相关概念:
网桥:相当于一个虚拟的交换机,连接在此网桥上的所有设备均可以正常通信;
veth pair:虚拟网卡对(2张网卡),两张网卡之间的收发数据保持一致;
docker网络:
docker0网桥:在安装启动完docker之后,会出现一个docker0的网卡设备(此设备相当于一个交换机);
创建docker容器后,会创建2个虚拟网卡,一端显示在宿主机中,一端是容器中的eth0,这2张网卡是虚拟网卡对;
创建2个容器,在宿主机上执行ip a,可以看到会出现2个虚拟网卡(以veth开头):
docker run -d --name nginx-1 nginx docker run -d --name nginx-2 nginx [root@ks-allinone ~]# ip a ... 3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:92:a1:07:20 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:92ff:fea1:720/64 scope link valid_lft forever preferred_lft forever 37: veth87e12aa@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 56:3f:71:00:b2:95 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::543f:71ff:fe00:b295/64 scope link valid_lft forever preferred_lft forever 39: vethed473fd@if38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 66:f0:c4:e4:df:a9 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::64f0:c4ff:fee4:dfa9/64 scope link valid_lft forever preferred_lft forever
brctl show:可以看到这2个虚拟网卡都绑定在docker0上(相当于通过宿主机上的虚拟网卡连接在交换机(docker0)上)
[root@ks-allinone ~]# brctl show bridge name bridge id STP enabled interfaces docker0 8000.024292a10720 no veth87e12aa vethed473fd
注:连接到同一个网桥上之后(相当于连接在同一个交换机上),容器之间就可以进行通信;