16 - Docker network第二讲-容器默认网络bridge(Docker系列)

本文章来自【知识林】

在Docker服务安装成功后默认有三个网络(docker network ls):

C:\Users\zsl-pc>docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
992344cd89fe        bridge              bridge              local
06445f4f5774        host                host                local
2d964ece79b9        none                null                local

bridge:是容器的默认网络,可以配置后与宿主机通信从而与互联网互联互通。

hostnone:是属于无网络(可以使用docker network inspect host查看,其中无子网和网关),容器添加到这两个网络时时将容器添加到特定的容器网络堆栈,是不能与外界网络通信的。

每当使用docker run启动一个容器时,这个容器都会有一个默认的网络,即bridge

可以通过inspect命令查看各网络中的容器(查看bridge网络):


C:\Users\zsl-pc>docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "992344cd89fe90aa240651e7497131e5dc40539d3f1ad540f973feab6b345b3c"
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]

Containers中看到是空,表示目前还没有任何容器加入到这个网络。

启动容器

docker run -d -it --name c1 centos /bin/bash -c "while true; do echo hello; sleep 1; done"

说明:启动了一个名为c1的Centos的容器,每隔一秒输出hello,可以通过docker logs c1查看输出信息。

此时再查看bridge网络(docker network inspect bridge):

C:\Users\zsl-pc>docker network inspect bridge
…………
"Containers": {
    "7883225f9192cb4eb68283fd47bc9435ab70dd76803ede1d926f30db3bb1101f": {
        "Name": "c1",
        "EndpointID": "e784f093b0c810f5c5112235e2e8502f6193077fa5da44a9a527aa9086894382",
        "MacAddress": "02:42:ac:11:00:02",
        "IPv4Address": "172.17.0.2/16",
        "IPv6Address": ""
    }
}
…………

说明:可以看到bridge网络中已经有一个容器c1,且IP地址是172.17.0.2

通过这个例子可以看出在docker run启动容器时在未指定网络情况下默认使用了bridge这个网络。

在容器中查看网络

C:\Users\zsl-pc>docker exec -it c1 /bin/bash
[root@7883225f9192 /]# more /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2      7883225f9192
[root@7883225f9192 /]#

可以看到主机名7883225f9192对应的IP地址正是前面所说的172.17.0.2。也可通过ifconfig查看容器内部的网络信息,如果提示:bash: ifconfig: command not found可以先安装网络工具:yum install -y net-tools,安装完成后再输入:ifconfig

[root@7883225f9192 /]# ifconfig
eth0: flags=4163  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:acff:fe11:2  prefixlen 64  scopeid 0x20
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 2057  bytes 7829768 (7.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1873  bytes 105536 (103.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0就是这个容器的网卡信息,也可以看出IP地址是172.17.0.2

再启动一个容器与其他容器通信

docker run -d -it --name c2 centos /bin/bash -c "while true; do echo hello; sleep 1; done"

说明:又启动了一个容器,名称为c2,与c1做的事情一样。再使用docker network inspect bridge可以看到:

C:\Users\zsl-pc>docker network inspect bridge
…………
"Containers": {
    "7117f84edc269c5f61052a136791e775e26372c2b977db77081cd78533e5721e": {
        "Name": "c2",
        "EndpointID": "78be5b7b0737d23082607fd016664017df77ceb1d469d9a3972033796ac8d761",
        "MacAddress": "02:42:ac:11:00:03",
        "IPv4Address": "172.17.0.3/16",
        "IPv6Address": ""
    },
    "7883225f9192cb4eb68283fd47bc9435ab70dd76803ede1d926f30db3bb1101f": {
        "Name": "c1",
        "EndpointID": "859ff1ec55e136c5ec431df7baaf42af8f2a3e872a7472e16e392a9fa68d797d",
        "MacAddress": "02:42:ac:11:00:02",
        "IPv4Address": "172.17.0.2/16",
        "IPv6Address": ""
    }
}
…………

可以看出:c1c2是在一个局域网内,c2的IP地址是172.17.0.3,可以尝试互相ping一下看是否能ping通:

C:\Users\zsl-pc>docker exec -it c2 /bin/bash
[root@7117f84edc26 /]# ping -w 4 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.044 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.114 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.120 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.121 ms
64 bytes from 172.17.0.2: icmp_seq=5 ttl=64 time=0.115 ms

--- 172.17.0.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3996ms
rtt min/avg/max/mdev = 0.044/0.102/0.121/0.032 ms
[root@7117f84edc26 /]# exit

C:\Users\zsl-pc>docker exec -it c1 /bin/bash
[root@7883225f9192 /]# ping -w 4 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.048 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.107 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.089 ms
64 bytes from 172.17.0.3: icmp_seq=4 ttl=64 time=0.113 ms
64 bytes from 172.17.0.3: icmp_seq=5 ttl=64 time=0.114 ms

--- 172.17.0.3 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3996ms
rtt min/avg/max/mdev = 0.048/0.094/0.114/0.025 ms
[root@7883225f9192 /]#

c2里面是可以ping通c1的IP地址,在c1里面也可以ping通c2的IP地址,说明在一个网络下的容器是可以相互通信的。

本文章来自【知识林】

你可能感兴趣的:(16 - Docker network第二讲-容器默认网络bridge(Docker系列))