docker的网络类型和使用方式-CSDN博客

docker的网络类型

5种网络类型

bridge
默认类型，桥接到宿主机docker0的网络，有点类似于VM虚拟机的NAT网络模型。
案例:
docker run –rm -itd –network bridge –name wzy666wzy-bridge alpine

host
host类型，共享宿主机的网络空间，网络性能是最高的。
案例:
docker run –rm -itd –network host –name wzy666wzy-host alpine

none
只有本地回环网卡，没有其他网络，即该容器不能上网。
案例:
docker run –rm -itd –network none –name wzy666wzy-none alpine

container
共享其他容器的网络，这个网络在K8S中Pod是频繁使用的。
案例:
docker run –rm -itd –network container:wzy666wzy-bridge –name wzy666wzy-container alpine

custom network
自定义网络，我们可以使用”docker network create”创建自定义网络。
同一个自定义网络中，各个容器可以直接基于容器名称进行通信，无需解析”/etc/hosts”!

bridge类型

docker run -dit --network bridge --name bri-net apps:v1

host类型

docker run -dit --network host --name host-net apps:v1

none不使用网络连接

docker run -dit --network none --name none-net apps:v1

自定义网络

link互联

创建容器

 [root@docker101~]# docker run -di --name c1 apps:v1
[root@docker101~]# docker run -di --name c2 --link c1 apps:v1

查看ip，2个容器的IP并不相同

停止容器c1导致c2没有ip

docker stop c1

开启容器c1可以解决c2没网的问题

create network

创建

创建网络时可以自定义网关，IP地址范围，子网范围，网络类型等

创建：docker network create --subnet 20.0.0.0/24 --ip-range 20.0.0.254/24 --gateway 20.0.0.254 qwe

– 默认是bridge类型

-d bridge 手动指定类型

删除：docker network docker network rm qwe

使用

 [root@docker101~]# docker run -d --name net-qwe -p 80:80 --network qwe apps:v1
8851c9662496ce924b299786789cc85b9e8ee3fa4781156959d106cba45660e6
[root@docker101~]# curl 10.0.0.101
<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8"/>
    <title>yinzhengjie apps v1</title>
    <style>
       div img {
          width: 900px;
          height: 600px;
          margin: 0;
       }
    </style>
  </head>
 
  <body>
    <h1 style="color: green">凡人修仙传 v1 </h1>
    <div>
      <img src="1.jpg">
    <div>
  </body>
 
</html>
[root@docker101~]# docker exec -it net-qwe ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP 
    link/ether 02:42:14:00:00:01 brd ff:ff:ff:ff:ff:ff
    inet 20.0.0.1/24 brd 20.0.0.255 scope global eth0
       valid_lft forever preferred_lft forever
[root@docker101~]# docker container inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' net-qwe 
20.0.0.1

使用自定义网络自动写入hosts

 [root@docker101~]# docker network create -d bridge --subnet 11.0.0.0/24 --gateway 11.0.0.254 wzy666
 
[root@docker101~]# docker run -d -p 81:80 --name n1 --network wzy666 --ip 11.0.0.1 apps:v1
 
[root@docker101~]# docker run -d -p 82:80 --name n2 --network wzy666 --ip 11.0.0.2 apps:v1
 
# 没有手动添加hosts可以ping通
[root@docker101~]# docker exec n1 ping n2 -c3
PING n2 (11.0.0.2): 56 data bytes
64 bytes from 11.0.0.2: seq=0 ttl=64 time=0.261 ms
64 bytes from 11.0.0.2: seq=1 ttl=64 time=0.176 ms
64 bytes from 11.0.0.2: seq=2 ttl=64 time=0.166 ms
 
--- n2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.166/0.201/0.261 ms
 
[root@docker101~]# docker exec n1 cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
11.0.0.1	07888692a0cf

跨节点互联

macvlan

节点	容器	容器IP
docker101	WordPress	172.22.0.1
docker102	database	172.22.0.2

1.两个节点加载Linux内核是否支持macvlan模块，
lsmod | grep macvlan
modprobe macvlan #临时开启macvlan
lsmod | grep macvlan

2.两个节点创建同网段的自定义网络类型

docker network create -d macvlan –subnet 172.29.0.0/16 –gateway 172.29.0.254 -o parent=eth0 wzy-macvlan

3.运行容器

docker102节点：

docker run -d  --name db --network wzy-macvlan --ip 172.22.0.2   -e MYSQL_ALLOW_EMPTY_PASSWORD=yes   -e MYSQL_DATABASE=wordpress   -e MYSQL_USER=wzy   -e MYSQL_PASSWORD=wzy666   mysql:8.3.0-oracle

	docker101节点：

 docker run -d --name wp --network wzy-macvlan --ip 172.22.0.1 -e WORDPRESS_DB_HOST=172.22.0.2:3306 -e WORDPRESS_DB_USER=wzy -e WORDPRESS_DB_PASSWORD=wzy666 -e WORDPRESS_DB_NAME=wordpress -p 80:80 wordpress
 
# 最后添加bridge网卡
docker network connect bridge wp

4.访问测试网页

overlay网络

1.运行consul容器

 docker run -d --network host --restart always --name=dev-consul -e CONSUL_BIND_INTERFACE=eth0 consul:1.15.4
 
root@docker101:~# ss -ntl | grep 8500
LISTEN   0        4096                   *:8500                *:*

2.docker101/102客户端指定consul服务的地址（客户端对应的cluster-advertise值要根据实际情况调整）。然后重启docker.service

 [root@docker101 ~]# cat /etc/docker/daemon.json 
{
  "cluster-store": "consul://10.0.0.101:8500",
   "cluster-advertise": "10.0.0.101:6666"
}
 
[root@docker102~]# systemctl restart docker.service

查看consul节点信息：

3.docker101创建overlay网络

[root@docker101~]# docker network create -d overlay --subnet 172.30.0.0/16 --gateway 172.30.0.254 wzy-overlay

该网络同步到102节点

 [root@docker102~]# docker network ls
NETWORK ID     NAME          DRIVER    SCOPE
3009cd56b1f6   bridge        bridge    local
ca55b5dcb849   host          host      local
8a4525466e60   none          null      local
454a12a54ef7   wzy-overlay   overlay   global

4.创建容器

[root@docker101~]# docker run -d -p 81:80 --name c1 --network wzy-overlay apps:v1

[root@docker102~]# docker run -d -p 82:80 --name c2 --network wzy-overlay apps:v1

5.查看IP地址

 [root@docker101~]# docker exec c1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
40: eth0@if41: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP 
    link/ether 02:42:ac:1e:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.30.0.2/16 brd 172.30.255.255 scope global eth0
       valid_lft forever preferred_lft forever
42: eth1@if43: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP 
    link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
       valid_lft forever preferred_lft forever

 [root@docker102~]# docker exec c2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP 
    link/ether 02:42:ac:1e:00:01 brd ff:ff:ff:ff:ff:ff
    inet 172.30.0.1/16 brd 172.30.255.255 scope global eth0
       valid_lft forever preferred_lft forever
11: eth1@if12: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP 
    link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
       valid_lft forever preferred_lft forever

6.c1可以ping通c2，底层走了vxlan网络

 _lft forever
11: eth1@if12: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP 
    link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
       valid_lft forever preferred_lft forever

6.c1可以ping通c2，底层走了vxlan网络

微精选