1. docker网络
宿主机可以 ping 通所有容器ip
安装完 docker ,查看就会发现 有一个docker0 (桥接模式)
[root@localhost ~]# ip addr
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:ae:45:ef:24 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:aeff:fe45:ef24/64 scope link
valid_lft forever preferred_lft forever
每启动一个容器,就会被分配一个ip
创建一个 tomcat01 容器
docker run -it -d --name tomcat01 tomcat
[root@localhost ~]# docker exec -it tomcat01 ip addr 进入容器查看发现被分配了一个ip
754: eth0@if755: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever再创建一个 tomcat02 容器
[root@localhost ~]# docker run -it -d --name tomcat02 tomcat
[root@localhost ~]# docker exec -it tomcat02 ip addr
756: eth0@if757: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever[root@localhost ~]# ip addr
755: vethd4336f7@if754: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 4e:7f:dd:63:87:d9 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::4c7f:ddff:fe63:87d9/64 scope link
valid_lft forever preferred_lft forever
757: veth5f75a6f@if756: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 1a:36:b2:db:db:47 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::1836:b2ff:fedb:db47/64 scope link
valid_lft forever preferred_lft foreverevth-pair 一对虚拟设备接口,充当桥梁(docker容器之间的连接)
容器间通过ip可以互相ping通 (docker0 充当一个网桥)
docker中所有的网络接口都是虚拟的(容器删除,对应的网络接口就没了)
通过容器 ping ip可以通
[root@localhost ~]# docker exec -it tomcat01 ping 172.17.0.3
[root@localhost ~]# docker exec -it tomcat02 ping 172.17.0.2
2. --link
--link 就是在hosts配置文件中添加了映射,容器就通了(反向不通)
[root@localhost ~]# docker run -it -d -P --name tomcat01 tomcat
[root@localhost ~]# docker run -it -d -P --name tomcat02 --link tomcat01 tomcat[root@localhost ~]# docker exec -it tomcat01 ping tomcat02 不通
ping: tomcat02: Name or service not known
[root@localhost ~]# docker exec -it tomcat02 ping tomcat01 可以ping通[root@localhost ~]# docker exec -it tomcat02 cat /etc/hosts 发现有映射tomcat01的ip
172.17.0.2 tomcat01 65c57680f2bc
172.17.0.3 ee6aeed7803c
3. 自定义网络
bridge 桥接模式(默认)
none 不配置网络
host 和宿主机共享网络
container (用的少,局限大)容器网络联通
创建自定义网络
docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 munet
--driver bridge 桥接
--subnet 192.168. 0.0/16 子网地址
--gateway 192.168.0.1 网关
munet 自定义网络名
查看网络:
[root@localhost ~]# docker network inspect munet
"Name": "munet",
"Id": "2ecbde298624b3646c698b3daa8c1d5167019a12061cf356e48934bb30aad4f3",
"Created": "2021-07-21T10:57:41.448294416+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"同一网络下的容器可以互相 ping通 (网段一样)
[root@localhost ~]# docker run -it -d -P --name tomcat01 --net munet tomcat
[root@localhost ~]# docker run -it -d -P --name tomcat02 --net munet tomcat[root@localhost ~]# docker network inspect munet
"Name": "tomcat01",
"EndpointID": "0954a8b31bc98048905aca3ec22dbfa927b95ef9582cc5bac8eb760108bb1b17",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"4b9834461034300010f955014f437b0a2fa9774d370aabbbb29fa1a128c17cf0": {
"Name": "tomcat02",
"EndpointID": "76cf832ab775c27ac062059b82d5ed1eb114540e12e099819d66cf18f3ea6e7d",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",都可以互相 ping 通
[root@localhost ~]# docker exec -it tomcat01 ping tomcat02
[root@localhost ~]# docker exec -it tomcat02 ping tomcat01
[root@localhost ~]# docker exec -it tomcat01 ping 192.168.0.3
[root@localhost ~]# docker exec -it tomcat02 ping 192.168.0.2
4. 容器和另一网络联通
网络munet
docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 munet
[root@localhost ~]# docker run -it -d -P --name tomcat01 --net munet tomcat
[root@localhost ~]# docker run -d -P --name tomcat-01 tomcat
容器tomcat-01 和网络 munet 联通
[root@localhost ~]# docker network connect munet tomcat-01
可以ping通
[root@localhost ~]# docker exec -it tomcat-01 ping tomcat01
联通原理: tomcat-01 被分配了双ip
[root@localhost ~]# docker network inspect munet
"Name": "tomcat-01",
"EndpointID": "c5716de80e55405454f36848390c34ec655e81d0d7fde500ee7f00a469816ba8",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""[root@localhost ~]# docker exec -it tomcat-01 ip addr
767: eth0@if768: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
5. 案例:部署 redis 三主三从
创建网络:
docker network create redis --subnet 172.38.0.0/16
脚本写redis配置文件: for port in $(seq 1 6); \ do \ mkdir -p /mydata/redis/node-${port}/conf touch /mydata/redis/node-${port}/conf/redis.conf cat /mydata/redis/node-${port}/conf/redis.conf port 6379 bind 0.0.0.0 cluster-enabled yes cluster-config-file nodes.conf cluster-node-timeout 5000 cluster-announce-ip 172.38.0.1${port} cluster-announce-port 6379 cluster-announce-bus-port 16379 appendonly yes EOF done手动运行1-6个容器 修改ip,端口和文件名
docker run -p 6371:6379 --name redis-1 \
-v /mydata/redis/node-1/data:/data \
-v /mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf
-d --net redis --ip 172.38.0.11 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
解释:6379 redis的端口 -v 挂载配置文件
--net redis 自定义网络
--ip 172.38.0.11 容器ip
redis:5.0.9-alpine3.11 redis 版本
redis-server /etc/redis/redis.conf 通过conf文件启动
进入容器 docker exec -it redis-1 /bin/sh创建cluster集群
redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-replicas 1
进入redis集群 redis-cli -c
查看集群 cluster info
查看节点 cluster nodes