Docker 网络

docker 网络类型
Briage
修改网桥 IP
Host
Container（K8s 使用的模式）
None
自定义网络模式

docker 网络类型

Bridge 桥接
- 类似VMware NAT

Host

容器与宿主机之间网卡共享
不支持端口映射，但性能好

Container（K8s 使用的模式）
- ```
容器与容器之间网卡共享
```
None
- ```
无网络模式
```

Briage

# 查看网络方式
[root@docker02 wordpress]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
73848298b8b9   bridge    bridge    local
aecdd274f8e4   host      host      local
ffef9ad12645   none      null      local

# 详细信息
[root@docker02 wordpress]# docker network inspect bridge 
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]

# 安装bridge-utils 查看
[root@zabbix01 ~]# brctl show
bridge name bridge id       STP enabled interfaces
docker0     8000.0242eca7bc4c   no

# 启动镜像
[root@docker02 wordpress]# docker run -it busybox sh

# 查看网卡
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:04  
          inet addr:172.17.0.4  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)

# 启动镜像
[root@docker01 wordpress]# docker run -it busybox sh

# 查看网卡
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:04  
          inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)
## 目前容器是无法跨主机通讯的

修改网桥 IP

# 方法1
[root@docker01 ~]# vim /usr/lib/systemd/system/docker.service 
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --bip=192.168.10.1/24
[root@docker01 ~]# systemctl restart docker
[root@docker01 ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.1  netmask 255.255.255.0  broadcast 192.168.10.255
        inet6 fe80::42:eff:fece:afc1  prefixlen 64  scopeid 0x20<link>
        ether 02:42:0e:ce:af:c1  txqueuelen 0  (Ethernet)
        RX packets 32158  bytes 29815441 (28.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 48670  bytes 109381416 (104.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

# 方法2
[root@docker01 docker]# vim /etc/docker/daemon.json
{
  "bip": "10.0.1.1/24",
  "registry-mirrors": ["https://7t3bpp45.mirror.aliyuncs.com"]
}

Host

20230912193229_3

# 以host模式启动容器
[root@docker01 docker]# docker run -it --network=host busybox sh
/ # ifconfig
docker0   Link encap:Ethernet  HWaddr 02:42:0E:CE:AF:C1  
          inet addr:192.168.10.1  Bcast:192.168.10.255  Mask:255.255.255.0
          inet6 addr: fe80::42:eff:fece:afc1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:32158 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48670 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:29815441 (28.4 MiB)  TX bytes:109381416 (104.3 MiB)

eth0      Link encap:Ethernet  HWaddr 00:0C:29:85:DA:E0  
          inet addr:10.0.0.101  Bcast:10.0.0.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe85:dae0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1667149 errors:0 dropped:0 overruns:0 frame:0
          TX packets:379134 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2410223695 (2.2 GiB)  TX bytes:127704831 (121.7 MiB)

eth1      Link encap:Ethernet  HWaddr 00:0C:29:85:DA:EA  
          inet addr:172.16.1.101  Bcast:172.16.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe85:daea/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:1672 (1.6 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

veth2144a4a Link encap:Ethernet  HWaddr AE:26:2D:7D:BA:B9  
          inet6 addr: fe80::ac26:2dff:fe7d:bab9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:656 (656.0 B)

Container（K8s 使用的模式）

20230912193230

## 启动一个centos
[root@docker01 ~]# docker run -it centos:7 /bin/bash
[root@6f25e43e5e9b /]# curl 127.0.0.1
curl: (7) Failed connect to 127.0.0.1:80; Connection refused # 连接127.0.0.1:80失败;连接拒绝
[root@6f25e43e5e9b /]# hostname -I
172.17.0.2

## 启动一个nginx使用container模式
[root@docker01 ~]# docker run --network=container:6f25e43e5e9b -d nginx:alpine
[root@docker01 ~]# docker exec -it c0daffdfd3fc7a3b /bin/sh
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02  
          inet addr:172.17.0.2  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)

## 再curl一下
[root@6f25e43e5e9b /]# curl 127.0.0.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

None

20230912193229

## 无网络模式
[root@docker01 docker]# docker run -it --network none busybox /bin/sh
/ # ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

自定义网络模式

以上 4 种模式都是 docker 自带的网络模式，docker 还有一种叫做自定义网络模式

20230912193229_2

## 创建自定义网络模板
docker network create -d <mode> --subnet <CIDR> --gateway <网关> <自定义网路名称>

## 创建自定义网络
[root@docker01 docker]# docker network create -d bridge --subnet 192.168.20.0/24 --gateway 192.168.20.1 Shanghai
22d2f7f9f37b0fd7968e30a06fe262116049dd89f4657735dba4a4587f899e8d
## 查看网络模式
[root@docker01 docker]# docker network ls
NETWORK ID     NAME       DRIVER    SCOPE
22d2f7f9f37b   Shanghai   bridge    local
afc1a46a075c   bridge     bridge    local
13b1e5b180ca   host       host      local
93421e492ab8   none       null      local

## VPC网络
[root@docker01 docker]# docker run -it --network Shanghai busybox /bin/sh
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:14:02  
          inet addr:192.168.20.2  Bcast:192.168.20.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:962 (962.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

/ # ping 192.168.20.2
PING 192.168.20.2 (192.168.20.2): 56 data bytes
64 bytes from 192.168.20.2: seq=0 ttl=64 time=0.036 ms
64 bytes from 192.168.20.2: seq=1 ttl=64 time=0.058 ms

[root@docker01 ~]# docker run -it busybox /bin/sh
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:0A:03  
          inet addr:192.168.10.3  Bcast:192.168.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:516 (516.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

/ # ping 192.168.20.2
PING 192.168.20.2 (192.168.20.2): 56 data bytes

docker 网络类型

Briage

修改网桥 IP

Host

Container（K8s 使用的模式）

None

自定义网络模式

暂无评论

发表评论取消回复

Docker 网络

docker 网络类型

Briage

修改网桥 IP

Host

Container（K8s 使用的模式）

None

自定义网络模式

暂无评论

发表评论 取消回复

发表评论取消回复