Docker的network containers

在你默认的网络上启动容器      

Docker支持通过使用网络驱动的网络容器，默认提供bridge和overlay的两种驱动方式。也可以自己写驱动插件。

一般自动插入有默认的三个网络id

[root@localhost ~]# docker network ls

NETWORK ID          NAME                DRIVER              SCOPE

bbed5d6ed419        bridge              bridge              local

373ce11576d4        host                host                local

ca9a8be16c46        none                null                local

默认使用bridge桥接方式启动docker

例子：

运行一个docker

[root@localhost ~]# docker run -itd --name=networktest ubuntu

Unable to find image 'ubuntu:latest' locally

latest: Pulling from library/ubuntu

aafe6b5e13de: Pull complete

0a2b43a72660: Pull complete

18bdd1e546d2: Pull complete

8198342c3e05: Pull complete

f56970a44fd4: Pull complete

Digest: sha256:f3a61450ae43896c4332bda5e78b453f4a93179045f20c8181043b26b5e79028

Status: Downloaded newer image for ubuntu:latest

e4a317b1901d2460d6329e778de4c63a30274fb3a17a7368d53f29d424e89f45

查看这个docker的网络信息

[root@localhost ~]# docker network inspect bridge

[

    {

        "Name": "bridge",

        "Id": "bbed5d6ed4191de178268ce7548ed5ff29a5fdb64711ad6058a4664d7a8b955d",

        "Created": "2017-04-28T10:51:14.348984971+08:00",

        "Scope": "local",

        "Driver": "bridge",

        "EnableIPv6": false,

        "IPAM": {

            "Driver": "default",

            "Options": null,

            "Config": [

                {

                    "Subnet": "172.17.0.0/16"

                }

            ]

        },

        "Internal": false,

        "Attachable": false,

        "Containers": {

            "e4a317b1901d2460d6329e778de4c63a30274fb3a17a7368d53f29d424e89f45": {

                "Name": "networktest",

                "EndpointID": "83692caef1aa5d06821c79f4d4ec078ccad38c63c0dea76fdd1373de424bae68",

                "MacAddress": "02:42:ac:11:00:02",

                "IPv4Address": "172.17.0.2/16",

                "IPv6Address": ""

            }

        },

        "Options": {

            "com.docker.network.bridge.default_bridge": "true",

            "com.docker.network.bridge.enable_icc": "true",

            "com.docker.network.bridge.enable_ip_masquerade": "true",

            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",

            "com.docker.network.bridge.name": "docker0",

            "com.docker.network.driver.mtu": "1500"

        },

        "Labels": {}

    }

]

断开docker

[root@localhost ~]# docker network disconnect bridge networktest

定义自己的桥接网络

1：创建自己的桥接网络名

[root@localhost ~]# docker network create -d bridgemy_bridge

2：查看网络列表是否添加创建的bridge

[root@localhost ~]# docker network ls

NETWORK ID          NAME                DRIVER              SCOPE

bbed5d6ed419        bridge              bridge              local

373ce11576d4        host                host                local

c7329782bc28        my_bridge           bridge              local

ca9a8be16c46        none                null                local

3：查看网络，发现没有做任何操作

[root@localhost ~]# docker network inspect my_bridge

[

    {

        "Name": "my_bridge",

        "Id": "c7329782bc288e1cd42a2721ab9446adbe276cd309e5ea762cd6c78fb814431f",

        "Created": "2017-04-28T11:21:15.027135771+08:00",

        "Scope": "local",

        "Driver": "bridge",

        "EnableIPv6": false,

        "IPAM": {

            "Driver": "default",

            "Options": {},

            "Config": [

                {

                    "Subnet": "172.18.0.0/16",

                    "Gateway": "172.18.0.1"

                }

            ]

        },

        "Internal": false,

        "Attachable": false,

        "Containers": {},

        "Options": {},

        "Labels": {}

    }

]

4：添加一个容器给你的网络

   添加postgres database给my_bridge

   [root@localhost ~]# docker run -d --net=my_bridge --name db training/postgres

Unable to find image 'training/postgres:latest' locally

latest: Pulling from training/postgres

a3ed95caeb02: Pull complete

6e71c809542e: Pull complete

2978d9af87ba: Pull complete

e1bca35b062f: Pull complete

500b6decf741: Pull complete

74b14ef2151f: Pull complete

7afd5ed3826e: Pull complete

3c69bb244f5e: Pull complete

d86f9ec5aedf: Pull complete

010fabf20157: Pull complete

Digest: sha256:a945dc6dcfbc8d009c3d972931608344b76c2870ce796da00a827bd50791907e

Status: Downloaded newer image for training/postgres:latest

01e3080221af16402a74ba7a16cb95176ad74f1c50175666d148f9b03a1fd539

检查容器是否连接你自定义的网络

[root@localhost ~]# docker inspect --format='{{json .NetworkSettings.Networks}}'  db

{"my_bridge":{"IPAMConfig":null,"Links":null,"Aliases":["01e3080221af"],"NetworkID":"c7329782bc288e1cd42a2721ab9446adbe276cd309e5ea762cd6c78fb814431f","EndpointID":"c01ee9c04bc0a3091a93253e3c0da388e305adbb9fa0012a7247c318dff3dc0d","Gateway":"172.18.0.1","IPAddress":"172.18.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:12:00:02"}}

下载一个web应用（未指定网络）

[root@localhost ~]# docker run -d --name web training/webapp python app.py

Unable to find image 'training/webapp:latest' locally

latest: Pulling from training/webapp

e190868d63f8: Pull complete

909cd34c6fd7: Pull complete

0b9bfabab7c1: Pull complete

a3ed95caeb02: Pull complete

10bbbc0fc0ff: Pull complete

fca59b508e9f: Pull complete

e7ae2541b15b: Pull complete

9dd97ef58ce9: Pull complete

a4c1b0cb7af7: Pull complete

Digest: sha256:06e9c1983bd6d5db5fba376ccd63bfa529e8d02f23d5079b8f74a616308fb11d

Status: Downloaded newer image for training/webapp:latest

8f4d4eb5ba0b7305a1bb719ed33be64f6d5f4047a3db286076fa8a86e9cca00b

查看新建的web应用的网络

[root@localhost ~]# docker inspect --format='{{json .NetworkSettings.Networks}}'  web

{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"bbed5d6ed4191de178268ce7548ed5ff29a5fdb64711ad6058a4664d7a8b955d","EndpointID":"c12576b48a01986e0ccec91fd698e6c7e2f9a183ff3281ba6954a63754cc67ef","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}

 

 

查看容器ip地址

[root@localhost ~]# docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' web

172.17.0.2

[root@localhost ~]# docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' db

172.18.0.2

开bash窗口运行你的容器

[root@localhost ~]# docker exec -it db bash

root@01e3080221af:/# ping 172.17.0.2

PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.

^C

--- 172.17.0.2 ping statistics ---

10 packets transmitted, 0 received, 100% packet loss, time 9004ms

Note：无法ping通，这是因为容器运行在两个不同的网络上

Web连接自定义的my_bridge网络

root@01e3080221af:/# exit

exit

[root@localhost ~]# docker network connect my_bridge web

[root@localhost ~]# docker exec -it web bash

root@8f4d4eb5ba0b:/opt/webapp# ping 172.17.0.2

PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.

64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.041 ms

64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.096 ms

64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.951 ms

[root@localhost ~]# docker exec -it db bash

root@01e3080221af:/# ping 172.18.0.2

PING 172.18.0.2 (172.18.0.2) 56(84) bytes of data.

64 bytes from 172.18.0.2: icmp_seq=1 ttl=64 time=0.108 ms

64 bytes from 172.18.0.2: icmp_seq=2 ttl=64 time=0.093 ms

64 bytes from 172.18.0.2: icmp_seq=3 ttl=64 time=0.040 ms

64 bytes from 172.18.0.2: icmp_seq=4 ttl=64 time=0.056 ms

^C

--- 172.18.0.2 ping statistics ---

4 packets transmitted, 4 received, 0% packet loss, time 3000ms

rtt min/avg/max/mdev = 0.040/0.074/0.108/0.028 ms

Note：当两个容器置于同一个网络中，才能相互ping通。