Docker-网络管理-基础
Docker网络管理:
- 端口映射
- 网络模式
1.network
1.获取帮助
docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
指令 | 说明 |
---|---|
connect | 将一个容器连接到一个网络 |
create | 创建一个网络 |
disconnect | 从网络断开一个容器 |
inspect | 在一个或多个网络上显示详细信息 |
ls | 网络列表 |
prune | 删除所有未使用的网络 |
rm | 删除一个或多个网络 |
https://docs.docker.com/engine/reference/commandline/network/
2.命令格式
1.查看当前主机网络
docker network ls
NETWORK ID NAME DRIVER SCOPE
8e8b24ce3a07 bridge bridge local
59f27d5cdcbc host host local
26dd69b9aac8 none null local
标题 | 说明 |
---|---|
NETWORK ID | 网络ID |
NAME | 名称 |
DRIVER | 驱动 |
SCOPE | 范围 |
2.查看bridge的网络内部信息
docker network inspect bridge
[
{
"Name": "bridge",
"Id": "8e8b24ce3a07518de595c060d35c61dc9e8f6f87024c8c2e6a7b8fe193ec2ef6",
"Created": "2020-04-14T11:06:14.379221259+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"1d37e6d9f116c195370ce094ce444c043284bed9a810c208d1bb2fe6d256f727": {
"Name": "hardcore_bartik",
"EndpointID": "6237af5462c08e4ad7c394ba2d8ae41c254ccb7a6d3f68d3a75dec3cbaab07b6",
"MacAddress": "02:42:ac:11:00:05",
"IPv4Address": "172.17.0.5/16",
"IPv6Address": ""
},
"340605f1190c42b6cc1573bdad7c6cbce1ba7aa899ff5826fab8299fca2f4a62": {
"Name": "nginx-wyf",
"EndpointID": "1874b6d042166b76a056a3db7cba838159d7238cd0b312b8e1d542ab72ba6445",
"MacAddress": "02:42:ac:11:00:09",
"IPv4Address": "172.17.0.9/16",
"IPv6Address": ""
},
"3d392914e276d51f48bcb3bb74e83de67f74b85ab5424b220e0e520fb0110b8e": {
"Name": "vf-ubunt-1",
"EndpointID": "7b9f4797449d8558b7522f4c15a7f11565f383c90125b55ef7107f432f5a02ee",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"60decfc922ce9d3fa55640778c77e4fa6e404f0793d5d30fb1a8410747a48514": {
"Name": "stoic_mirzakhani",
"EndpointID": "e027dc97e599f336584d9515e26c3c2ca828e6381c1fb4f348fc68cb023f3301",
"MacAddress": "02:42:ac:11:00:06",
"IPv4Address": "172.17.0.6/16",
"IPv6Address": ""
},
"799ceb41a562017b8193725e6a8eea9eb3ff04cd25b34868223064323ed3c31c": {
"Name": "vf-ubunt-3",
"EndpointID": "8f938c41878e768a791074defb2fbcf0bcd3742f5dc93309a99f45d9449a63d1",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"86a2c1ff3da35673ff2359119e31663fcda63e39ebe9b47ca8bb6d9034911ae8": {
"Name": "condescending_spence",
"EndpointID": "ed23cf85167c62149cbd23a7593f679594c48ae7cac4da402dfa2d233cef8f49",
"MacAddress": "02:42:ac:11:00:07",
"IPv4Address": "172.17.0.7/16",
"IPv6Address": ""
},
"a2334430a3f284a9f64a71f99fef4e9cbb60e40e8f4d393d99450830e2f92aca": {
"Name": "ecstatic_euler",
"EndpointID": "d8bc6b072bcdb5ff22d51198169aacf36e0032475568c298f88d5e960fad3868",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"a8320c759fe277788e19c9435a7a102ef6e52792ae403717af3e6ea8700868ad": {
"Name": "nginx-wyf-1",
"EndpointID": "5668b42b4c3a4718ace725862e560c6f2a729a8dca0d8e6c7120fa2888dbb276",
"MacAddress": "02:42:ac:11:00:0a",
"IPv4Address": "172.17.0.10/16",
"IPv6Address": ""
},
"b2b295d86c505d3d603b7b9b18c26c01980f952e6ddf616d4a084ba5b94d3964": {
"Name": "sweet_elgamal",
"EndpointID": "ab8ead7abf43416c4b3cada548893b70dc338f110291ac0acd368a18b8cd0d09",
"MacAddress": "02:42:ac:11:00:08",
"IPv4Address": "172.17.0.8/16",
"IPv6Address": ""
},
"fda95bab83df3af6dc806100e2e275b47e3ed86b3847e6f6787a0fde9d1d0d78": {
"Name": "nginx-wyf-2",
"EndpointID": "443ade95bf68e9f28b1e450fea4751963bd82e4005b253c237db5b9a10398f12",
"MacAddress": "02:42:ac:11:00:0b",
"IPv4Address": "172.17.0.11/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
2.inspect
1.获取帮助
docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
https://docs.docker.com/engine/reference/commandline/inspect/
2.命令格式
后续inspect查看网络相关的以当前查看运行的容器信息为实验
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fda95bab83df nginx "nginx -g 'daemon of…" 24 minutes ago Up 24 minutes 0.0.0.0:9999->80/tcp, 0.0.0.0:8888->443/tcp nginx-wyf-2
a8320c759fe2 nginx "nginx -g 'daemon of…" 30 minutes ago Up 30 minutes 192.168.234.62:8989->80/tcp nginx-wyf-1
340605f1190c nginx "nginx -g 'daemon of…" 50 minutes ago Up 50 minutes 192.168.234.62:32772->80/tcp nginx-wyf
b2b295d86c50 nginx "nginx -g 'daemon of…" 59 minutes ago Up 59 minutes 0.0.0.0:32771->80/tcp sweet_elgamal
86a2c1ff3da3 nginx "nginx -g 'daemon of…" 59 minutes ago Up 59 minutes 0.0.0.0:32770->80/tcp condescending_spence
60decfc922ce nginx "nginx -g 'daemon of…" 59 minutes ago Up 59 minutes 0.0.0.0:32769->80/tcp stoic_mirzakhani
1d37e6d9f116 nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:32768->80/tcp hardcore_bartik
a2334430a3f2 nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 80/tcp ecstatic_euler
799ceb41a562 ubuntu "/bin/bash" 2 hours ago Up 2 hours vf-ubunt-3
3d392914e276 ubuntu "/bin/bash" 21 hours ago Up 3 hours vf-ubunt-1
1.查看容器IP地址
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' 容器ID
例:
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' fda95bab83df
2.查看容器MAC地址
docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' 容器ID
例:
docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' fda95bab83df
3.查看容器的所有端口绑定
docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' 容器ID
例:
docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}} {{$p}} -> {{(index $conf 0).HostPort}} {{end}}' fda95bab83df
4.查找特定的端口映射
当字段名称以数字开头时,.Field语法不起作用,但是模板语言的索引函数起作用。 .NetworkSettings.Ports部分包含内部端口映射到外部地址/端口对象列表的映射。 要仅获取数字公共端口,可使用index查找特定的端口映射,然后index 0包含其中的第一个对象。 然后,我们要求HostPort字段获取公共地址。
docker inspect --format='{{(index (index .NetworkSettings.Ports "容器端口号/tcp") 0).HostPort}}' 容器ID
例:
1.查找容器端口号为80映射到宿主机的端口号
docker inspect --format='{{(index (index .NetworkSettings.Ports "80/tcp") 0).HostPort}}' fda95bab83df
2.查找容器端口号为443映射到宿主机的端口号
docker inspect --format='{{(index (index .NetworkSettings.Ports "443/tcp") 0).HostPort}}' fda95bab83df
3.port
1.获取帮助
docker port --help
Usage: docker port CONTAINER [PRIVATE_PORT[/PROTO]]
List port mappings or a specific mapping for the container
https://docs.docker.com/engine/reference/commandline/port/
2.命令格式
查看端口信息
docker port [容器id]
例:
1.获取最近创建的第一个容器
docker ps -n 1
2.获取第一列第二行的值【第一列是容器ID,第一行是标题,所以取第二行】
awk '{print $1}'|sed -n '2p'
3.查找对应的端口信息【$1:前面执行的结果的第一个参数】
xargs docker port $1
完整命令
docker ps -n 1|awk '{print $1}'|sed -n '2p'| xargs docker port $1
手动查找的效果一样,完整指令简化了步骤而已。
更多请参考:
https://docs.docker.com/engine/reference/commandline/docker/
或:
https://docker-doc.readthedocs.io/zh_CN/latest/reference/commandline/cli.html