38 minutes centos03
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos03 ping centos04
ping: centos04: Name or service not known
# 我们可以发现, 直接用容器名 ping 另一个容器是行不通的
#如何解决呢?
#通过 --link 即可以解决网络连通问题
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos05 --link centos04 centos /bin/bash
1260d728cb24544185c37b0eb60bae4f4d662ffb21cbb1174a763bc518e29d92
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos05 ping centos04
PING centos04 (172.17.0.2) 56(84) bytes of data.
64 bytes from centos04 (172.17.0.2): icmp_seq=1 ttl=64 time=0.083 ms
64 bytes from centos04 (172.17.0.2): icmp_seq=2 ttl=64 time=0.060 ms
64 bytes from centos04 (172.17.0.2): icmp_seq=3 ttl=64 time=0.056 ms
^C
--- centos04 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 0.056/0.066/0.083/0.013 ms
#反向可以ping通吗?
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos04 ping centos05
ping: centos05: Name or service not known
# 显然不可以, 因为 04没有配置
探究(inspect)
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7059ad9236ba bridge bridge local
96c9192b5221 host host local
8756c5d558ef none null local
a8b173597bb8 test_default bridge local
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker inspect 7059ad9236ba
[
{
"Name": "bridge",
"Id": "7059ad9236bad2eee836e13703a8f05325ed6b5e5cdbe112f1481014efc3cf5b",
"Created": "2020-10-14T19:30:30.253219699+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": { # 这里面是docker为我们的容器创建的ip
"1260d728cb24544185c37b0eb60bae4f4d662ffb21cbb1174a763bc518e29d92": {
"Name": "centos05",
"EndpointID": "180cd2dc4850406edbd3291bdcbdfddd23bfc50bbc8f1c8b4fd3388c3f27d6d3",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"43d1f86349ce46b03a091761fd6ff4a97b192e7b642c6463173f3f7316616337": {
"Name": "centos04",
"EndpointID": "804900ff82149ea805e5e337b729a673542e35288bd804bad9688ee9ab5e13d4",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"b65544cf33c7be0495fe10c104ee21f8c8dfb96148bd89811aff2d0f49e58e98": {
"Name": "centos03",
"EndpointID": "f5ad654d67967d5282920f342072c55aeaa378de9b4b3634dc8ce88c10cc53bc",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
link的原理
其实这个centos05 就是在本地配置了centos04的配置?
#查看 hosts 配置,在这里发现了!
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos05 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 centos04 43d1f86349ce ####
172.17.0.4 1260d728cb24
# 所以说, --link就是在我们在hosts配置中增加了一个172.17.0.2 centos04 43d1f86349ce
但是,现在docker已经不建议使用 --link了!
我们现在用
自定义网络! 不适用docker0
docker0问题:它不支持容器名连接访问!
自定义网络
容器互联(–link 和 自定义网络)
#查看所有的docker网络
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7059ad9236ba bridge bridge local
96c9192b5221 host host local
8756c5d558ef none null local
a8b173597bb8 test_default bridge local
网络模式
bridge:桥接docker(默认,自己创建也使用这个模式)
none:不配置网络
host:和宿主机共享网络
container:容器内网络连通!(用得少!局限很大)
测试
#我们直接启动的命令 --net bridge,而这个就是我们的docker0
docker run -d -P --name tomcat01 tomcat
docker run -d -P --name tomcat01 --net bridge tomcat
#docker0特点, 默认,域名不能访问, --link可以打通连接!
#我们可以自定义一个网络!
#--driver bridge
#--subnet 192.168.0.0/16
#--gateway 192.168.0.1
# mynet是网络名字
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
f706d88435d522786ea60d5777241e31b2daefc4c458ce0d49d18c2741407a51
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7059ad9236ba bridge bridge local
96c9192b5221 host host local
f706d88435d5 mynet bridge local
8756c5d558ef none null local
a8b173597bb8 test_default bridge local
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker inspect mynet
[
{
"Name": "mynet",
"Id": "f706d88435d522786ea60d5777241e31b2daefc4c458ce0d49d18c2741407a51",
"Created": "2020-10-15T14:35:54.0864644+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16", #跟我们设置的一样
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
再次测试(用mynet)
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos-net-01 --net mynet centos /bin/bash
d89d299fd40b33457a8530a90b9d4c673ad30c984ad1b1abe18d97919a6bd243
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos-net-02 --net mynet centos /bin/bash
4f7674333b67301b03e32578f1d205fa43f096d83d2a51205b4942f5b5740ebc
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "f706d88435d522786ea60d5777241e31b2daefc4c458ce0d49d18c2741407a51",
"Created": "2020-10-15T14:35:54.0864644+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": { # 我们自己创建的网络下有刚刚创建的两个容器ip
"4f7674333b67301b03e32578f1d205fa43f096d83d2a51205b4942f5b5740ebc": {
"Name": "centos-net-02",
"EndpointID": "a4460f7d21cfd606eaaf299c22cf18e38e30b788f9d7bad1927187e5b3899274",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",# 并且ip范围在我们设置的区间里
"IPv6Address": ""
},
"d89d299fd40b33457a8530a90b9d4c673ad30c984ad1b1abe18d97919a6bd243": {
"Name": "centos-net-01",
"EndpointID": "2efbfb4dd6b21eceb02736d87893be12070445853b7fec45eb7c9fb638e6ca12",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16", #ip范围在我们设置的区间里
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
# 再次进行--link中的测试 (通过ip 和 名称ping)
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos-net-01 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.052 ms
^C
--- 192.168.0.3 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.052/0.058/0.065/0.010 ms
#现在不使用--link也可以ping名字了
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos-net-01 ping centos-net-02
PING centos-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from centos-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.041 ms
64 bytes from centos-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.055 ms
64 bytes from centos-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.056 ms
^C
--- centos-net-02 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.041/0.050/0.056/0.010 ms
我们自定义的网络docker都已经帮我们维护好了相对应的关系, 推荐我们平时这样使用网络!
好处:
redis-不同的集群使用不同的网络 , 保证集群是安全和健康的
mysql-不同的集群使用不同的网络 , 保证集群是安全和健康的
网络连通
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
# 我们可以用 docker network connect 来连通其它网络
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
#我们先在docker0下面创建两个容器
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos-net-01 --net mynet centos /bin/bash
d89d299fd40b33457a8530a90b9d4c673ad30c984ad1b1abe18d97919a6bd243
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker run -dit --name centos-net-02 --net mynet centos /bin/bash
4f7674333b67301b03e32578f1d205fa43f096d83d2a51205b4942f5b5740ebc
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos02 ping centos-net-01
ping: centos-net-01: Name or service not known
# 可以发现,不同网段的容器之间是ping不通的 mynet是192.168.0.0/16 docker0是 172.17.0.0/16
测试
#测试打通 centos01 和 mynet
#连通之后就是将 centos01 放到了mynet网络下?
#一个容器两个ip地址! 阿里云服务:公网ip 私网ip
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network connect mynet centos01
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker network inspect mynet
。。。
"Containers": {
"4f7674333b67301b03e32578f1d205fa43f096d83d2a51205b4942f5b5740ebc": {
"Name": "centos-net-02",
"EndpointID": "a4460f7d21cfd606eaaf299c22cf18e38e30b788f9d7bad1927187e5b3899274",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"d89d299fd40b33457a8530a90b9d4c673ad30c984ad1b1abe18d97919a6bd243": {
"Name": "centos-net-01",
"EndpointID": "2efbfb4dd6b21eceb02736d87893be12070445853b7fec45eb7c9fb638e6ca12",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"e2ce4f39344b9c97086ca872f3af86648dcd17a4e55a68ebbc6d3ee5688658fb": {
"Name": "centos01", #我们可以发现,centos01 被放到了mynet网络下
"EndpointID": "a0557f498b6c443b20220c1726f3bb5c6bc9d761a88531e5880a86436e0dff6a",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
}
},
。。。
#1、连通ok
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos01 ping centos-net-01
PING centos-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from centos-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.062 ms
64 bytes from centos-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.053 ms
64 bytes from centos-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.055 ms
^C
--- centos-net-01 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.053/0.056/0.062/0.009 ms
#2、是依旧打不通的
[root@iZuf61n8ywv9zx27oeoajoZ /]# docker exec -it centos02 ping centos-net-01
ping: centos-net-01: Name or service not known
结论:假设要跨网络操作别人, 就需要使用 docker network connect连通!
2151
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
