1.测试
ip addr
2. 每启动一个容器多一个网卡
# 我们发现这个容器带来,都是一对对的
# veth-pair 就是一对的虚拟设备接口,他们都是成对出现的,一段连着协议,一段连接彼此
# 正因为有这个特性,veth-pair充当一个桥梁,连接着各种虚拟网络设备的
# openStac.docker容器直接的连接,ovs的连接,都是使用veth-pair 技术
所有容器不指定网络的情况下,都是docker0路由的,docker会给我们的容器分配一个默认的可用ip
小结
Docker 使用的是linux的桥接,宿主机中是一个docker容器的网桥docker0.
Docker中的所有的网络接口都是虚拟的。虚拟的转发效率高!
–link
思考一个场景,我们编写一个微服务,database url=ip,项目不重启,数据库ip换掉了,我们希望可以处理这个问题,可以用名字来进行访问容器?
探究:inspect!
本质探究:–link 就是我们hosts配置中增加了一个 IP地址(172.156.0.3) tomcat02 546442dsf5
我们现在玩Docker 已经不建议使用–link 了!
自定义网络!不适用docker0
docker0问题:他不支持容器名连接访问!
自定义网络
查看所有的docker网络
[root@VM-0-14-centos ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
6773b9aad0a0 bridge bridge local
f9fd92970547 host host local
7aa2aa47c813 none null local
网络模式
bridge : 桥接docker(默认,自己创建也使用bridge模式)
none : 不配置网络
host : 和宿主机共享网络
container : 容器网络联通!(用的少!局限性打)
测试
# 我们直接启动的命令 --net bridge,而这个就是我们的docker0
docker run -d -P --name tomcat01 tomcat
docker run -d -P --name tomcat01 bridge tomcat
# docker0特点,默认,域名不能直接访问,--link可以直接打通连接(但不建议)
# 我们可以自定义一个网络!
# --driver bridge
# --subnet 192.168.0.0/16
# --gateway 192.168.0.1
[root@VM-0-14-centos ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet639f858045e73da77acdb633c71ca4a06613d54f6802e945d8418f8828ec2dbe
[root@VM-0-14-centos ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
6773b9aad0a0 bridge bridge local
f9fd92970547 host host local
639f858045e7 mynet bridge local
7aa2aa47c813 none null local
[root@VM-0-14-centos ~]#
# 到这里我们就已经创建好了我们的网络
测试
[root@VM-0-14-centos ~]# docker run -d -P --name tomcat-net0 --net mynet tomcat
Unable to find image 'tomcat:latest' locally
latest: Pulling from library/tomcat
1cfaf5c6f756: Pull complete
c4099a935a96: Pull complete
f6e2960d8365: Pull complete
dffd4e638592: Pull complete
a60431b16af7: Pull complete
4869c4e8de8d: Pull complete
9815a275e5d0: Pull complete
c36aa3d16702: Pull complete
cc2e74b6c3db: Pull complete
1827dd5c8bb0: Pull complete
Digest: sha256:1af502b6fd35c1d4ab6f24dc9bd36b58678a068ff1206c25acc129fb90b2a76a
Status: Downloaded newer image for tomcat:latest
8554f4a8e496ca36b42d231d88c2870058e3af4a0c912a7e6c2f1aba25f8af12
[root@VM-0-14-centos ~]# docker run -d -P --name tomcat-net01 --net mynet tomcat
2b15f26ecd85a5d22d1b3bfb8aacfb075912c8cdcf874596b58652893e10a1f9
[root@VM-0-14-centos ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "639f858045e73da77acdb633c71ca4a06613d54f6802e945d8418f8828ec2dbe",
"Created": "2021-08-24T01:58:30.507821604+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"2b15f26ecd85a5d22d1b3bfb8aacfb075912c8cdcf874596b58652893e10a1f9": {
"Name": "tomcat-net01",
"EndpointID": "6500230cacf89b50435e5e65eac396f93b149dc783ab38f4020b7997c5ed0b33",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"8554f4a8e496ca36b42d231d88c2870058e3af4a0c912a7e6c2f1aba25f8af12": {
"Name": "tomcat-net0",
"EndpointID": "8698a4f54f94d097fb7431ed2046b88420bccbcb9915313d806bdcb92f86ef8f",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
# 再次ping连接,发现不适用--link也可以通过名称连接了
root@VM-0-14-centos ~]# docker exec -it tomcat-net0 ping tomcat-net01
PING tomcat-net01 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.084 ms
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.071 ms
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.075 ms
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=4 ttl=64 time=0.067 ms
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=5 ttl=64 time=0.081 ms
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=6 ttl=64 time=0.067 ms
64 bytes from tomcat-net01.mynet (192.168.0.3): icmp_seq=7 ttl=64 time=0.072 ms
我们自定义的网络docker都已经帮我们维护好了对应关系,推荐我们平时这样使用网络!
好处:
redis-不同的集群使用不同的网络,保证集群是安全和健康的
mysql-不同的集群使用不同的网络,保证集群是安全和健康的
网络连通
测试打通
# docker network connect [network] [container]
[root@VM-0-14-centos ~]# docker network connect mynet tomcat01
# 就是直接将tomcat01f放到了mynet 容器下
# 一个容器两个ip地址
# 阿里云服务器,公网IP和私网ip
# [root@VM-0-14-centos ~]# docker inspect mynet
# 连通ok
[root@VM-0-14-centos ~]# docker exec -it tomcat01 ping tomcat-net0
PING tomcat-net0 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net0.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.085 ms
64 bytes from tomcat-net0.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.072 ms
64 bytes from tomcat-net0.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.065 ms
64 bytes from tomcat-net0.mynet (192.168.0.2): icmp_seq=4 ttl=64 time=0.066 ms
结论:假设咬跨网络操作,就需要使用docker network connect 连通
实战部署redis集群
创建网卡
[root@VM-0-14-centos ~]# docker network create redis --subnet 172.38.0.0/16
a08db5fed2480e877b723eceec3bc32a6b2b2a3b32e132436c5c313d8d7a5039
[root@VM-0-14-centos ~]# docker network inspect a08db5fed2480e877b723eceec3bc32a6b2b2a3b32e132436c5c313d8d7a5039
[
{
"Name": "redis",
"Id": "a08db5fed2480e877b723eceec3bc32a6b2b2a3b32e132436c5c313d8d7a5039",
"Created": "2021-08-24T16:25:37.196053233+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.38.0.0/16"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
shell脚本!
# 通过脚本创建六个redis配置
for port in $(seq 1 6);\
do \
mkdir -p /mydata/redis/node-${port}/conf
touch /mydata/redis/node-${port}/conf/redis.conf
cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-node-timeout 5000
cluster-announce-ip 172.38.0.1${port}
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
EOF
done
# 启动也可以写脚本
# 比如
for port in $(seq 1 6);\
do \
docker run -p 3900${port}:6379 -p 3990${port}:16379 --name redis-${port} \
-v /mydata/redis/node-${port}/data:/data \
-v /mydata/redis/node-${port}/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.1${port} redis redis-server /etc/redis/redis.conf
done
# 都启动之后,执行redis
[root@VM-0-14-centos /]# docker exec -it redis-1 /bin/bash
# 创建集群
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-replicas 1
成功之后
root@46b06e3b7d41:/data# redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:156
cluster_stats_messages_pong_sent:157
cluster_stats_messages_sent:313
cluster_stats_messages_ping_received:152
cluster_stats_messages_pong_received:156
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:313
# 查看主从
127.0.0.1:6379> cluster nodes
4d4a43be8b8f13e5deeb8c5237d45c3484b9e281 172.38.0.12:6379@16379 master - 0 1629823905000 2 connected 5461-10922
dccefed4768c7b745e6d6af00862a78980b5d1fa 172.38.0.15:6379@16379 slave da4355f892f82460d39430ec80c9a207e4ae068b 0 1629823905274 1 connected
bf7ce5119444a06bfc9f14efe491fa7e23758dd9 172.38.0.14:6379@16379 slave 9bf7e5edbe28d44da0e78cbe25649f74492ff2dc 0 1629823906000 3 connected
9bf7e5edbe28d44da0e78cbe25649f74492ff2dc 172.38.0.13:6379@16379 master - 0 1629823905485 3 connected 10923-16383
7f51353ee889399fab505d5a12063732440d9ba2 172.38.0.16:6379@16379 slave 4d4a43be8b8f13e5deeb8c5237d45c3484b9e281 0 1629823906540 2 connected
da4355f892f82460d39430ec80c9a207e4ae068b 172.38.0.11:6379@16379 myself,master - 0 1629823903000 1 connected 0-5460
# 测试分布式redis
127.0.0.1:6379> set a b
-> Redirected to slot [15495] located at 172.38.0.13:6379
OK
# 停止处理的这台服务器
[root@VM-0-14-centos conf]# docker stop redis-3
[root@VM-0-14-centos conf]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
027e368bcfd5 redis "docker-entrypoint.s…" 9 minutes ago Up 8 minutes 0.0.0.0:39006->6379/tcp, :::39006->6379/tcp, 0.0.0.0:39906->16379/tcp, :::39906->16379/tcp redis-6
50adc057ba0d redis "docker-entrypoint.s…" 9 minutes ago Up 8 minutes 0.0.0.0:39005->6379/tcp, :::39005->6379/tcp, 0.0.0.0:39905->16379/tcp, :::39905->16379/tcp redis-5
51aff374048e redis "docker-entrypoint.s…" 9 minutes ago Up 9 minutes 0.0.0.0:39004->6379/tcp, :::39004->6379/tcp, 0.0.0.0:39904->16379/tcp, :::39904->16379/tcp redis-4
8a5f3295f622 redis "docker-entrypoint.s…" 9 minutes ago Up 9 minutes 0.0.0.0:39002->6379/tcp, :::39002->6379/tcp, 0.0.0.0:39902->16379/tcp, :::39902->16379/tcp redis-2
46b06e3b7d41 redis "docker-entrypoint.s…" 9 minutes ago Up 9 minutes 0.0.0.0:39001->6379/tcp, :::39001->6379/tcp, 0.0.0.0:39901->16379/tcp, :::39901->16379/tcp redis-1
# 再获取值 发现是IP未为4的服务器处理的
root@46b06e3b7d41:/data# redis-cli -c
127.0.0.1:6379> get a
-> Redirected to slot [15495] located at 172.38.0.14:6379
"b"
258
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
