17 - Docker network第三讲-自定义网络(Docker系列)

本文章来自【知识林】

  • 创建网络
C:\Users\zsl-pc>docker network create test-net
39b38d32553cb89085bccb6d1359e3e1ebba570147c31c64c58e40d7967f9e50

说明:这里创建了一个名为test-net的网络,创建成功后会得到该网络的ID

  • 列表网络
C:\Users\zsl-pc>docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
86423d2ba03a        bridge              bridge              local
06445f4f5774        host                host                local
2d964ece79b9        none                null                local
39b38d32553c        test-net            bridge              local

说明:此时列表出来的结果除了默认的三个网络外,又增加了一个刚刚创建的test-net;其DRIVERbridge说明在创建网络时的默认驱动是bridgeSCOPE指定了网络的作用范围,local表示只在当前宿主机生效。

  • 查看网络详情
C:\Users\zsl-pc>docker network inspect test-net
[
    {
        "Name": "test-net",
        "Id": "39b38d32553cb89085bccb6d1359e3e1ebba570147c31c64c58e40d7967f9e50",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1/16"
                }
            ]
        },
        "Internal": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]
  • 启动容器并指定网络
docker run -d -it --name c3 --network test-net centos /bin/bash -c "while true; do echo hello; sleep 1;done"
0968be0ab042ec35121774227bbecf5c5fd8a1faf0f7fd3b5ac0069af64e7709

说明:使用指令--network来指定容器的网络

  • 与名为bridge的网络中的容器c2通过

在《16 - Docker network第二讲-容器默认网络bridge》中我们创建了两个容器c1c2,这两个容器都是属于名为bridge的默认网络中,下面尝试与任意一个容器通信(以c2为例,其IP地址为172.17.0.3):

C:\Users\zsl-pc>docker exec -it c3 /bin/bash
[root@0968be0ab042 /]# ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
^C
--- 172.17.0.3 ping statistics ---
18 packets transmitted, 0 received, 100% packet loss, time 17008ms

说明:可以看出现在c3是无法与c2进行通信的。要让这两个容器通信需要让他们在同一个网络里面(就像局域网中的物理机一样)。

C:\Users\zsl-pc>docker network connect test-net c2

C:\Users\zsl-pc>docker inspect c2

…………
"Networks": {
    "bridge": {
        "IPAMConfig": null,
        "Links": null,
        "Aliases": null,
        "NetworkID": "86423d2ba03ab5d46d66fe39bbba75d0d47d0fcc7dcbf250fcbbaa4b0085a029",
        "EndpointID": "78be5b7b0737d23082607fd016664017df77ceb1d469d9a3972033796ac8d761",
        "Gateway": "172.17.0.1",
        "IPAddress": "172.17.0.3",
        "IPPrefixLen": 16,
        "IPv6Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "MacAddress": "02:42:ac:11:00:03"
    },
    "test-net": {
        "IPAMConfig": {},
        "Links": null,
        "Aliases": [
            "7117f84edc26"
        ],
        "NetworkID": "39b38d32553cb89085bccb6d1359e3e1ebba570147c31c64c58e40d7967f9e50",
        "EndpointID": "071d239a9758d380fc265345030393cee3fc6d2d746b36af44bf6a6c5aeecd60",
        "Gateway": "172.18.0.1",
        "IPAddress": "172.18.0.3",
        "IPPrefixLen": 16,
        "IPv6Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "MacAddress": "02:42:ac:12:00:03"
    }
}

说明:使用命令docker inspect c2查看c2容器的详情信息时可以看到其Networks中有两个网络信息bridgetest-net说明我们已经让c2test-net连接在一起了,且c2test-net这个网络中的IP地址是:172.18.0.3,此时再来检测c2c3的通信情况:

C:\Users\zsl-pc>docker exec -it c3 /bin/bash
[root@0968be0ab042 /]# ping -w 4 172.18.0.3
PING 172.18.0.3 (172.18.0.3) 56(84) bytes of data.
64 bytes from 172.18.0.3: icmp_seq=1 ttl=64 time=0.048 ms
64 bytes from 172.18.0.3: icmp_seq=2 ttl=64 time=0.077 ms
64 bytes from 172.18.0.3: icmp_seq=3 ttl=64 time=0.247 ms
64 bytes from 172.18.0.3: icmp_seq=4 ttl=64 time=0.137 ms
64 bytes from 172.18.0.3: icmp_seq=5 ttl=64 time=0.045 ms

--- 172.18.0.3 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3996ms
rtt min/avg/max/mdev = 0.045/0.110/0.247/0.076 ms
[root@0968be0ab042 /]#

说明:c2c3可以正常通信了,只是c2现在拥有两个网络信息:默认的bridge和自定义的test-netc2可以通过bridge网络与c1通信,也可以通过test-net网络与c3通信,但c1c3没有共同的网络,所以它们不可以通信。

  • 从网络中移除容器
C:\Users\zsl-pc>docker network disconnect bridge c2

C:\Users\zsl-pc>docker inspect c2

…………
"Networks": {
    "test-net": {
        "IPAMConfig": {},
        "Links": null,
        "Aliases": [
            "7117f84edc26"
        ],
        "NetworkID": "39b38d32553cb89085bccb6d1359e3e1ebba570147c31c64c58e40d7967f9e50",
        "EndpointID": "071d239a9758d380fc265345030393cee3fc6d2d746b36af44bf6a6c5aeecd60",
        "Gateway": "172.18.0.1",
        "IPAddress": "172.18.0.3",
        "IPPrefixLen": 16,
        "IPv6Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "MacAddress": "02:42:ac:12:00:03"
    }
}

说明:使用docker network disconnect命令来将容器移出网络,这里将c2容器从bridge网络中移除,再使用docker inspect c2来查看容器详情信息时,在Networks中只会看到test-net一个网络,此时c2将只能与c3通信,不能与c1通信。

  • 删除网络
C:\Users\zsl-pc>docker network rm test-net
Error response from daemon: network test-net has active endpoints

注意:当网络中还有容器时,此网络不能被删除。rm后面可以跟多个网络名称,以空格隔开。

通过上面的这些例子已经基本对Docker的网络有些认识,对Docker的的命令也有更进一步的了解。

本文章来自【知识林】

你可能感兴趣的:(java学习资料)