自定义网络
1、查看所有的docker网络
网络模式:
bridge 桥接 (docker默认)
none 不配置网络
host 和宿主机共享网络
container 容器内网络连通(用的少)
测试
我们直接启动的命令,默认是–net bridge,就是我们的docker0
docker run -d -P --name tomcat01 --net bridge tomcat
docker0的特点:
默认,域名不能访问,–link可以打通连接。
- 自定义一个网络
[root@iZwz9geewjuo2sogidqn50Z /]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
843b151756ca18297b4bc5cf48c16636c409f8bb206a85e6b2fcd56036218ada
[root@iZwz9geewjuo2sogidqn50Z /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a84148e01491 bridge bridge local
02a82be95061 host host local
843b151756ca mynet bridge local
ddfa76153018 none null local
查看网络信息:
[root@iZwz9geewjuo2sogidqn50Z /]# docker run -d -P --name tomcat-net01 --net mynet tomcat
146ed1a2921f79dc724ec5716b82377325499f1fb9d2373c83bde796d642c14c
[root@iZwz9geewjuo2sogidqn50Z /]# docker run -d -P --name tomcat-net02 --net mynet tomcat
3776acfad60682df7e3005d3b389d9d932a21e2b91fe24730d6ced93afa4d5cb
[root@iZwz9geewjuo2sogidqn50Z /]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "843b151756ca18297b4bc5cf48c16636c409f8bb206a85e6b2fcd56036218ada",
"Created": "2022-02-21T22:34:48.599496723+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"146ed1a2921f79dc724ec5716b82377325499f1fb9d2373c83bde796d642c14c": {
"Name": "tomcat-net01",
"EndpointID": "a575fd0fa0bada2920e8c6bd1a4c37228dbd0e00d2ff8b1267f8bb7f308c47a7",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"3776acfad60682df7e3005d3b389d9d932a21e2b91fe24730d6ced93afa4d5cb": {
"Name": "tomcat-net02",
"EndpointID": "2ef979f86762e03a3b1de42a138257035c03e42ff678c4ea6f1ef3c9d8554c89",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
再次测试ping
[root@iZwz9geewjuo2sogidqn50Z /]# docker exec -it tomcat-net01 /bin/bash
root@146ed1a2921f:/usr/local/tomcat# ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.095 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.082 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=64 time=0.079 ms
不使用–link也可以ping名字
[root@iZwz9geewjuo2sogidqn50Z /]# docker exec -it tomcat-net01 /bin/bash
root@146ed1a2921f:/usr/local/tomcat# ping tomcat-net02
PING tomcat-net02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.073 ms
64 bytes from tomcat-net02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.080 ms
64 bytes from tomcat-net02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.102 ms
64 bytes from tomcat-net02.mynet (192.168.0.3): icmp_seq=4 ttl=64 time=0.090 ms
好处:
redis:不同的集群使用不同的网络,保证集群是安全和健康的
mysql:不同的集群使用不同的网络,保证集群是安全和健康的
网络连通
测试打通tomcat01 -----mynet
#启动tomcat01
[root@iZwz9geewjuo2sogidqn50Z /]# docker run -d -P --name tomcat01 tomcat
2ef7b27090688b363cbd8b0240f2fa14b90f45b5a637b78ea3650fec69f973bd
#启动tomcat02
[root@iZwz9geewjuo2sogidqn50Z /]# docker run -d -P --name tomcat02 tomcat
47adc17f6d7918db094b95cbd8a8f67a3234c6fa87c9e05543a12d47ef86a632
[root@iZwz9geewjuo2sogidqn50Z /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
47adc17f6d79 tomcat "catalina.sh run" 11 seconds ago Up 10 seconds 0.0.0.0:49158->8080/tcp, :::49158->8080/tcp tomcat02
2ef7b2709068 tomcat "catalina.sh run" 23 seconds ago Up 22 seconds 0.0.0.0:49157->8080/tcp, :::49157->8080/tcp tomcat01
3776acfad606 tomcat "catalina.sh run" 31 minutes ago Up 31 minutes 0.0.0.0:49156->8080/tcp, :::49156->8080/tcp tomcat-net02
146ed1a2921f tomcat "catalina.sh run" 31 minutes ago Up 31 minutes 0.0.0.0:49155->8080/tcp, :::49155->8080/tcp tomcat-net01
#connect mynet和tomcat01
[root@iZwz9geewjuo2sogidqn50Z /]# docker network connect mynet tomcat01
查看如下:
[root@iZwz9geewjuo2sogidqn50Z /]# docker network inspect
连通之后,就是将tomcat01放在了mynet网络下。
一个容器两个ip!
[root@iZwz9geewjuo2sogidqn50Z /]# docker exec -it tomcat01 /bin/bash
root@2ef7b2709068:/usr/local/tomcat# ping tomcat-net01
PING tomcat-net01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.089 ms
64 bytes from tomcat-net01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.080 ms
64 bytes from tomcat-net01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.077 ms
tomcat01打通tomcat-net01!
假设要跨网络操作,就需要使用docker network connect连通!