kubernetes(三)之Docker網絡詳解
容器網絡詳解
虛擬網絡類型
-
虛擬化常見的網絡類型(虛擬橋接式網絡)html
- 隔離橋:127.0.0.1
- 僅主機橋:不能對外通訊
- 路由器橋: 能夠被nat發出去,可是不能
- NAT橋: NAT鏈接追蹤實現主機與外部互相通訊
- docker常見的網絡類型
- 橋網絡: bridge,docker0 實現NAT
- 聯盟式網絡:共享NET,IPC,UTS
- host網絡: 容器共享宿主機網絡
- none網絡:封閉式網絡
docker四類網絡實踐
- none封閉式網絡: 只有lo網卡,其餘的都沒有
[root@centos7-node1 ~]# docker run --name tinyweb2 -it --rm --network none wanghui122725501/myimg:v0.4 /bin/sh
/ # ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- bridge:默認網絡也是bridge
[root@centos7-node1 ~]# docker run --name tinyweb2 -d --network bridge wanghui122725501/myimg:v0.4
[root@centos7-node1 ~]# docker exec -it tinyweb2 /bin/sh
/ # ifconfig -a
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:07
inet addr:172.17.0.7 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:516 (516.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- 聯盟式網絡:主機名,IP
[root@centos7-node1 ~]# docker run --name joinedc1 -it --rm --network container:tinyweb2 wanghui122725501/myimg:v0.4 /bin/sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:07
inet addr:172.17.0.7 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:656 (656.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- host網絡:共享宿主機全部網卡
[root@centos7-node1 ~]# docker run --name tintweb3 -it --rm --network host wanghui122725501/myimg:v0.4 /bin/sh / # ifconfig /data/web # /bin/httpd -h /data/web/html/
能夠直接訪問宿主機ip,獲得對應的結果node
docker其餘網絡參數
- 指定docker的主機名: 使用
-h或者--hostname
[root@centos7-node1 ~]# docker run --name bbox2 -it --rm --hostname mybbox2.cropy.cn busybox / # hostname mybbox2.cropy.cn
- 增長hosts主機名解析(
--add-host能夠使用屢次)
[root@centos7-node1 ~]# docker run --name bbox3 -it --rm --add-host bbox3.cropy.cn:172.17.0.10 --add-host gw.cropy.cn:172.17.0.1 busybox
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:06
inet addr:172.17.0.6 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:586 (586.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.10 bbox3.cropy.cn
- 增長DNS注入(
--dns,--dns-search)
[root@centos7-node1 ~]# docker run --name bbox3 -it --rm --add-host bbox3.cropy.cn:172.17.0.10 --add-host gw.cropy.cn:172.17.0.1 --dns 172.17.0.1 --dns 114.114.114.114 --dns-search cropy.cn busybox / # cat /etc/resolv.conf search cropy.cn nameserver 172.17.0.1 nameserver 114.114.114.114
端口映射
- 非docker環境下的映射
iptables -t nat -A PREROUTING -d GW_IP -p tcp|udp --dport 10080 -j DNAT --to-destination BE_server_IP:port
-
EXPOSE(docker端口發佈):
-p選項web -p選項的使用格式-p <containerPort>: 將指定的容器端口映射至所在宿主機的任意端口-p <hostPort>:<containerPort>:將容器端口映射至所在宿主機的指定端口-p <ip>::<containerPort>: 將指定容器的端口映射至所在主機指定IP的動態端口-p <ip>:<hostPort>:<containerPort>: 將指定容器的端口映射至所在主機指定IP的指定端口
實例
[root@centos7-node1 ~]# docker run --name mytinyweb3 -d --network bridge -p 80 wanghui122725501/myimg:v0.4 #隨機端口映射 [root@centos7-node1 ~]# docker port mytinyweb3 #查看映射詳情(iptables -t nat -vnL 這個也能夠) 80/tcp -> 0.0.0.0:32768 [root@centos7-node1 ~]# docker kill mytinyweb3 && docker rm mytinyweb3 [root@centos7-node1 ~]# docker run --name mytinyweb3 -d --rm --network bridge -p 80:80 wanghui122725501/myimg:v0.4 #指定端口映射 [root@centos7-node1 ~]# docker run --name mytinyweb3 -d --network bridge -p 192.168.56.11::80 wanghui122725501/myimg:v0.4 [root@centos7-node1 ~]# docker kill mytinyweb3 && docker rm mytinyweb3 [root@centos7-node1 ~]# docker run --name mytinyweb3 -d --network bridge -p 192.168.56.11:80:80 wanghui122725501/myimg:v0.4 [root@centos7-node1 ~]# docker kill mytinyweb3 && docker rm mytinyweb3 [root@centos7-node1 ~]# docker run --name mytinyweb3 -d --network bridge -p 80:80 -p 443:443 wanghui122725501/myimg:v0.4 #多端口映射
docker network操做
- 經常使用命令
[root@centos7-node1 ~]# docker network --help Usage: docker network COMMAND Manage networks Commands: connect Connect a container to a network create Create a network disconnect Disconnect a container from a network inspect Display detailed information on one or more networks ls List networks prune Remove all unused networks rm Remove one or more networks
- 實踐操做
[root@centos7-node1 ~]# docker info | grep Network #能夠支持建立的網絡類型
Network: bridge host ipvlan macvlan null overlay
[root@centos7-node1 ~]# docker network create --subnet 10.10.0.0/24 mybr0 #建立mybr0 網絡
[root@centos7-node1 ~]# docker run --name mytinyweb3 -it --network mybr0 -p 80 -p 443 wanghui122725501/myimg:v0.4 /bin/sh #建立容器並查看ip
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:0A:0A:00:02
inet addr:10.10.0.2 Bcast:10.10.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1032 (1.0 KiB) TX bytes:0 (0.0 B)
[root@centos7-node1 ~]# docker network connect bridge mytinyweb3 #另開終端,將mytinyweb3連入bridge(docker0: 172.17.0.0)網絡
/ # ifconfig #查看網絡,發現mytinyweb3 有了兩塊網卡
eth0 Link encap:Ethernet HWaddr 02:42:0A:0A:00:02
inet addr:10.10.0.2 Bcast:10.10.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:656 (656.0 B) TX bytes:0 (0.0 B)
eth1 Link encap:Ethernet HWaddr 02:42:AC:11:00:06
inet addr:172.17.0.6 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:656 (656.0 B) TX bytes:0 (0.0 B)
[root@centos7-node1 ~]# docker network disconnect bridge mytinyweb3 #去掉mytinyweb3的bridge網卡
[root@centos7-node1 ~]# docker kill mytinyweb3 && docker rm mytinyweb3
[root@centos7-node1 ~]# docker network rm mybr0
- 修改默認的docker0橋的地址,設置bip便可
[root@centos7-node1 ~]# vim /etc/docker/daemon.json
{
"bip": "172.31.0.1/16",
"registry-mirrors": ["https://0b8hhs68.mirror.aliyuncs.com"],
"storage-driver": "overlay2",
"graph":"/data/docker",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
[root@centos7-node1 ~]# systemctl restart docker
[root@centos7-node1 ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.31.0.1 netmask 255.255.0.0 broadcast 172.31.255.255
相關文章
- 1. Docker網絡詳解之Host
- 2. Docker網絡之bridge0 詳解
- 3. Docker之網絡詳解(一)
- 4. Kubernetes之網絡通信方式詳解
- 5. Docker網絡詳解
- 6. docker 網絡詳解
- 7. Docker學習之路(三)Docker網絡詳解
- 8. 理解Kubernetes網絡之Flannel網絡
- 9. Docker:網絡模式詳解
- 10. Docker網絡模式詳解
- 更多相關文章...
- • 免費ARP詳解 - TCP/IP教程
- • 網絡協議是什麼? - TCP/IP教程
- • 互聯網組織的未來:剖析GitHub員工的任性之源
- • Docker容器實戰(八) - 漫談 Kubernetes 的本質
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. Duang!超快Wi-Fi來襲
- 2. 機器學習-補充03 神經網絡之**函數(Activation Function)
- 3. git上開源maven項目部署 多module maven項目(多module maven+redis+tomcat+mysql)後臺部署流程學習記錄
- 4. ecliple-tomcat部署maven項目方式之一
- 5. eclipse新導入的項目經常可以看到「XX cannot be resolved to a type」的報錯信息
- 6. Spark RDD的依賴於DAG的工作原理
- 7. VMware安裝CentOS-8教程詳解
- 8. YDOOK:Java 項目 Spring 項目導入基本四大 jar 包 導入依賴,怎樣在 IDEA 的項目結構中導入 jar 包 導入依賴
- 9. 簡單方法使得putty(windows10上)可以免密登錄樹莓派
- 10. idea怎麼用本地maven
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. Docker網絡詳解之Host
- 2. Docker網絡之bridge0 詳解
- 3. Docker之網絡詳解(一)
- 4. Kubernetes之網絡通信方式詳解
- 5. Docker網絡詳解
- 6. docker 網絡詳解
- 7. Docker學習之路(三)Docker網絡詳解
- 8. 理解Kubernetes網絡之Flannel網絡
- 9. Docker:網絡模式詳解
- 10. Docker網絡模式詳解