- connect 将某个容器连接到一个docker网络create 创建一个docker局域网络
- disconnect 将某个容器退出某个局域网络
- inspect 显示某个局域网络信息
- ls 显示所有docker局域网络
- prune 删除所有未引用的docker局域网络
- rm 删除docker网络
一、拉取镜像创建容器
[liqingfei@docker ~]$ sudo docker pull liqingfei01/cnetos7-test01[liqingfei@docker ~]$ sudo docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEliqingfei01/cnetos7-test01 latest 631c6a5a54fd 9 minutes ago 530MB
创建两个容器:
[liqingfei@docker ~]$ sudo docker run -itd --name=test1 liqingfei01/cnetos7-test01
[liqingfei@docker ~]$ sudo docker run -itd --name=test2 liqingfei01/cnetos7-test01
[liqingfei@docker ~]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c8a6c9505249 liqingfei01/cnetos7-test01 "/bin/bash" 20 seconds ago Up 19 seconds test2
6b41c2a447a0 liqingfei01/cnetos7-test01 "/bin/bash" 36 seconds ago Up 36 seconds test1
二、查看网络连接状态
[liqingfei@docker ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
ad6c4a9868fa bridge bridge local
fd017b022141 host host local
ca3235108b83 none null local
这里有个bridge,默认情况下创建的所有容器都会在bridge网段;查看bridge网段详情通常是
[liqingfei@docker ~]$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "ad6c4a9868fa9a4de69c157aff2eaa94179d21c4062714a92994ab0d3448b19f",
"Created": "2021-05-12T09:53:27.862628537+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.7.21.0/24",
"Gateway": "172.7.21.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"6b41c2a447a04c04ae9bc5238ffdfb5265d7f519021d38e660a4f22c5d90dc01": {
"Name": "test1",
"EndpointID": "af200398b12aab4dbbb4d69eb6b2756ee13de691333726c61101721f14d6959d",
"MacAddress": "02:42:ac:07:15:02",
"IPv4Address": "172.7.21.2/24",
"IPv6Address": ""
},
"c8a6c95052496f867e89ec090c7534876fc5a598c201862194f6cdbb8c57f046": {
"Name": "test2",
"EndpointID": "29f7bc4ff16c3ac7d0f3a009a0de2b93b459b8bba081f09db486589ca7228a03",
"MacAddress": "02:42:ac:07:15:03",
"IPv4Address": "172.7.21.3/24",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
这里我们下在一个小插件:sudo yum install -y bridge-utils
这样执行 sudo brctl show
[liqingfei@docker ~]$ sudo brctl show
bridge name bridge id STP enabled interfaces
bridge0 8000.000000000000 no
docker0 8000.02420422ce3c no veth821e7dc
vethd0ab212
可以清晰简单的看到连接到各网段的容器
进入test1容器docker exec -it test1 sh
[liqingfei@docker ~]$ sudo docker exec -it test1 sh
在上图可以看到test2 的ip是172.7.21.3,那么我们ping一下test2试试看是否网络可通
[liqingfei@docker ~]$ sudo docker exec -it test1 sh
sh-4.2# ^C
sh-4.2# ping 172.7.21.3
PING 172.7.21.3 (172.7.21.3) 56(84) bytes of data.
64 bytes from 172.7.21.3: icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from 172.7.21.3: icmp_seq=2 ttl=64 time=0.050 ms
64 bytes from 172.7.21.3: icmp_seq=3 ttl=64 time=0.049 ms
64 bytes from 172.7.21.3: icmp_seq=4 ttl=64 time=0.056 ms
64 bytes from 172.7.21.3: icmp_seq=5 ttl=64 time=0.051 ms
64 bytes from 172.7.21.3: icmp_seq=6 ttl=64 time=0.055 ms
64 bytes from 172.7.21.3: icmp_seq=7 ttl=64 time=0.059 ms
^C
--- 172.7.21.3 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 5999ms
rtt min/avg/max/mdev = 0.049/0.055/0.069/0.010 ms
是可以的 因为其在同一各网段;那么直接ping容器名字呢?
sh-4.2# ping test2
ping: unknown host test2
sh-4.2#
那么使用—link 简单的命令试试结果吧
[liqingfei@docker ~]$ sudo docker run -d -it --link test2 --name test3 liqingfei01/cnetos7-test01
[liqingfei@docker ~]$ sudo docker exec -it test3 /bin/sh
sh-4.2# ping test2
PING test2 (172.7.21.3) 56(84) bytes of data.
64 bytes from test2 (172.7.21.3): icmp_seq=1 ttl=64 time=0.073 ms
64 bytes from test2 (172.7.21.3): icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from test2 (172.7.21.3): icmp_seq=3 ttl=64 time=0.053 ms
64 bytes from test2 (172.7.21.3): icmp_seq=4 ttl=64 time=0.052 ms
64 bytes from test2 (172.7.21.3): icmp_seq=5 ttl=64 time=0.047 ms
^C
--- test2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3999ms
rtt min/avg/max/mdev = 0.047/0.055/0.073/0.011 ms
sh-4.2# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.7.21.3 test2 c8a6c9505249
172.7.21.4 df5748325c69
三、那么如果不是在bridge网段的同期是否能ping通呢
首先建一个网段取名为:my-bridge
[liqingfei@docker ~]$ sudo docker network create --driver bridge my-bridge
5054f103cc9db5c947703aab35befced6627505081446355984d119d969a25c4
[liqingfei@docker ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
ad6c4a9868fa bridge bridge local
fd017b022141 host host local
5054f103cc9d my-bridge bridge local
ca3235108b83 none null local
其中–driver是表示基于后面参数bridge建立的网段my-bridge,创建一个在my-bridge网段的容器
[liqingfei@docker ~]$ sudo docker network inspect my-bridge
[
{
"Name": "my-bridge",
"Id": "5054f103cc9db5c947703aab35befced6627505081446355984d119d969a25c4",
"Created": "2021-05-16T22:03:41.188441682+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[liqingfei@docker ~]$ sudo docker run -itd --name=test5 --network=my-bridge liqingfei01/cnetos7-test01
183d94d54fabc9e53ee1d966c02be12723013af00f1149492b3f1410a93c977e
很显然test5 和test1.2.3都不在一个网段
[liqingfei@docker ~]$ sudo docker network inspect my-bridge
[
{
"Name": "my-bridge",
"Id": "5054f103cc9db5c947703aab35befced6627505081446355984d119d969a25c4",
"Created": "2021-05-16T22:03:41.188441682+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"183d94d54fabc9e53ee1d966c02be12723013af00f1149492b3f1410a93c977e": {
"Name": "test5",
"EndpointID": "12278a27b68215882fac223b8499884aadf86ff1ea2b232491662b402390b27d",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
测试ping
[liqingfei@docker ~]$ sudo docker exec -it test5 /bin/sh
sh-4.2# ping test3
ping: unknown host test3
sh-4.2# ping test2
ping: unknown host test2
sh-4.2# ping test1
ping: unknown host test1
不行的,先看看网络连接
[liqingfei@docker ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
ad6c4a9868fa bridge bridge local
fd017b022141 host host local
5054f103cc9d my-bridge bridge local
ca3235108b83 none null local
[liqingfei@docker ~]$ sudo br
brctl break bridge
[liqingfei@docker ~]$ sudo brctl show
bridge name bridge id STP enabled interfaces
br-5054f103cc9d 8000.024241792fef no vethbc3da60
bridge0 8000.000000000000 no
docker0 8000.02420422ce3c no veth821e7dc
vethd0ab212
vethee656e9
我们把test5也加入bridge网段(test5会有两个ip)
[liqingfei@docker ~]$ sudo docker network connect bridge test5
[liqingfei@docker ~]$ sudo brctl show
bridge name bridge id STP enabled interfaces
br-5054f103cc9d 8000.024241792fef no vethbc3da60
bridge0 8000.000000000000 no
docker0 8000.02420422ce3c no veth02c3256
veth821e7dc
vethd0ab212
vethee656e9
[liqingfei@docker ~]$ sudo docker exec -it test5 ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 27 bytes 2956 (2.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14 bytes 954 (954.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.7.21.5 netmask 255.255.255.0 broadcast 172.7.21.255
ether 02:42:ac:07:15:05 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 12 bytes 1152 (1.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12 bytes 1152 (1.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[liqingfei@docker ~]$ sudo docker network inspect bridge
......
},
"ConfigOnly": false,
"Containers": {
"183d94d54fabc9e53ee1d966c02be12723013af00f1149492b3f1410a93c977e": {
"Name": "test5",
"EndpointID": "d05a7178ec2d2b3567349fc810c0a7960c64e467b7f49bed1378fe40e0b70365",
"MacAddress": "02:42:ac:07:15:05",
"IPv4Address": "172.7.21.5/24",
"IPv6Address": ""
},
"6b41c2a447a04c04ae9bc5238ffdfb5265d7f519021d38e660a4f22c5d90dc01": {
"Name": "test1",
"EndpointID": "af200398b12aab4dbbb4d69eb6b2756ee13de691333726c61101721f14d6959d",
"MacAddress": "02:42:ac:07:15:02",
"IPv4Address": "172.7.21.2/24",
"IPv6Address": ""
},
"c8a6c95052496f867e89ec090c7534876fc5a598c201862194f6cdbb8c57f046": {
"Name": "test2",
"EndpointID": "29f7bc4ff16c3ac7d0f3a009a0de2b93b459b8bba081f09db486589ca7228a03",
"MacAddress": "02:42:ac:07:15:03",
"IPv4Address": "172.7.21.3/24",
"IPv6Address": ""
},
"df5748325c697dd03d969ba1b8fdd111401ccc934103411245c1c7b9fc2266a7": {
"Name": "test3",
"EndpointID": "b0eefb5f81f14ce71790f756f8376941f640740a8714060ce97f3e1e43a5fc64",
"MacAddress": "02:42:ac:07:15:04",
"IPv4Address": "172.7.21.4/24",
"IPv6Address": ""
}
},
......
test5测试ping (test1,2,3)
[liqingfei@docker ~]$ sudo docker exec -it test5 ping 172.7.21.2
PING 172.7.21.2 (172.7.21.2) 56(84) bytes of data.
64 bytes from 172.7.21.2: icmp_seq=1 ttl=64 time=0.092 ms
64 bytes from 172.7.21.2: icmp_seq=2 ttl=64 time=0.055 ms
64 bytes from 172.7.21.2: icmp_seq=3 ttl=64 time=0.053 ms
^C
--- 172.7.21.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.053/0.066/0.092/0.020 ms
[liqingfei@docker ~]$ sudo docker exec -it test5 ping 172.7.21.3
PING 172.7.21.3 (172.7.21.3) 56(84) bytes of data.
64 bytes from 172.7.21.3: icmp_seq=1 ttl=64 time=0.084 ms
64 bytes from 172.7.21.3: icmp_seq=2 ttl=64 time=0.054 ms
64 bytes from 172.7.21.3: icmp_seq=3 ttl=64 time=0.049 ms
^C
--- 172.7.21.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.049/0.062/0.084/0.016 ms
[liqingfei@docker ~]$ sudo docker exec -it test5 ping 172.7.21.4
PING 172.7.21.4 (172.7.21.4) 56(84) bytes of data.
64 bytes from 172.7.21.4: icmp_seq=1 ttl=64 time=0.080 ms
64 bytes from 172.7.21.4: icmp_seq=2 ttl=64 time=0.047 ms
64 bytes from 172.7.21.4: icmp_seq=3 ttl=64 time=0.049 ms
^C
--- 172.7.21.4 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.047/0.058/0.080/0.017 ms
一、实现不同网段容器网络互通
[liqingfei@docker02 ~]$ sudo docker network create mac_net2
e5df64155c21beabe3a6f56636d21ac6e403d21d733bdf5f4ddeebcae4dbad6b
[liqingfei@docker02 ~]$ sudo docker network create mac_net3
8600631ea7fbe0ab39a386f0010331d2b76fdd987d956feac94ded2a3cc5cf6f
[liqingfei@docker02 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
26f0c61328c6 bridge bridge local
202bac44a904 host host local
a2f696c7a8b0 mac_net1 macvlan local
e5df64155c21 mac_net2 bridge local
8600631ea7fb mac_net3 bridge local
a9ad2008a52d none null local
[liqingfei@docker02 ~]$ sudo docker inspect mac_net2
[
{
"Name": "mac_net2",
"Id": "e5df64155c21beabe3a6f56636d21ac6e403d21d733bdf5f4ddeebcae4dbad6b",
"Created": "2021-05-17T00:19:09.852711194+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[liqingfei@docker02 ~]$ sudo docker inspect mac_net3
[
{
"Name": "mac_net3",
"Id": "8600631ea7fbe0ab39a386f0010331d2b76fdd987d956feac94ded2a3cc5cf6f",
"Created": "2021-05-17T00:19:14.268346954+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[liqingfei@docker02 ~]$ sudo docker run -itd --name test1 --network mac_net2 liqingfei01/cnetos7-test01
387e7d536347ab04313f460afc702319b85998f0d5b204f0831bed0f0a3eae5d
[liqingfei@docker02 ~]$ sudo docker run -itd --name test2 --network mac_net3 liqingfei01/cnetos7-test01
14ccbbb0466e76935b7bfdc8d12e88b4109986cb3058ce7e84b04ad479cca774
[liqingfei@docker02 ~]$ sudo docker exec -it test1 ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 13 bytes 1102 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[liqingfei@docker02 ~]$ sudo docker exec -it test2 ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.2 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:ac:12:00:02 txqueuelen 0 (Ethernet)
RX packets 13 bytes 1102 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
liqingfei@docker02 ~]$ sudo docker exec -it test2 /bin/bash
[root@14ccbbb0466e /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
-- 172.17.0.2 ping statistics ---
34 packets transmitted, 0 received, 100% packet loss, time 32999ms
[liqingfei@docker02 ~]$ sudo docker network connect mac_net2 test2
[liqingfei@docker02 ~]$ sudo docker exec -it test2 /bin/bash
[root@4240f0c9ccbc /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.072 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.053 ms
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.053/0.062/0.072/0.012 ms
[root@4240f0c9ccbc /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.2 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:ac:12:00:02 txqueuelen 0 (Ethernet)
RX packets 19 bytes 1118 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 368 bytes 35448 (34.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 12 bytes 936 (936.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 280 (280.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
若有收获,就点个赞吧
0 人点赞
