开启容器指定网络
一、查看docker的网络模式
查看网络列表
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
ce2ffc7ef5e7 bridge local
95745cfbff7e host host local
ac8838745be1 none null local
开启容器指定网络
使用 --network 加上网络模式 例如:
[root@localhost ~]# docker run -itd --name bbbb --net=bridge centos bash
36cc667c158ea7593b733de8db7a536d4ca1935c8b04ff0c9010b8d06963e564
1、bridge网络模式:使用–net=bridge指定默认模式,不用指定默认就是这种模式。这种模式会为每个容器分配一个独立的Network Namespace。类似于VMware的nat网络模式。同一个宿主机上的所有容器会在同一网段下,相互之间是可以通信的。
例如:
建立两个使用bridge网络模式的容器,看互相是否可以连通。
[root@localhost ~]# docker run -itd --name bbbb --net=bridge centos bash
36cc667c158ea7593b733de8db7a536d4ca1935c8b04ff0c9010b8d06963e564
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
36cc667c158e centos "bash" 35 seconds ago Up 33 seconds bbbb
[root@localhost ~]# docker exec -it 36cc667c158e ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# docker run -it --name rrrr --net=bridge centos /bin/bash
[root@86ec27686bd8 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:3/64 scope link
valid_lft forever preferred_lft forever
[root@86ec27686bd8 /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.259 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.125 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.121 ms
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.121/0.168/0.259/0.065 ms
[root@86ec27686bd8 /]#
2、host网络模式:容器的ip会和虚拟机一样
例如:
创建一个使用host网络的容器hhhh,在容器内查看IP地址,在查看虚拟机的地址,比较一下
[root@localhost ~]# docker run -itd --name hhhh --net=host centos /bin/bash
acf7d0cf36c47422afb7ec988e0df564f91572899853a74299b9c2f0dcfb0e0d
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acf7d0cf36c4 centos "/bin/bash" 7 seconds ago Up 6 seconds hhhh
7dedf69d931a centos:latest "/bin/bash" 47 minutes ago Up 47 minutes host
[root@localhost ~]# docker exec -it hhhh /bin/bash
[root@localhost /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:a8:a1:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.70/24 brd 192.168.200.255 scope global eno16777736
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fea8:a151/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:e3:fc:da:2f brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e3ff:fefc:da2f/64 scope link
valid_lft forever preferred_lft forever
[root@localhost /]# exit
[root@localhost ~]# logout
Last login: Fri Nov 6 22:12:35 2020 from 192.168.200.1
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:a8:a1:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.70/24 brd 192.168.200.255 scope global eno16777736
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fea8:a151/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:e3:fc:da:2f brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e3ff:fefc:da2f/64 scope link
valid_lft forever preferred_lft forever
3、none 网络模式:这种模式不会配置任何网络
例如:使用none模式创建一个容器,然后不进入容器使用 ip a 命令查看地址。
[root@localhost ~]# docker run -itd --name nnnn --net=none centos /bin/bash
eef34aa66c0d4c46c92205a7d1324e20e93c20b993a13f7f1e2d00f2445bab10
[root@localhost ~]# docker exec -it nnnn ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
查看网络详细信息
[root@localhost ~]# docker network inspect host
[
{
"Name": "host",
"Id": "95745cfbff7ea842d45556cf326595d8f1c9520043eba58676de5c26fc029c33",
"Created": "2020-11-06T16:35:41.396753287+08:00",
"Scope": "local",
"Driver": "host",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": []
},
"Internal": false,
"Attachable": false,
"Containers": {
"7dedf69d931a796f770a4c4c0adf0b4bb78b30668903632cbe46d1322830510c": {
"Name": "host",
"EndpointID": "25b3bb54ca5ecdf0f4873139896f6c690b220b77d5cb63670dfcc96173b8a6c2",
"MacAddress": "",
"IPv4Address": "",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
二、多个容器使用共同的网络(他们的IP段是一样的,可以互相ping通)
[root@localhost ~]# docker run -itd --name bbbb --net=bridge centos bash
36cc667c158ea7593b733de8db7a536d4ca1935c8b04ff0c9010b8d06963e564
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
36cc667c158e centos "bash" 35 seconds ago Up 33 seconds bbbb
eef34aa66c0d centos "/bin/bash" 15 minutes ago Up 15 minutes nnnn
acf7d0cf36c4 centos "/bin/bash" 21 minutes ago Up 21 minutes hhhh
7dedf69d931a centos:latest "/bin/bash" About an hour ago Up About an hour host
[root@localhost ~]# docker exec -it 36cc667c158e ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# docker run -it --name rrrr --net=bridge centos /bin/bash
[root@86ec27686bd8 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:3/64 scope link
valid_lft forever preferred_lft forever
[root@86ec27686bd8 /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.259 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.125 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.121 ms
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.121/0.168/0.259/0.065 ms
[root@86ec27686bd8 /]# ^C
三、外部访问容器
1、使用centos镜像启动一个容器,并安装http服务和查看端口命令,启动http服务
[root@localhost ~]# docker run -it --name http_2 centos
[root@339e36152e40 /]# yum install httpd -y
Failed to set locale, defaulting to C.UTF-8
CentOS-8 - AppStream 104 kB/s | 6.2 MB 01:01
CentOS-8 - Base 177 kB/s | 2.3 MB 00:13
CentOS-8 - Extras 4.7 kB/s | 8.6 kB 00:01
Dependencies resolved.
==============================================================================
Package Arch Version Repo Size
==============================================================================
Installing:
httpd x86_64 2.4.37-30.module_el8.3.0+561+97fdbbcc AppStream 1.7 M
Installing dependencies:
apr x86_64 1.6.3-11.el8 AppStream 125 k
apr-util x86_64 1.6.1-6.el8 AppStream 105 k
brotli x86_64 1.0.6-2.el8 BaseOS 322 k
centos-logos-httpd
noarch 80.5-2.el8 BaseOS 24 k
httpd-filesystem
noarch 2.4.37-30.module_el8.3.0+561+97fdbbcc AppStream 37 k
httpd-tools x86_64 2.4.37-30.module_el8.3.0+561+97fdbbcc AppStream 104 k
mailcap noarch 2.1.48-3.el8 BaseOS 39 k
mod_http2 x86_64 1.15.7-2.module_el8.3.0+477+498bb568 AppStream 154 k
Installing weak dependencies:
apr-util-bdb x86_64 1.6.1-6.el8 AppStream 25 k
apr-util-openssl
x86_64 1.6.1-6.el8 AppStream 27 k
Enabling module streams:
httpd 2.4
Transaction Summary
==============================================================================
Install 11 Packages
Total download size: 2.6 M
Installed size: 7.5 M
Downloading Packages:
(1/11): apr-util-bdb-1.6.1-6.el8.x86_64.rpm 81 kB/s | 25 kB 00:00
(2/11): apr-util-1.6.1-6.el8.x86_64.rpm 340 kB/s | 105 kB 00:00
(3/11): apr-1.6.3-11.el8.x86_64.rpm 302 kB/s | 125 kB 00:00
(4/11): apr-util-openssl-1.6.1-6.el8.x86_64.r 132 kB/s | 27 kB 00:00
(5/11): httpd-filesystem-2.4.37-30.module_el8 293 kB/s | 37 kB 00:00
(6/11): mod_http2-1.15.7-2.module_el8.3.0+477 670 kB/s | 154 kB 00:00
(7/11): httpd-tools-2.4.37-30.module_el8.3.0+ 95 kB/s | 104 kB 00:01
(8/11): httpd-2.4.37-30.module_el8.3.0+561+97 1.3 MB/s | 1.7 MB 00:01
(9/11): brotli-1.0.6-2.el8.x86_64.rpm 272 kB/s | 322 kB 00:01
(10/11): centos-logos-httpd-80.5-2.el8.noarch 24 kB/s | 24 kB 00:01
(11/11): mailcap-2.1.48-3.el8.noarch.rpm 39 kB/s | 39 kB 00:00
------------------------------------------------------------------------------
Total 666 kB/s | 2.6 MB 00:04
warning: /var/cache/dnf/AppStream-02e86d1c976ab532/packages/apr-1.6.3-11.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS-8 - AppStream 1.6 MB/s | 1.6 kB 00:00
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : apr-1.6.3-11.el8.x86_64 1/11
Running scriptlet: apr-1.6.3-11.el8.x86_64 1/11
Installing : apr-util-bdb-1.6.1-6.el8.x86_64 2/11
Installing : apr-util-openssl-1.6.1-6.el8.x86_64 3/11
Installing : apr-util-1.6.1-6.el8.x86_64 4/11
Running scriptlet: apr-util-1.6.1-6.el8.x86_64 4/11
Installing : httpd-tools-2.4.37-30.module_el8.3.0+561+97fdbbc 5/11
Installing : mailcap-2.1.48-3.el8.noarch 6/11
Installing : centos-logos-httpd-80.5-2.el8.noarch 7/11
Installing : brotli-1.0.6-2.el8.x86_64 8/11
Running scriptlet: httpd-filesystem-2.4.37-30.module_el8.3.0+561+97 9/11
Installing : httpd-filesystem-2.4.37-30.module_el8.3.0+561+97 9/11
Installing : mod_http2-1.15.7-2.module_el8.3.0+477+498bb568.x 10/11
Installing : httpd-2.4.37-30.module_el8.3.0+561+97fdbbcc.x86_ 11/11
Running scriptlet: httpd-2.4.37-30.module_el8.3.0+561+97fdbbcc.x86_ 11/11
Verifying : apr-1.6.3-11.el8.x86_64 1/11
Verifying : apr-util-1.6.1-6.el8.x86_64 2/11
Verifying : apr-util-bdb-1.6.1-6.el8.x86_64 3/11
Verifying : apr-util-openssl-1.6.1-6.el8.x86_64 4/11
Verifying : httpd-2.4.37-30.module_el8.3.0+561+97fdbbcc.x86_ 5/11
Verifying : httpd-filesystem-2.4.37-30.module_el8.3.0+561+97 6/11
Verifying : httpd-tools-2.4.37-30.module_el8.3.0+561+97fdbbc 7/11
Verifying : mod_http2-1.15.7-2.module_el8.3.0+477+498bb568.x 8/11
Verifying : brotli-1.0.6-2.el8.x86_64 9/11
Verifying : centos-logos-httpd-80.5-2.el8.noarch 10/11
Verifying : mailcap-2.1.48-3.el8.noarch 11/11
Installed:
apr-1.6.3-11.el8.x86_64
apr-util-1.6.1-6.el8.x86_64
apr-util-bdb-1.6.1-6.el8.x86_64
apr-util-openssl-1.6.1-6.el8.x86_64
brotli-1.0.6-2.el8.x86_64
centos-logos-httpd-80.5-2.el8.noarch
httpd-2.4.37-30.module_el8.3.0+561+97fdbbcc.x86_64
httpd-filesystem-2.4.37-30.module_el8.3.0+561+97fdbbcc.noarch
httpd-tools-2.4.37-30.module_el8.3.0+561+97fdbbcc.x86_64
mailcap-2.1.48-3.el8.noarch
mod_http2-1.15.7-2.module_el8.3.0+477+498bb568.x86_64
Complete!
[root@339e36152e40 /]# yum install net-tools -y
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:01:52 ago on Fri Nov 6 19:26:34 2020.
Dependencies resolved.
==============================================================================
Package Arch Version Repository Size
==============================================================================
Installing:
net-tools x86_64 2.0-0.52.20160912git.el8 BaseOS 322 k
Transaction Summary
==============================================================================
Install 1 Package
Total download size: 322 k
Installed size: 942 k
Downloading Packages:
net-tools-2.0-0.52.20160912git.el8.x86_64.rpm 223 kB/s | 322 kB 00:01
------------------------------------------------------------------------------
Total 149 kB/s | 322 kB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : net-tools-2.0-0.52.20160912git.el8.x86_64 1/1
Running scriptlet: net-tools-2.0-0.52.20160912git.el8.x86_64 1/1
Verifying : net-tools-2.0-0.52.20160912git.el8.x86_64 1/1
Installed:
net-tools-2.0-0.52.20160912git.el8.x86_64
Complete!
[root@339e36152e40 /]# httpd
.dockerenv home/ media/ root/ sys/
bin/ lib/ mnt/ run/ tmp/
dev/ lib64/ opt/ sbin/ usr/
etc/ lost+found/ proc/ srv/ var/
[root@339e36152e40 /]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[root@339e36152e40 /]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp6 0 0 :::80 :::* LISTEN 92/httpd
[root@339e36152e40 /]# exit
2、把容器导成一个新镜像
[root@localhost ~]# docker commit -m "install http" -a "wo" 339e36152e40 http-2
sha256:ff57718adc9aefca52034fec2633b8ca82f800a9dfc58aa473a8fda7a532a8fb
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
http-2 latest ff57718adc9a 8 seconds ago 256 MB
centos latest 0d120b6ccaa8 2 months ago 215 MB
registry latest 2d4f4b5309b1 4 months ago 26.2 MB
nginx latest 540a289bab6c 12 months ago 126 MB
3、启动镜像
-p 指定端口映射,-p 8888:80即为,将容器的80端口映射为本地的8888端口
[root@localhost ~]# docker run -itd --name httpd -p 8888:80 http-2 /bin/bash
23635d179571904222cd0ef2e0725a61b429589382abcc625d26022b5897995a
4、进入容器,编写文件,启动http服务
[root@localhost ~]# docker exec -it 23635d179571 /bin/bash
[root@23635d179571 /]# vi /var/www/html/1.html
[root@23635d179571 /]# cat /var/www/html/1.html
hello
[root@23635d179571 /]# httpd -k restart
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
httpd not running, trying to start
[root@23635d179571 /]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp6 0 0 :::80 :::* LISTEN 28/httpd
[root@23635d179571 /]#
[root@23635d179571 /]# exit
5、退出容器后验证
[root@localhost ~]# curl 192.168.200.70:8888/1.html
hello
或者在浏览器中输入 ip:端口/文件名 ,显示文件内容就对了。