Docker容器的设置资源(cpu,内存)限制:
#docker run –memory=200M xxxx-image --vm 1 –verbose
#docker run --cpu-shares=10 --name=test1 xxx-image --cpu 1
#docker run --cpu-shares=5 --name=test2 xxx-image --cpu 2
底层技术支持:
(1) Namespaces : 做隔离pid, net, ipc, mnt, uts
(2) Control groups : 做资源限制
(3) Union file systems :Container和image的分层;
[root@zizhen02 ~]# docker run --cpu-shares=2 --name=test3 ubuntu-stress --cpu 1
stress: info: [1] dispatching hogs: 1 cpu, 0 io, 0 vm, 0 hdd
[root@zizhen02 ~]# docker run --cpu-shares=4 ubuntu-stress --cpu 1
stress: info: [1] dispatching hogs: 1 cpu, 0 io, 0 vm, 0 hdd
Tasks: 116 total, 3 running, 113 sleeping, 0 stopped, 0 zombie
%Cpu(s):100.0 us, 0.0 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1863224 total, 1062620 free, 381180 used, 419424 buff/cache
KiB Swap: 1572860 total, 1503996 free, 68864 used. 1276984 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
8654 root 20 0 8228 100 0 R 66.4 0.0 0:04.76 stress
8542 root 20 0 8228 96 0 R 32.9 0.0 0:40.13 stress
Docker网络技术
分单机和多机:
单机有三种:bridge Network 、Host Network、None Network;
多机: Overlay Network ;
#docker ps
#docker exec [container-ID] ip a
#ip netns list 列出命名空间
#ip netns delete test1 删除test1
#ip netns list
#ip netns add test1 增加test1
#ip netns list
#ip netns exec test1 ip a 在test1中执行ip a ;
# ip netns exec test1 ip link set dev lo up 在test1 执行命令lo端口up状态;
[root@zizhen02 ~]# ip netns exec test1 ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[root@zizhen02 ~]# ip netns exec test1 ip link set dev lo up
[root@zizhen02 ~]# ip netns list
test1
[root@zizhen02 ~]# ip netns exec test1 ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
[root@zizhen02 ~]#
测试创建NameSpace
[root@zizhen02 ~]# ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
3: docker0:
link/ether 02:42:d4:5d:cf:c5 brd ff:ff:ff:ff:ff:ff
[root@zizhen02 ~]# ip link add veth-test1 type veth peer name veth-test2
[root@zizhen02 ~]# ip netns list
[root@zizhen02 ~]# ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
3: docker0:
link/ether 02:42:d4:5d:cf:c5 brd ff:ff:ff:ff:ff:ff
8: veth-test2@veth-test1:
link/ether c6:97:91:b0:31:9c brd ff:ff:ff:ff:ff:ff
9: veth-test1@veth-test2:
link/ether 8e:69:f6:fd:e5:87 brd ff:ff:ff:ff:ff:ff
[root@zizhen02 ~]# ip netns exec test1 ip link
Cannot open network namespace "test1": No such file or directory
[root@zizhen02 ~]# ip netns add test1
[root@zizhen02 ~]# ip netns list
test1
[root@zizhen02 ~]# ip netns exec test1 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[root@zizhen02 ~]# ip link set veth-test1 netns test1
[root@zizhen02 ~]# ip netns exec test1 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
9: veth-test1@if8:
link/ether 8e:69:f6:fd:e5:87 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@zizhen02 ~]# ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
3: docker0:
link/ether 02:42:d4:5d:cf:c5 brd ff:ff:ff:ff:ff:ff
8: veth-test2@if9:
link/ether c6:97:91:b0:31:9c brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@zizhen02 ~]#
[root@zizhen02 ~]#
[root@zizhen02 ~]#
[root@zizhen02 ~]# ip netns add test2
[root@zizhen02 ~]# ip netns list
test2
test1 (id: 0)
[root@zizhen02 ~]# ip netns exec test2 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
[root@zizhen02 ~]# ip link set veth-test2 netns test2
[root@zizhen02 ~]# ip netns exec test2 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: veth-test2@if9:
link/ether c6:97:91:b0:31:9c brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@zizhen02 ~]# ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
3: docker0:
link/ether 02:42:d4:5d:cf:c5 brd ff:ff:ff:ff:ff:ff
[root@zizhen02 ~]#
[root@zizhen02 ~]#
[root@zizhen02 ~]# ip netns exec test1 ip addr add 192.168.0.1/24 dev veth-test1
[root@zizhen02 ~]# ip netns exec test2 ip addr add 192.168.0.2/24 dev veth-test2
[root@zizhen02 ~]# ip netns exec test2 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: veth-test2@if9:
link/ether c6:97:91:b0:31:9c brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@zizhen02 ~]# ip netns exec test1 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
9: veth-test1@if8:
link/ether 8e:69:f6:fd:e5:87 brd ff:ff:ff:ff:ff:ff link-netnsid 1
[root@zizhen02 ~]# ip netns exec test1 ip link set dev veth-test1 up
[root@zizhen02 ~]# ip netns exec test2 ip link set dev veth-test1 up
Cannot find device "veth-test1"
[root@zizhen02 ~]# ip netns exec test2 ip link set dev veth-test2 up
[root@zizhen02 ~]#
[root@zizhen02 ~]# ip netns exec test1 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
9: veth-test1@if8:
link/ether 8e:69:f6:fd:e5:87 brd ff:ff:ff:ff:ff:ff link-netnsid 1
[root@zizhen02 ~]# ip netns exec test2 ip link
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: veth-test2@if9:
link/ether c6:97:91:b0:31:9c brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@zizhen02 ~]# ip netns exec test1 ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
9: veth-test1@if8:
link/ether 8e:69:f6:fd:e5:87 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet 192.168.0.1/24 scope global veth-test1
valid_lft forever preferred_lft forever
inet6 fe80::8c69:f6ff:fefd:e587/64 scope link
valid_lft forever preferred_lft forever
[root@zizhen02 ~]# ip netns exec test2 ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: veth-test2@if9:
link/ether c6:97:91:b0:31:9c brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.0.2/24 scope global veth-test2
valid_lft forever preferred_lft forever
inet6 fe80::c497:91ff:feb0:319c/64 scope link
valid_lft forever preferred_lft forever
[root@zizhen02 ~]# ip netns exec test1 ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.075 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.048 ms
64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.052 ms
^C
--- 192.168.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.048/0.058/0.075/0.013 ms
[root@zizhen02 ~]# ip netns exec test2 ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.050 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.059 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.049 ms
^C
--- 192.168.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.049/0.052/0.059/0.009 ms
[root@zizhen02 ~]#
[root@zizhen02 ~]# ip netns list
test2 (id: 1)
test1 (id: 0)
以上和container 中的namespace原理是一样的;
31 docker Bridge0详解
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
ba670d30bad7 bridge bridge local
63c3ce67f785 host host local
04734d810393 none null local
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker run -it busybox /bin/sh
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
16: eth0@if17:
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ #
[root@zizhen02 ~]# docker network
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[root@zizhen02 ~]# docker network inspect
"docker network inspect" requires at least 1 argument.
See 'docker network inspect --help'.
Usage: docker network inspect [OPTIONS] NETWORK [NETWORK...]
Display detailed information on one or more networks
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20ec4d84140c busybox "/bin/sh" About a minute ago Up About a minute thirsty_poitras
[root@zizhen02 ~]# docker network inspect 20ec4d84140c
[]
Error: No such network: 20ec4d84140c
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
ba670d30bad7 bridge bridge local
63c3ce67f785 host host local
04734d810393 none null local
[root@zizhen02 ~]# docker network inspect ba670d30bad7
[
{
"Name": "bridge",
"Id": "ba670d30bad79bfe622c99522aabfb60581181f4c69ebf42b0d6ca56904312a7",
"Created": "2019-03-17T16:25:22.229320555+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"20ec4d84140c8e5b6bd183d51501c2c93a68748fd0b917c54d1986629132a872": {
"Name": "thirsty_poitras",
"EndpointID": "37e6bdd9da3b2841800372e018359a2f6ed76663c89a01e74032e8300bfca0c5",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@zizhen02 ~]#
[root@zizhen02 ~]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.107/24 brd 192.168.1.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fecb:78e2/64 scope link
valid_lft forever preferred_lft forever
3: docker0:
link/ether 02:42:d4:5d:cf:c5 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:d4ff:fe5d:cfc5/64 scope link
valid_lft forever preferred_lft forever
17: veth7b3ed30@if16:
link/ether d2:30:94:3a:f8:e7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::d030:94ff:fe3a:f8e7/64 scope link
valid_lft forever preferred_lft forever
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20ec4d84140c busybox "/bin/sh" 39 minutes ago Up 39 minutes thirsty_poitras
[root@zizhen02 ~]# docker exec 20ec4d84140c ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
16: eth0@if17:
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@zizhen02 ~]#
#yum install bridge-utils 安装brctl命令
[root@zizhen02 ~]# brctl
Usage: brctl [commands]
commands:
addbr
delbr
addif
delif
hairpin
setageing
setbridgeprio
setfd
sethello
setmaxage
setpathcost
setportprio
show [
showmacs
showstp
stp
[root@zizhen02 ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242d45dcfc5 no veth7b3ed30
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
241e3d0e5472 busybox "/bin/sh" 13 seconds ago Up 12 seconds test2
20ec4d84140c busybox "/bin/sh" About an hour ago Up About an hour thirsty_poitras
[root@zizhen02 ~]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.107/24 brd 192.168.1.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fecb:78e2/64 scope link
valid_lft forever preferred_lft forever
3: docker0:
link/ether 02:42:d4:5d:cf:c5 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:d4ff:fe5d:cfc5/64 scope link
valid_lft forever preferred_lft forever
17: veth7b3ed30@if16:
link/ether d2:30:94:3a:f8:e7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::d030:94ff:fe3a:f8e7/64 scope link
valid_lft forever preferred_lft forever
21: vethe2d3a11@if20:
link/ether c2:7c:c2:70:7a:83 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::c07c:c2ff:fe70:7a83/64 scope link
valid_lft forever preferred_lft forever
[root@zizhen02 ~]# docker exec test2 ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
20: eth0@if21:
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@zizhen02 ~]# docker exec 20ec4d84140c ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
16: eth0@if17:
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@zizhen02 ~]#
bridge name bridge id STP enabled interfaces
docker0 8000.0242d45dcfc5 no veth7b3ed30
vethe2d3a11
[root@zizhen02 ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "ba670d30bad79bfe622c99522aabfb60581181f4c69ebf42b0d6ca56904312a7",
"Created": "2019-03-17T16:25:22.229320555+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"20ec4d84140c8e5b6bd183d51501c2c93a68748fd0b917c54d1986629132a872": {
"Name": "thirsty_poitras",
"EndpointID": "37e6bdd9da3b2841800372e018359a2f6ed76663c89a01e74032e8300bfca0c5",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"241e3d0e5472226ed17d11c66dcaa33869c7f956c469c20e3e2494847c586bdb": {
"Name": "test2",
"EndpointID": "e21cb10c66681e19f67240a60199d37d34070a8aa3bf104d86048e72d447cd19",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@zizhen02 ~]#
如何访问外网
32 Docker多容器通信:
--link test1 #相当于给容器添加了一个dns记录;
[root@zizhen02 ~]# docker run -it --name=test1 busybox
/ #
/ #
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7:
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ #
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e4298cae8d2 busybox "sh" 5 minutes ago Up 5 minutes test1
[root@zizhen02 ~]# docker run -it --name=test2 --link test1 busybox /bin/sh
/ #
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
10: eth0@if11:
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ # ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.351 ms
64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.160 ms
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.160/0.255/0.351 ms
/ # ping test1
PING test1 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.171 ms
64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.159 ms
64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.160 ms
^C
--- test1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.159/0.163/0.171 ms
/ # test1:3306^C
/ #
/ #
[root@zizhen02 ~]# docker run -it --name=test1 busybox
/ #
/ #
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7:
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ #
/ # ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.264 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.369 ms
^C
--- 172.17.0.3 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.264/0.316/0.369 ms
/ # ping test2
ping: bad address 'test2'
/ #
/ #
创建docker 的Network;
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a5950ee18ba0 bridge bridge local
63c3ce67f785 host host local
04734d810393 none null local
[root@zizhen02 ~]# docker network create -d bridge my-bridge
831bb402cb76aaf543a53652e1c24d7128b23ee34bcdf40f97e6d0dbb93dea48
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a5950ee18ba0 bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]#
[root@zizhen02 ~]# brctl show
bridge name bridge id STP enabled interfaces
br-831bb402cb76 8000.02428cb086ee no
docker0 8000.024230fa6b46 no veth48b93cc
vethe56d79c
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
303720caaf49 busybox "/bin/sh" 20 seconds ago Up 18 seconds test3
3929edfaabbf busybox "/bin/sh" 9 minutes ago Up 9 minutes test2
4e4298cae8d2 busybox "sh" 15 minutes ago Up 15 minutes test1
[root@zizhen02 ~]# brctl show
bridge name bridge id STP enabled interfaces
br-831bb402cb76 8000.02428cb086ee no vetha25a34c
docker0 8000.024230fa6b46 no veth48b93cc
vethe56d79c
[root@zizhen02 ~]# docker network inspect 831bb402cb76
[
{
"Name": "my-bridge",
"Id": "831bb402cb76aaf543a53652e1c24d7128b23ee34bcdf40f97e6d0dbb93dea48",
"Created": "2019-03-19T11:51:22.983099054+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"303720caaf49932f8d7a90538869d7a4e4d0dca79f788c867e2ac654be90b905": {
"Name": "test3",
"EndpointID": "9d2ab6fdee54e5000af6782919de76330d9b2acecd99add74e9653ed6ff1624c",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker run -it --name test3 --network my-bridge busybox /bin/sh
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
13: eth0@if14:
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ #
#以上my-bridge 里有一个test3 ;my-bridge 连接到test3上了。
#将已有的容器test2 ,连接到my-bridge上;
[root@zizhen02 ~]# docker network
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
303720caaf49 busybox "/bin/sh" 19 minutes ago Up 19 minutes test3
3929edfaabbf busybox "/bin/sh" 28 minutes ago Up 28 minutes test2
4e4298cae8d2 busybox "sh" 34 minutes ago Up 34 minutes test1
[root@zizhen02 ~]# docker network connect
"docker network connect" requires exactly 2 arguments.
See 'docker network connect --help'.
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
[root@zizhen02 ~]# docker network connect my-bridge test2
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a5950ee18ba0 bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# docker network inspect 831bb402cb76
[
{
"Name": "my-bridge",
"Id": "831bb402cb76aaf543a53652e1c24d7128b23ee34bcdf40f97e6d0dbb93dea48",
"Created": "2019-03-19T11:51:22.983099054+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"303720caaf49932f8d7a90538869d7a4e4d0dca79f788c867e2ac654be90b905": {
"Name": "test3",
"EndpointID": "9d2ab6fdee54e5000af6782919de76330d9b2acecd99add74e9653ed6ff1624c",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"3929edfaabbf9e483020bdddf16278527496e9cad87aa0068cadea32899d5c2a": {
"Name": "test2",
"EndpointID": "a04c261ab21a456e2c963644ae93b54077ca704d59df872f926545d989f97acf",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a5950ee18ba0 bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# docker network inspect a5950ee18ba0
[
{
"Name": "bridge",
"Id": "a5950ee18ba0f1ab93c5ae276f3123c4d657edef17d6fad9c5c13b23f952e507",
"Created": "2019-03-19T11:33:02.336302433+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"3929edfaabbf9e483020bdddf16278527496e9cad87aa0068cadea32899d5c2a": {
"Name": "test2",
"EndpointID": "75b242bb36530983d83a602e128838fc32854b38553108575db53cbe2505912f",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"4e4298cae8d2832a0381c3b722dd821f4bc29a1f5bc349eb755aa9a7a69417bd": {
"Name": "test1",
"EndpointID": "d6940d5fa36e857af209bafa330f23fab82dd685b1c89d5840b7c33953edf8c5",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@zizhen02 ~]#test2
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
10: eth0@if11:
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
15: eth1@if16:
link/ether 02:42:ac:12:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.3/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
/ #
33 Docker的端口映射;
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
303720caaf49 busybox "/bin/sh" 8 hours ago Up 8 hours test3
3929edfaabbf busybox "/bin/sh" 8 hours ago Up 8 hours test2
4e4298cae8d2 busybox "sh" 8 hours ago Up 8 hours test1
[root@zizhen02 ~]# docker container stop test1 test2 test3
test1
test2
test3
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@zizhen02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
303720caaf49 busybox "/bin/sh" 8 hours ago Exited (137) 12 seconds ago test3
3929edfaabbf busybox "/bin/sh" 8 hours ago Exited (137) 12 seconds ago test2
4e4298cae8d2 busybox "sh" 8 hours ago Exited (137) 12 seconds ago test1
[root@zizhen02 ~]# docker rm $(docker ps -aq)
303720caaf49
3929edfaabbf
4e4298cae8d2
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker run --name web -it nginx /bin/sh
##
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5f282b674f11 nginx "/bin/sh" 15 seconds ago Up 14 seconds 80/tcp web
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a5950ee18ba0 bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# docker network
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[root@zizhen02 ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "a5950ee18ba0f1ab93c5ae276f3123c4d657edef17d6fad9c5c13b23f952e507",
"Created": "2019-03-19T11:33:02.336302433+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"5f282b674f117e894241ff5a35b71c4e822531a0764c9794a9ab2f9e5d74a5f9": {
"Name": "web",
"EndpointID": "581ee02b485e99af966eae09c5c16800beb36c6800320c12a0bbd136f6c9cc82",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@zizhen02 ~]#
[root@zizhen02 ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.090 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.102 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.101 ms
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.090/0.097/0.102/0.012 ms
[root@zizhen02 ~]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.107/24 brd 192.168.1.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fecb:78e2/64 scope link
valid_lft forever preferred_lft forever
3: docker0:
link/ether 02:42:30:fa:6b:46 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:30ff:fefa:6b46/64 scope link
valid_lft forever preferred_lft forever
12: br-831bb402cb76:
link/ether 02:42:8c:b0:86:ee brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-831bb402cb76
valid_lft forever preferred_lft forever
inet6 fe80::42:8cff:feb0:86ee/64 scope link
valid_lft forever preferred_lft forever
22: vethc682429@if21:
link/ether be:55:99:e1:ae:0a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::bc55:99ff:fee1:ae0a/64 scope link
valid_lft forever preferred_lft forever
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a5950ee18ba0 bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# brctl show
bridge name bridge id STP enabled interfaces
br-831bb402cb76 8000.02428cb086ee no
docker0 8000.024230fa6b46 no vethc682429
[root@zizhen02 ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "a5950ee18ba0f1ab93c5ae276f3123c4d657edef17d6fad9c5c13b23f952e507",
"Created": "2019-03-19T11:33:02.336302433+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"5f282b674f117e894241ff5a35b71c4e822531a0764c9794a9ab2f9e5d74a5f9": {
"Name": "web",
"EndpointID": "581ee02b485e99af966eae09c5c16800beb36c6800320c12a0bbd136f6c9cc82",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@zizhen02 ~]#
[root@zizhen02 ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.087 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.051 ms
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.051/0.069/0.087/0.018 ms
[root@zizhen02 ~]# telnet 172.17.0.2 80
Trying 172.17.0.2...
Connected to 172.17.0.2.
Escape character is '^]'.
^CConnection closed by foreign host.
[root@zizhen02 ~]# curl https://172.17.0.2
curl: (7) Failed connect to 172.17.0.2:443; Connection refused
[root@zizhen02 ~]# curl http://172.17.0.2
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
Commercial support is available at
Thank you for using nginx.
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker run --name web -it nginx
172.17.0.1 - - [19/Mar/2019:12:08:16 +0000] "\xFF\xF4\xFF\xFD\x06" 400 157 "-" "-" "-"
172.17.0.1 - - [19/Mar/2019:12:08:43 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
34 网络的none(安全性,容器没有IP)和host(复制本机IP)
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
d3ae3a3a685b bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu-stress latest aee6e531355c 2 weeks ago 114MB
xiaoming163/python2.7-flask-hello latest b66a7f86bd45 2 weeks ago 918MB
xiaoming/centos-cmd latest 729b948e1319 2 weeks ago 202MB
xiaoming/centos-entrypoint-exec-new2 latest 249a9c95d9be 2 weeks ago 202MB
xiaoming/centos-entrypoint-shell latest 344ec38e6b59 2 weeks ago 202MB
xiaoming163/centos-vim-new latest f9f19d2bc847 2 weeks ago 335MB
ubuntu latest 94e814e2efa8 2 weeks ago 88.9MB
xiaoli163/hello-world latest a821094d0306 2 weeks ago 857kB
python 2.7 3be5dc25d0fa 3 weeks ago 914MB
nginx latest 881bd08c0b08 3 weeks ago 109MB
busybox latest d8233ab899d4 6 weeks ago 1.2MB
ubuntu 14.04 5dbc3f318ea5 2 months ago 188MB
centos latest 1e1148e4cc2c 3 months ago 202MB
[root@zizhen02 ~]# docker run -d --name test1 --network none centos /bin/sh -c "while true; do sleep 3600; done"
afbcac0fcf7bb5d9aa2ea7dd52016b63c81651cee73086c801d7167b0f0e76c9
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
afbcac0fcf7b centos "/bin/sh -c 'while t…" 8 seconds ago Up 5 seconds test1
[root@zizhen02 ~]# docker network
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[root@zizhen02 ~]# docker network inspect none
[
{
"Name": "none",
"Id": "04734d810393e035502143a42546df16f46c75d6b3bb9724a6d1e1fa1a06655b",
"Created": "2019-03-09T19:48:34.111853947+08:00",
"Scope": "local",
"Driver": "null",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": []
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"afbcac0fcf7bb5d9aa2ea7dd52016b63c81651cee73086c801d7167b0f0e76c9": {
"Name": "test1",
"EndpointID": "82f126807d6be5926a656b91dfe05c4677711fa5222b28b9d0225645bbfae6eb",
"MacAddress": "",
"IPv4Address": "",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
d3ae3a3a685b bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# docker exec -it test1 /bin/sh
sh-4.2#
sh-4.2#
sh-4.2# ip a
sh: ip: command not found
sh-4.2# ifconfig
sh: ifconfig: command not found
sh-4.2# ip a
sh: ip: command not found
sh-4.2# exit
exit
[root@zizhen02 ~]# docker exec -it test1 /bin/sh ip a
/bin/sh: ip: No such file or directory
[root@zizhen02 ~]# docker stop test1
test1
[root@zizhen02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
afbcac0fcf7b centos "/bin/sh -c 'while t…" 5 minutes ago Exited (137) 17 seconds ago test1
[root@zizhen02 ~]# docker rm test1
test1
[root@zizhen02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@zizhen02 ~]# docker run -d --name test1 --network host busybox /bin/sh -c "while true; do sleep 3600; done"
9658f41b026b65712fcd2cd05ef757a0cbd5359f05bca28511f8b5bb7d8270c7
[root@zizhen02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9658f41b026b busybox "/bin/sh -c 'while t…" 7 seconds ago Up 5 seconds test1
[root@zizhen02 ~]# docker network inspect host
[
{
"Name": "host",
"Id": "63c3ce67f785e1d720a641f279d9dc96854a6fc83cd2a81d73b564d9a3289434",
"Created": "2019-03-09T19:48:34.125978113+08:00",
"Scope": "local",
"Driver": "host",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": []
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"9658f41b026b65712fcd2cd05ef757a0cbd5359f05bca28511f8b5bb7d8270c7": {
"Name": "test1",
"EndpointID": "2d724f29c7c62b870b14839cb5e7c2e4a3dc9c617a108e1cb1b12aa1606202c4",
"MacAddress": "",
"IPv4Address": "",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@zizhen02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
d3ae3a3a685b bridge bridge local
63c3ce67f785 host host local
831bb402cb76 my-bridge bridge local
04734d810393 none null local
[root@zizhen02 ~]# docker exec -it test1 /bin/sh
/ #
/ #
/ # ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.107/24 brd 192.168.1.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.1.110/24 brd 192.168.1.255 scope global secondary dynamic ens33
valid_lft 6019sec preferred_lft 6019sec
inet6 fe80::20c:29ff:fecb:78e2/64 scope link
valid_lft forever preferred_lft forever
3: br-831bb402cb76:
link/ether 02:42:56:03:f8:a5 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-831bb402cb76
valid_lft forever preferred_lft forever
4: docker0:
link/ether 02:42:0b:b3:c0:6a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
/ # exit
[root@zizhen02 ~]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:cb:78:e2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.107/24 brd 192.168.1.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.1.110/24 brd 192.168.1.255 scope global secondary dynamic ens33
valid_lft 6004sec preferred_lft 6004sec
inet6 fe80::20c:29ff:fecb:78e2/64 scope link
valid_lft forever preferred_lft forever
3: br-831bb402cb76:
link/ether 02:42:56:03:f8:a5 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-831bb402cb76
valid_lft forever preferred_lft forever
4: docker0:
link/ether 02:42:0b:b3:c0:6a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
[root@zizhen02 ~]#
35Docker在多容器中部署:(-e参数在容器中设置环境变量)
[root@zizhen02 ~]# mkdir flask-redis
[root@zizhen02 ~]# cd flask-redis/
[root@zizhen02 flask-redis]# pwd
/root/flask-redis
[root@zizhen02 flask-redis]# vim Dockerfile
[root@zizhen02 flask-redis]# more Dockerfile
FROM python:2.7
LABEL maintaner="Xiao ming"
COPY . /app
WORKDIR /app
RUN pip install flask redis
EXPOSE 5000
CMD [ "python","app.py" ]
[root@zizhen02 flask-redis]# ls
Dockerfile
[root@zizhen02 flask-redis]# vim app.py
[root@zizhen02 flask-redis]# more app.py
from flask import Flask
from redis import Redis
import os
import socket
app = Flask(__name__)
redis = Redis(host=os.environ.get('REDIS_HOST','127.0.0.1'), port=6379)
@app.route('/')
def hello():
redis.incr('hits')
return 'Hello Container world! I have been seen %s times and my hostname is %s.\n' % (redis.get('hit
s'),socket.gethostname())
if __name__=="__main__":
app.run(host="0.0.0.0", port=5000, debug=True)
[root@zizhen02 flask-redis]#
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9658f41b026b busybox "/bin/sh -c 'while t…" About an hour ago Up About an hour test1
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@zizhen02 flask-redis]# docker run -d --name redis redis
67bd34c155034966f903d2f6d446012846a996855c08fa7dc7f98c34b8addf2a
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
67bd34c15503 redis "docker-entrypoint.s…" 7 seconds ago Up 4 seconds 6379/tcp redis
[root@zizhen02 flask-redis]# docker build -t xiaoming163/flask-redis
"docker build" requires exactly 1 argument.
See 'docker build --help'.
Usage: docker build [OPTIONS] PATH | URL | -
Build an image from a Dockerfile
[root@zizhen02 flask-redis]# ls
app.py Dockerfile
[root@zizhen02 flask-redis]# docker build -t xiaoming163/flask-redis .
Sending build context to Docker daemon 3.072kB
Step 1/7 : FROM python:2.7
---> 3be5dc25d0fa
Step 2/7 : LABEL maintaner="Xiao ming"
---> Running in 9d474f0860e0
Removing intermediate container 9d474f0860e0
---> 84f0c1ed87e0
Step 3/7 : COPY . /app
---> 91afb3fb25e6
Step 4/7 : WORKDIR /app
---> Running in 8e306dfce059
Removing intermediate container 8e306dfce059
---> 5bd7c1fb4f3b
Step 5/7 : RUN pip install flask redis
---> Running in a0085bc60886
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7.
Collecting flask
Downloading https://files.pythonhosted.org/packages/7f/e7/08578774ed4536d3242b14dacb4696386634607af824ea997202cd0edb4b/Flask-1.0.2-py2.py3-none-any.whl (91kB)
Collecting redis
Downloading https://files.pythonhosted.org/packages/ac/a7/cff10cc5f1180834a3ed564d148fb4329c989cbb1f2e196fc9a10fa07072/redis-3.2.1-py2.py3-none-any.whl (65kB)
Collecting itsdangerous>=0.24 (from flask)
Downloading https://files.pythonhosted.org/packages/76/ae/44b03b253d6fade317f32c24d100b3b35c2239807046a4c953c7b89fa49e/itsdangerous-1.1.0-py2.py3-none-any.whl
Collecting Jinja2>=2.10 (from flask)
Downloading https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl (126kB)
Collecting Werkzeug>=0.14 (from flask)
Downloading https://files.pythonhosted.org/packages/24/4d/2fc4e872fbaaf44cc3fd5a9cd42fda7e57c031f08e28c9f35689e8b43198/Werkzeug-0.15.1-py2.py3-none-any.whl (328kB)
Collecting click>=5.1 (from flask)
Downloading https://files.pythonhosted.org/packages/fa/37/45185cb5abbc30d7257104c434fe0b07e5a195a6847506c074527aa599ec/Click-7.0-py2.py3-none-any.whl (81kB)
Collecting MarkupSafe>=0.23 (from Jinja2>=2.10->flask)
Downloading https://files.pythonhosted.org/packages/fb/40/f3adb7cf24a8012813c5edb20329eb22d5d8e2a0ecf73d21d6b85865da11/MarkupSafe-1.1.1-cp27-cp27mu-manylinux1_x86_64.whl
Installing collected packages: itsdangerous, MarkupSafe, Jinja2, Werkzeug, click, flask, redis
Successfully installed Jinja2-2.10 MarkupSafe-1.1.1 Werkzeug-0.15.1 click-7.0 flask-1.0.2 itsdangerous-1.1.0 redis-3.2.1
Removing intermediate container a0085bc60886
---> 515d6e526f2d
Step 6/7 : EXPOSE 5000
---> Running in a1add999fcee
Removing intermediate container a1add999fcee
---> bb4895bebac6
Step 7/7 : CMD [ "python","app.py" ]
---> Running in 0e036491cdf4
Removing intermediate container 0e036491cdf4
---> ff38b69e7d87
Successfully built ff38b69e7d87
Successfully tagged xiaoming163/flask-redis:latest
[root@zizhen02 flask-redis]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
xiaoming163/flask-redis latest ff38b69e7d87 14 seconds ago 919MB
oraclelinux latest 62a654b8236d 30 hours ago 235MB
python 3.6 2bb3204ab1d1 3 days ago 924MB
redis latest a55fbf438dfd 4 days ago 95MB
ubuntu-stress latest aee6e531355c 2 weeks ago 114MB
xiaoming163/python2.7-flask-hello latest b66a7f86bd45 2 weeks ago 918MB
xiaoming/centos-cmd latest 729b948e1319 2 weeks ago 202MB
xiaoming/centos-entrypoint-exec-new2 latest 249a9c95d9be 2 weeks ago 202MB
xiaoming/centos-entrypoint-shell latest 344ec38e6b59 2 weeks ago 202MB
xiaoming163/centos-vim-new latest f9f19d2bc847 2 weeks ago 335MB
ubuntu latest 94e814e2efa8 2 weeks ago 88.9MB
xiaoli163/hello-world latest a821094d0306 2 weeks ago 857kB
python 2.7 3be5dc25d0fa 3 weeks ago 914MB
nginx latest 881bd08c0b08 3 weeks ago 109MB
busybox latest d8233ab899d4 6 weeks ago 1.2MB
ubuntu 14.04 5dbc3f318ea5 2 months ago 188MB
centos latest 1e1148e4cc2c 3 months ago 202MB
[root@zizhen02 flask-redis]# docker run -d --link redis --name flask-redis -e REDIS_HOST=redis xiaoming163/flask-redis
25f34556015a9a96421494478c8375d77f052ad59a726662550616c7a62accc8
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
25f34556015a xiaoming163/flask-redis "python app.py" 7 seconds ago Up 5 seconds 5000/tcp flask-redis
67bd34c15503 redis "docker-entrypoint.s…" 15 minutes ago Up 14 minutes 6379/tcp redis
[root@zizhen02 flask-redis]# docker exec -it flask-redis /bin/bash
root@25f34556015a:/app#
root@25f34556015a:/app# env
REDIS_PORT_6379_TCP_PROTO=tcp
REDIS_PORT=tcp://172.17.0.2:6379
REDIS_NAME=/flask-redis/redis
LANG=C.UTF-8
HOSTNAME=25f34556015a
REDIS_PORT_6379_TCP_ADDR=172.17.0.2
REDIS_PORT_6379_TCP=tcp://172.17.0.2:6379
GPG_KEY=C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF
PYTHONIOENCODING=UTF-8
REDIS_ENV_REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-5.0.4.tar.gz
REDIS_HOST=redis
PWD=/app
HOME=/root
REDIS_PORT_6379_TCP_PORT=6379
TERM=xterm
REDIS_ENV_REDIS_DOWNLOAD_SHA=3ce9ceff5a23f60913e1573f6dfcd4aa53b42d4a2789e28fa53ec2bd28c987dd
REDIS_ENV_GOSU_VERSION=1.10
PYTHON_VERSION=2.7.16
SHLVL=1
PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
REDIS_ENV_REDIS_VERSION=5.0.4
PYTHON_PIP_VERSION=19.0.3
_=/usr/bin/env
root@25f34556015a:/app# ping redis
PING redis (172.17.0.2) 56(84) bytes of data.
64 bytes from redis (172.17.0.2): icmp_seq=1 ttl=64 time=0.371 ms
64 bytes from redis (172.17.0.2): icmp_seq=2 ttl=64 time=0.116 ms
64 bytes from redis (172.17.0.2): icmp_seq=3 ttl=64 time=0.119 ms
^C
--- redis ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.116/0.202/0.371/0.119 ms
root@25f34556015a:/app# redis:6379
bash: redis:6379: command not found
root@25f34556015a:/app# curl 127.0.0.1:5000
Hello Container world! I have been seen 1 times and my hostname is 25f34556015a.
root@25f34556015a:/app# curl 127.0.0.1:5000
Hello Container world! I have been seen 2 times and my hostname is 25f34556015a.
root@25f34556015a:/app# curl 127.0.0.1:5000
Hello Container world! I have been seen 3 times and my hostname is 25f34556015a.
root@25f34556015a:/app# curl 127.0.0.1:5000
Hello Container world! I have been seen 4 times and my hostname is 25f34556015a.
root@25f34556015a:/app# curl 127.0.0.1:5000
Hello Container world! I have been seen 5 times and my hostname is 25f34556015a.
root@25f34556015a:/app# redis
bash: redis: command not found
root@25f34556015a:/app# exit
exit
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
25f34556015a xiaoming163/flask-redis "python app.py" 4 minutes ago Up 4 minutes 5000/tcp flask-redis
67bd34c15503 redis "docker-entrypoint.s…" 18 minutes ago Up 18 minutes 6379/tcp redis
[root@zizhen02 flask-redis]# curl 127.0.0.1:5000
curl: (7) Failed connect to 127.0.0.1:5000; Connection refused
[root@zizhen02 flask-redis]#
[root@zizhen02 flask-redis]# docker stop redis
redis
[root@zizhen02 flask-redis]# docker start redis
redis
[root@zizhen02 flask-redis]# docker stop flask-redis
flask-redis
[root@zizhen02 flask-redis]# docker rm flask-redis
flask-redis
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
67bd34c15503 redis "docker-entrypoint.s…" 21 minutes ago Up 53 seconds 6379/tcp redis
[root@zizhen02 flask-redis]# docker run -d -p 5000:5000 --link redis --name flask-redis -e REDIS_HOST=redis xiaoming163/flask-redis
e9508debfcf81e0acfbc77165c92a97d162764c65e306da013b6df25f9aa7070
[root@zizhen02 flask-redis]#
[root@zizhen02 flask-redis]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e9508debfcf8 xiaoming163/flask-redis "python app.py" 6 seconds ago Up 4 seconds 0.0.0.0:5000->5000/tcp flask-redis
67bd34c15503 redis "docker-entrypoint.s…" 21 minutes ago Up About a minute 6379/tcp redis
[root@zizhen02 flask-redis]# curl 127.0.0.1:5000
Hello Container world! I have been seen 6 times and my hostname is e9508debfcf8.
[root@zizhen02 flask-redis]# curl 127.0.0.1:5000
Hello Container world! I have been seen 7 times and my hostname is e9508debfcf8.
[root@zizhen02 flask-redis]# curl 127.0.0.1:5000
Hello Container world! I have been seen 8 times and my hostname is e9508debfcf8.
[root@zizhen02 flask-redis]# curl 127.0.0.1:5000
Hello Container world! I have been seen 9 times and my hostname is e9508debfcf8.
[root@zizhen02 flask-redis]# curl 127.0.0.1:5000
Hello Container world! I have been seen 10 times and my hostname is e9508debfcf8.
[root@zizhen02 flask-redis]#
-e 参数的使用
[root@zizhen02 ~]# docker run -d --name test2 -e PENG=xiaoming busybox /bin/sh -c "while true; do sleep 3600; done"
a5de8377b6259dc336168f1ea7e58ee5cc6181089230b5bc33ed7d9d686c2eaf
[root@zizhen02 ~]# docker exec -it test2 /bin/sh
/ # env
HOSTNAME=a5de8377b625
SHLVL=1
HOME=/root
TERM=xterm
PENG=xiaoming
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
/ # exit
[root@zizhen02 ~]#
[root@zizhen02 ~]#
[root@zizhen02 ~]# docker run -d --name test3 -e PENG=lili busybox /bin/sh -c "while true; do sleep 3600; done"
c51f1e7cb1d6babcdd13c75f49ca49de8b7256ed7a53497af63737ec6d3313df
[root@zizhen02 ~]# docker exec -it test3 /bin/sh
/ #
/ # env
HOSTNAME=c51f1e7cb1d6
SHLVL=1
HOME=/root
TERM=xterm
PENG=lili
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
/ #
36,37 Docke overlay网络和etcd通信