本文章來自【知識林】
在Docker服務(wù)安裝成功后默認有三個網(wǎng)絡(luò)(docker network ls
):
C:\Users\zsl-pc>docker network ls
NETWORK ID NAME DRIVER SCOPE
992344cd89fe bridge bridge local
06445f4f5774 host host local
2d964ece79b9 none null local
bridge
:是容器的默認網(wǎng)絡(luò)祭隔,可以配置后與宿主機通信從而與互聯(lián)網(wǎng)互聯(lián)互通贺待。
host
和none
:是屬于無網(wǎng)絡(luò)(可以使用docker network inspect host
查看晒屎,其中無子網(wǎng)和網(wǎng)關(guān))寞埠,容器添加到這兩個網(wǎng)絡(luò)時時將容器添加到特定的容器網(wǎng)絡(luò)堆棧,是不能與外界網(wǎng)絡(luò)通信的稿静。
每當使用docker run
啟動一個容器時娇掏,這個容器都會有一個默認的網(wǎng)絡(luò),即bridge
空执。
可以通過inspect
命令查看各網(wǎng)絡(luò)中的容器(查看bridge
網(wǎng)絡(luò)):
C:\Users\zsl-pc>docker network inspect bridge
[
{
"Name": "bridge",
"Id": "992344cd89fe90aa240651e7497131e5dc40539d3f1ad540f973feab6b345b3c"
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
在Containers中看到是空浪箭,表示目前還沒有任何容器加入到這個網(wǎng)絡(luò)。
啟動容器:
docker run -d -it --name c1 centos /bin/bash -c "while true; do echo hello; sleep 1; done"
說明:啟動了一個名為c1
的Centos的容器辨绊,每隔一秒輸出hello
奶栖,可以通過docker logs c1
查看輸出信息。
此時再查看bridge
網(wǎng)絡(luò)(docker network inspect bridge
):
C:\Users\zsl-pc>docker network inspect bridge
…………
"Containers": {
"7883225f9192cb4eb68283fd47bc9435ab70dd76803ede1d926f30db3bb1101f": {
"Name": "c1",
"EndpointID": "e784f093b0c810f5c5112235e2e8502f6193077fa5da44a9a527aa9086894382",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
}
…………
說明:可以看到bridge
網(wǎng)絡(luò)中已經(jīng)有一個容器c1
,且IP地址是172.17.0.2
宣鄙。
通過這個例子可以看出在docker run
啟動容器時在未指定網(wǎng)絡(luò)情況下默認使用了bridge
這個網(wǎng)絡(luò)袍镀。
在容器中查看網(wǎng)絡(luò)
C:\Users\zsl-pc>docker exec -it c1 /bin/bash
[root@7883225f9192 /]# more /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 7883225f9192
[root@7883225f9192 /]#
可以看到主機名7883225f9192
對應(yīng)的IP地址正是前面所說的172.17.0.2
。也可通過ifconfig
查看容器內(nèi)部的網(wǎng)絡(luò)信息冻晤,如果提示:bash: ifconfig: command not found
可以先安裝網(wǎng)絡(luò)工具:yum install -y net-tools
苇羡,安裝完成后再輸入:ifconfig
[root@7883225f9192 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 2057 bytes 7829768 (7.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1873 bytes 105536 (103.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0
就是這個容器的網(wǎng)卡信息,也可以看出IP地址是172.17.0.2
鼻弧。
再啟動一個容器與其他容器通信
docker run -d -it --name c2 centos /bin/bash -c "while true; do echo hello; sleep 1; done"
說明:又啟動了一個容器设江,名稱為c2
,與c1
做的事情一樣温数。再使用docker network inspect bridge
可以看到:
C:\Users\zsl-pc>docker network inspect bridge
…………
"Containers": {
"7117f84edc269c5f61052a136791e775e26372c2b977db77081cd78533e5721e": {
"Name": "c2",
"EndpointID": "78be5b7b0737d23082607fd016664017df77ceb1d469d9a3972033796ac8d761",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"7883225f9192cb4eb68283fd47bc9435ab70dd76803ede1d926f30db3bb1101f": {
"Name": "c1",
"EndpointID": "859ff1ec55e136c5ec431df7baaf42af8f2a3e872a7472e16e392a9fa68d797d",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
}
…………
可以看出:c1
和c2
是在一個局域網(wǎng)內(nèi)绣硝,c2
的IP地址是172.17.0.3
,可以嘗試互相ping一下看是否能ping通:
C:\Users\zsl-pc>docker exec -it c2 /bin/bash
[root@7117f84edc26 /]# ping -w 4 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.044 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.114 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.120 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.121 ms
64 bytes from 172.17.0.2: icmp_seq=5 ttl=64 time=0.115 ms
--- 172.17.0.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3996ms
rtt min/avg/max/mdev = 0.044/0.102/0.121/0.032 ms
[root@7117f84edc26 /]# exit
C:\Users\zsl-pc>docker exec -it c1 /bin/bash
[root@7883225f9192 /]# ping -w 4 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.048 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.107 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.089 ms
64 bytes from 172.17.0.3: icmp_seq=4 ttl=64 time=0.113 ms
64 bytes from 172.17.0.3: icmp_seq=5 ttl=64 time=0.114 ms
--- 172.17.0.3 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3996ms
rtt min/avg/max/mdev = 0.048/0.094/0.114/0.025 ms
[root@7883225f9192 /]#
在c2
里面是可以ping通c1
的IP地址撑刺,在c1
里面也可以ping通c2
的IP地址鹉胖,說明在一個網(wǎng)絡(luò)下的容器是可以相互通信的。
本文章來自【知識林】