4.4 容器之間的link

時間 2021-03-15

標籤 node docker shell json 網絡 less 測試 vagrant 3d code 欄目 Docker 简体版

原文原文鏈接

使用--link來鏈接容器

https://docs.docker.com/netwo...

Warning: The --link flag is a legacy feature of Docker. It may eventually be removed. Unless you absolutely need to continue using it, we recommend that you use user-defined networks to facilitate communication between two containers instead of using --link. One feature that user-defined networks do not support that you can do with --link is sharing environmental variables between containers. However, you can use other mechanisms such as volumes to share environment variables between containers in a more controlled way.node

刪除原有的test2容器，而後從新建立一個，使用--link選項鍊接test1容器docker

docker run -d --name test2 --link test1 busybox /bin/sh -c "while true;do sleep 3600;done"

目前test1與test2的ip分別爲172.17.0.2/16，172.17.0.3/16。
因爲建立test2容器的時候，使用了--link，以下兩種方式都是等價的。
但第二種方式的好處是：shell

它可讓咱們在處理業務邏輯的時候不用關心鏈接的外部容器的ip究竟是什麼。
假設咱們設置的db外部的容器重啓以後IP變了，這個

docker exec -it test2 ping 172.17.0.2
docker exec -it test2 ping test1

--link並非雙向的，想在test1上使用name來ping通test2就是不行的json

#ok
docker exec -it test1 ping 172.17.0.3
#failure
docker exec -it test1 ping test2

手動創建bridge網絡

作完上述的link實驗以後，刪掉test2容器，回過頭查看一下docker網絡網絡

[vagrant@docker-node1 ~]$ docker network ls
NETWORK ID NAME DRIVER SCOPE
a61c325bd7ba bridge bridge local
efb6975c8935 host host local
3fa0f2e1a00b none null local

而後咱們本身新建一個bridge網絡less

docker network create -d bridge my-bridge

建完以後，網絡列表是這樣的：測試

[vagrant@docker-node1 ~]$ docker network ls
NETWORK ID NAME DRIVER SCOPE
a61c325bd7ba bridge bridge local
efb6975c8935 host host local
4213425c5293 my-bridge bridge local
3fa0f2e1a00b none null local

使用brctl show命令查看，結果以下vagrant

bridge name	bridge id	STP enabled	interfaces
br-4213425c5293	8000.02421f24b958	no
docker0	8000.02425387e6fb	no	veth1d4a1de

而後新建一個test3容器，使它鏈接到咱們手動創建的my-bridge網絡3d

docker run -d --name test3 --network my-bridge busybox /bin/sh -c "while true;do sleep 3600;done"

此時再使用brctl show命令，就能夠查看到my-bridge網絡的veth接口了code

bridge name	bridge id	STP enabled	interfaces
br-4213425c5293	8000.02421f24b958	no	veth7bb5433
docker0	8000.02425387e6fb	no	veth1d4a1de

使用docker network inspect 4213425c5293命令，也能看到該網絡下的test3容器了

{
    "Containers": {
        "b9716e4b50ddb4800a03bd04530eea086331493a50fa1dffbcdcadad1801ba58": {
            "Name": "test3",
            "EndpointID": "ee2124e316486c522ba5414fb5bfd4fc463f45c22e944d65a0028fbcacf39794",
            "MacAddress": "02:42:ac:12:00:02",
            "IPv4Address": "172.18.0.2/16",
            "IPv6Address": ""
        }
    }
}

而後咱們再讓test1在鏈接name爲bridge的網絡的基礎上，使它還能夠鏈接到my-bridge

docker network connect my-bridge test1

此時test1就同時鏈接到bridge和my-bridge兩個網絡上了。
name爲bridge的網絡

docker network inspect a61c325bd7ba
{
    "Containers": {
        "5b567458c87cc1c7eff73d47a753e1171c6478f2705868f01ebd858b196a2283": {
            "Name": "test1",
            "EndpointID": "e6710f0db01bdbf3669aabeab866a4f27bf1605226dd3d3c98a8b7ea1c6896f0",
            "MacAddress": "02:42:ac:11:00:02",
            "IPv4Address": "172.17.0.2/16",
            "IPv6Address": ""
        }
    }
}

name爲my-bridge的網絡

docker network inspect 4213425c5293
{
    "Containers": {
        "5b567458c87cc1c7eff73d47a753e1171c6478f2705868f01ebd858b196a2283": {
            "Name": "test1",
            "EndpointID": "a12ab3ef7cdb07c4cd6cb7bd7f5114e6b05107b19de0240abe1f704d46d8afae",
            "MacAddress": "02:42:ac:12:00:03",
            "IPv4Address": "172.18.0.3/16",
            "IPv6Address": ""
        },
        "b9716e4b50ddb4800a03bd04530eea086331493a50fa1dffbcdcadad1801ba58": {
            "Name": "test3",
            "EndpointID": "ee2124e316486c522ba5414fb5bfd4fc463f45c22e944d65a0028fbcacf39794",
            "MacAddress": "02:42:ac:12:00:02",
            "IPv4Address": "172.18.0.2/16",
            "IPv6Address": ""
        }
    }
}

而後作以下測試，發現test1和test3都是能夠ping通的，至於爲啥沒有使用--link選項也能經過name來ping通，並且仍是雙向ping通呢？

這是由於docker容器只要不是加入默認的bridge網絡，而是自定義的bridge網絡，容器之間都是能夠互相ping通的

docker exec test1 ping test3
docker exec test1 ping 172.18.0.2
docker exec test3 ping test1
docker exec test3 ping 172.18.0.3

至於以下ping失敗的緣由，則是test1雖然有兩個ip，而且和test3有互通的網絡，可是這兩個ip徹底不在一個網段上了。

docker exec test3 ping 172.17.0.2

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。