探索云原生技术之基石-Docker容器高级篇(2)
❤️作者简介:2022新星计划第三季云原生与云计算赛道Top5、华为云享专家、云原生领域潜力新星
博客首页:C站个人主页
作者目的:如有错误请指正,将来会不断的完善笔记,帮助更多的Java爱好者入门,共同进步!
文章目录
-
- 探索云原生技术之基石-Docker容器高级篇(2)
-
- Dockerfile详解
-
- 常用关键字
- Dockerfile(实战1)
- Dockerfile构建centos+java10(实战2)
- Dockerfile+SpringBoot微服务项目(实战3)
-
- 问题1:运行微服务镜像失败
-
- 解决办法
- Docker网络
-
- docker network命令帮助
- 4种网络模式
- docker inspect获取容器信息
- 网络的应用(实战)
-
- 为什么要自定义网络
- 删除网络
探索云原生技术之基石-Docker容器高级篇(2)
本博文一共有7篇,如下
- 探索云原生技术之基石-Docker容器入门篇(1)
- 探索云原生技术之基石-Docker容器入门篇(2)
- 探索云原生技术之基石-Docker容器入门篇(3)
- 探索云原生技术之基石-Docker容器入门篇(4),=>由于篇幅过长,所以另起一篇
等你对Docker有一定理解的时候可以看高级篇,不过不太建议。
- 探索云原生技术之基石-Docker容器高级篇(1)
- 探索云原生技术之基石-Docker容器高级篇(2)
- 探索云原生技术之基石-Docker容器高级篇(3)
剧透:未来将出云原生技术-Kubernetes(k8s),此时的你可以对Docker进行统一管理、动态扩缩容等等。
看完之后你会对Docker有一定的理解,并能熟练的使用Docker进行容器化开发、以及Docker部署微服务、Docker网络等等。干起来!
Dockerfile详解
常用关键字
-
FROM:构建的镜像的基础镜像。
-
MAINTAINER:镜像的维护者姓名或者邮箱地址。
-
RUN:镜像构建时(docker build)将会执行该命令(注意:每一次RUN都会构建一层)
-
CMD:容器运行时(docker run)将会执行该命令(注意:容器启动的命令,如果有多个则以最后一个为准(前面的CMD会被最后一个CMD覆盖),也可以为ENTRYPOINT提供参数)
-
VOLUME:容器数据卷,仅仅能指定容器里面的目录,然后会自动分配一个宿主机目录与之绑定。(不能指定宿主机的目录和-v参数不同)
-
ADD:复制➕自动解压缩(简而言之就是COPY+自动解压缩,COPY的增强版)。
-
COPY:和ADD类似,都有复制的意义,但是不会解压缩。
-
ENTRYPOINT:运行容器时执行的shell命令。
-
EXPOSE:暴露端口号
-
ENV:设置容器环境变量(设置变量属性值,容器内部也会起作用)
-
USER:为RUN、CMD、和 ENTRYPOINT 执行命令指定运行用户(较少用)
-
WORKDIR:为 RUN、CMD、ENTRYPOINT、COPY 和 ADD 设置工作目录,就是切换目录,简而言之就是当我们进入容器内部的默认目录。
-
HEALTHCHECH:健康检查(较少用)
-
ARG:构建时指定参数
Dockerfile(实战1)
vim Dockerfile
- 内容如下:
FROM ubuntu:latest
MAINTAINER youzhengjie<[email protected]>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN echo "RUN--->hello ubuntu1"
RUN echo "RUN--->hello ubuntu2"
EXPOSE 80
CMD echo "CMD--->hello ubuntu1"
CMD echo "CMD--->hello ubuntu2"
CMD /bin/bash
- 构建镜像
[root@aubin dc]# docker build -t myubuntu9:3.1 .
Sending build context to Docker daemon 2.048kB
Step 1/10 : FROM ubuntu:latest
---> ba6acccedd29
Step 2/10 : MAINTAINER youzhengjie<1550324080@qq.com>
---> Running in d35296dbb171
Removing intermediate container d35296dbb171
---> d83366611306
Step 3/10 : ENV MYPATH /usr/local
---> Running in 148d7365d403
Removing intermediate container 148d7365d403
---> 77dffad12d15
Step 4/10 : WORKDIR $MYPATH
---> Running in beb4c0ac3435
Removing intermediate container beb4c0ac3435
---> 309649b57915
Step 5/10 : RUN echo "RUN--->hello ubuntu1"
---> Running in 064b6a6bcb37
RUN--->hello ubuntu1
Removing intermediate container 064b6a6bcb37
---> daddf2c42fd1
Step 6/10 : RUN echo "RUN--->hello ubuntu2"
---> Running in 827c94f312c2
RUN--->hello ubuntu2
Removing intermediate container 827c94f312c2
---> 0cb85f694c60
Step 7/10 : EXPOSE 80
---> Running in ec15bbeb62c9
Removing intermediate container ec15bbeb62c9
---> 3f777dd9eac9
Step 8/10 : CMD echo "CMD--->hello ubuntu1"
---> Running in b11439ac7b11
Removing intermediate container b11439ac7b11
---> 60a1e78eff8c
Step 9/10 : CMD echo "CMD--->hello ubuntu2"
---> Running in ea7bd505d595
Removing intermediate container ea7bd505d595
---> cd8a17d04f66
Step 10/10 : CMD /bin/bash
---> Running in 43c0fbc2728c
Removing intermediate container 43c0fbc2728c
---> dc33567bdde0
Successfully built dc33567bdde0
Successfully tagged myubuntu9:3.1
- 优化一下,可以把多余的RUN舍去。
FROM ubuntu:latest
MAINTAINER youzhengjie<[email protected]>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN echo "RUN--->hello ubuntu1" \
&& echo "RUN--->hello ubuntu2"
EXPOSE 80
CMD echo "CMD--->hello ubuntu1"
CMD echo "CMD--->hello ubuntu2"
CMD /bin/bash
- 再次进行构建
[root@aubin dc]# docker build -t myubuntu9:4.1 .
Sending build context to Docker daemon 2.048kB
Step 1/9 : FROM ubuntu:latest
---> ba6acccedd29
Step 2/9 : MAINTAINER youzhengjie<1550324080@qq.com>
---> Running in 24d24c8399e2
Removing intermediate container 24d24c8399e2
---> c65a88e33529
Step 3/9 : ENV MYPATH /usr/local
---> Running in bbc59635fbd4
Removing intermediate container bbc59635fbd4
---> 0bca06d97095
Step 4/9 : WORKDIR $MYPATH
---> Running in e0535d2c6fd4
Removing intermediate container e0535d2c6fd4
---> af7c365c8e51
Step 5/9 : RUN echo "RUN--->hello ubuntu1" && echo "RUN--->hello ubuntu2"
---> Running in 50acd599101b
RUN--->hello ubuntu1
RUN--->hello ubuntu2
Removing intermediate container 50acd599101b
---> 401489dae859
Step 6/9 : EXPOSE 80
---> Running in 2bf7c8cf21c2
Removing intermediate container 2bf7c8cf21c2
---> 6d5297967bf8
Step 7/9 : CMD echo "CMD--->hello ubuntu1"
---> Running in 39a16548458a
Removing intermediate container 39a16548458a
---> 8cff1e5fc805
Step 8/9 : CMD echo "CMD--->hello ubuntu2"
---> Running in 6a021819b6be
Removing intermediate container 6a021819b6be
---> 4600b91d4a53
Step 9/9 : CMD /bin/bash
---> Running in e9e40cf4f6ba
Removing intermediate container e9e40cf4f6ba
---> 3aca036254ec
Successfully built 3aca036254ec
Successfully tagged myubuntu9:4.1
-
总结:我们可以发现少了一层镜像!!!!这将会起到优化的效果
-
进入我们构建好的镜像容器
docker run -it myubuntu9:4.1 /bin/bash
root@ad0268623aec:/usr/local# ls
可以发现我们一进入容器内部就自动切换到/usr/local目录,因为我们设置的WORKDIR。
Dockerfile构建centos+java10(实战2)
-
目的:在centos镜像的基础上加入vim、net-tools和java10环境。
-
1:先去oracle官网下载jdk-10.0.2_linux-x64_bin.tar压缩包,并且传到我们即将编写的Dockerfile同一个目录下(必须是同一个目录)。
-
2:创建Dockerfile文件(名字必须为这个,大小写都不能变)
vim Dockerfile
- 3:编写Dockerfile文件内容
FROM centos
MAINTAINER youzhengjie<[email protected]>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim \
&& yum -y install net-tools \
&& yum -y install glibc.i686 \
&& mkdir /usr/local/java
ADD jdk-10.0.2_linux-x64_bin.tar.gz /usr/local/java/
ENV JAVA_HOME /usr/local/java/jdk-10.0.2
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH
ENV PATH $JAVA_HOME/bin:$PATH
EXPOSE 80
CMD echo $MYPATH
CMD echo "Java build success!!! "
CMD /bin/bash
- 4:构建Dockerfile镜像
docker build -t centos-java:10.0 .
Dockerfile+SpringBoot微服务项目(实战3)
- Java代码:
- 注意:由于我们下面的FROM java:8的原因,使得编写Java代码并且打jar包的jdk环境必须为JDK1.8,作者当时使用的是JDK10进行编写代码打jar包,虽然docker build可以正常运行,但是docker run我们那个项目镜像就会报版本不一致的错误,所以后面又重新装了JDK1.8来演示这个案例。
package com.boot.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.UUID;
@RestController
@RequestMapping(path = "/test")
public class TestController {
@GetMapping(path = "/randomId")
public String responseRandomId(){
return UUID.randomUUID().toString().replaceAll("-","");
}
}
package com.boot;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class SimpleApplication {
public static void main(String[] args) {
SpringApplication.run(SimpleApplication.class,args);
}
}
- 使用maven插件将其打成jar包。名字为:simple-java-1.0-SNAPSHOT.jar
- 将simple-java-1.0-SNAPSHOT.jar用xftp上传到centos7系统上面去。
- 编写Dockerfile文件
vim Dockerfile
- 内容如下:
FROM java:8
MAINTAINER youzhengjie<[email protected]>
VOLUME /tmp
ADD simple-java-1.0-SNAPSHOT.jar simpleTest.jar
ENTRYPOINT ["java","-jar","simpleTest.jar"]
EXPOSE 8080
- 等待Docker build构建我们的SpringBoot微服务镜像:
[root@aubin mservice]# docker build -t simple-java .
Sending build context to Docker daemon 75.99MB
Step 1/6 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Downloading [=================> ] 45.67MB/130.1MB
bb9cdec9c7f3: Download complete
- 构建SpringBoot微服务镜像成功:
[root@aubin mservice]# docker build -t simple-java .
Sending build context to Docker daemon 75.99MB
Step 1/6 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:8
---> d23bdf5b1b1b
Step 2/6 : MAINTAINER youzhengjie<1550324080@qq.com>
---> Running in 9f5235caca9e
Removing intermediate container 9f5235caca9e
---> d3a68015534b
Step 3/6 : VOLUME /tmp
---> Running in a0421ee34d11
Removing intermediate container a0421ee34d11
---> fdac864986c8
Step 4/6 : ADD simple-java-1.0-SNAPSHOT.jar simpleTest.jar
---> 8afe328a826c
Step 5/6 : ENTRYPOINT ["java","-jar","simpleTest.jar"]
---> Running in 7516af6adb4d
Removing intermediate container 7516af6adb4d
---> 96adcafc23a1
Step 6/6 : EXPOSE 8080
---> Running in 6c498b3fd205
Removing intermediate container 6c498b3fd205
---> dc17cb44f4dd
Successfully built dc17cb44f4dd
Successfully tagged simple-java:latest
- 查看一下我们本地镜像:
[root@aubin mservice]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
simple-java latest dc17cb44f4dd 52 seconds ago 661MB
java 8 d23bdf5b1b1b 5 years ago 643MB
[root@aubin mservice]#
可以看到我们Dockerfile文件的FROM java:8实际上就是下载按照java8的docker镜像。
simple-java 就是我们的SpringBoot微服务项目镜像。
- 最后使用docker run运行这个simple-java镜像即可。
[root@aubin mservice]# docker run -it -p 8080:8080 --name smp simple-java
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.5.9)
2022-05-16 17:00:45.226 INFO 1 --- [ main] com.boot.SimpleApplication : Starting SimpleApplication using Java 1.8.0_111 on b5ea2c619d65 with PID 1 (/simpleTest.jar started by root in /)
2022-05-16 17:00:45.243 INFO 1 --- [ main] com.boot.SimpleApplication : No active profile set, falling back to default profiles: default
2022-05-16 17:00:46.508 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2022-05-16 17:00:46.535 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2022-05-16 17:00:46.535 INFO 1 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.56]
2022-05-16 17:00:46.622 INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2022-05-16 17:00:46.622 INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1223 ms
2022-05-16 17:00:47.044 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
2022-05-16 17:00:47.052 INFO 1 --- [ main] com.boot.SimpleApplication : Started SimpleApplication in 2.306 seconds (JVM running for 2.747)
- 使用curl来访问一下我们项目的接口:
[root@aubin mservice]# curl 192.168.184.132:8080/test/randomId
61a0557d346049a9b4d7a667578c94e2
问题1:运行微服务镜像失败
[root@aubin m2]# docker run -it -p 8080:8080 --name smp simple-java
WARNING: IPv4 forwarding is disabled. Networking will not work.
Exception in thread "main" java.lang.UnsupportedClassVersionError: com/boot/XXXApplication has been compiled by a more recent version of the Java Runtime (class file version 54.0), this version of the Java Runtime only recognizes class file versions up to 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:763)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)
at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at org.springframework.boot.loader.LaunchedURLClassLoader.loadClass(LaunchedURLClassLoader.java:151)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:46)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:88)
解决办法
- 上面这种情况就是因为你编写Java代码和打包项目使用的JDK环境和Dockerfile指定的JDK环境不一致造成的。
- 由于我们Dockerfile指定的是java:8,所以我们编写Java代码和打包项目使用的JDK版本应该换成JDK8。
Docker网络
[root@aubin dc]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:ffff:fe2a:e623 prefixlen 64 scopeid 0x20<link>
ether 02:42:ff:2a:e6:23 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13 bytes 1768 (1.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker network命令帮助
[root@aubin dc]# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
4种网络模式
[root@aubin dc]# docker network ls
NETWORK ID NAME DRIVER SCOPE
8c1bb35ef410 bridge bridge local
22fb71d0775a host host local
deeb8c6478cc none null local
- bridge模式:桥接网络(默认使用的是这个)。
- 特点是:该模式下的容器的IP地址和网络配置都是独一无二的,并且都有eth0和网桥docker0的veth接口与之一一对应,该模式下的容器与宿主机(或者是容器)之间的通信都需要经过网桥docker0的veth接口。
格式如下:
docker run -it --network bridge --name p1 alpine:latest /bin/sh
或者:
docker run -it --name p1 alpine:latest /bin/sh
查看网络配置:(特点是有eth0接口和lo本地回环,ip和网络配置是唯一的)
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:586 (586.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- host模式:容器和宿主机共享network namespace。
- 特点是:该模式下的容器的IP地址和网络配置全都和本机(Linux宿主机)一模一样。
格式如下:
docker run -it --network host --name p1 alpine:latest /bin/sh
查看网络配置:(特点是和Linux宿主机的ifconfig获取的内容是一模一样的。)
/ # ifconfig
br-44089e4e0ce4 Link encap:Ethernet HWaddr 02:42:7C:C9:EE:0F
inet addr:172.19.0.1 Bcast:172.19.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:7cff:fec9:ee0f/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:252 (252.0 B) TX bytes:1768 (1.7 KiB)
docker0 Link encap:Ethernet HWaddr 02:42:AB:28:FD:D4
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:abff:fe28:fdd4/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:17 errors:0 dropped:0 overruns:0 frame:0
TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:926 (926.0 B) TX bytes:3275 (3.1 KiB)
ens33 Link encap:Ethernet HWaddr 00:0C:29:23:28:59
inet addr:192.168.184.132 Bcast:192.168.184.255 Mask:255.255.255.0
inet6 addr: fe80::5c87:5037:8d1d:7650/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6989 errors:0 dropped:0 overruns:0 frame:0
TX packets:3719 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3530243 (3.3 MiB) TX bytes:567285 (553.9 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:108 errors:0 dropped:0 overruns:0 frame:0
TX packets:108 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9180 (8.9 KiB) TX bytes:9180 (8.9 KiB)
virbr0 Link encap:Ethernet HWaddr 52:54:00:C0:74:37
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- container模式:容器和另外一个容器共享network namespace。例如kubernates中的pod就是多个容器共享一个network namespace。
- 特点是:该模式下的容器的IP地址和网络配置全都和绑定在一起的另外一个容器的IP和网络配置一模一样。
格式如下:
docker run -it --name p1 alpine:latest /bin/sh
docker run -it --network container:p1 --name p2 alpine:latest /bin/sh
查看网络配置:(特点是和p1容器的ip和网络配置是一模一样的。)
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:656 (656.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- none模式:容器有独立的network namespace,但没有对其进行过网络配置,例如IP这些都是没有的。(非常少用)
- 特点是:该模式下的容器有独立的network namespace,但是并没有作任何的网络配置,包括IP地址都是没有的,只有本地回环(lo),如果需要网络配置必须要进行手动配置。所以该配置很少用。
格式如下:
docker run -it --network none --name p1 alpine:latest /bin/sh
查看网络配置:(可以看到只有一个lo本地回环。)
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
docker inspect获取容器信息
docker run -it --name u1 ubuntu /bin/bash
docker run -it --name u2 ubuntu /bin/bash
- 查看u1的细节
docker inspect u1
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "8c1bb35ef410947e363a2164eb5d890a5d4127808f9d662c086356fafcd4e580",
"EndpointID": "922775fda0f969a67dadfe45f0cf2946b1b4c0471c22805e25015e63c7f92be0",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
}
- 查看u2的细节
docker inspect u2
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "8c1bb35ef410947e363a2164eb5d890a5d4127808f9d662c086356fafcd4e580",
"EndpointID": "dbb752f8ac376c7159e370be862f32b972844c7985ed9c593e34eb75234be7d3",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:04",
"DriverOpts": null
}
}
- 从上面可以看到每个容器IPAddress,并且默认都是bridge模式。
网络的应用(实战)
-
由于Ubuntu没有ping命令,为了方便演示案例,我们使用一个极其小的Linux(alpine),大小仅仅才5.5M。alpine自带了ping命令。
-
搜索alpine镜像:
[root@aubin ~]# docker search alpine
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
alpine A minimal Docker image based on Alpine Linux… 8742 [OK]
- 拉取最新的alpine镜像:
docker pull alpine:latest
- 启动两个alpine实例:
docker run -it --name p1 alpine:latest /bin/sh
docker run -it --name p2 alpine:latest /bin/sh
[root@aubin ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1eccdf19e591 alpine:latest "/bin/sh" 4 seconds ago Up 3 seconds p2
6a4f18edc677 alpine:latest "/bin/sh" 9 seconds ago Up 9 seconds p1
- 查看这两个alpine的ip地址:
p1:(ip=172.17.0.2)
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
p2:(ip=172.17.0.3)
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
- 进入p1容器内,去ping一下p2的ip地址:
/ # ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=1.928 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.072 ms
- 进入p2容器内,去ping一下p1的ip地址:
/ # ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.096 ms
64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.104 ms
发现在容器内部去ping对方的ip是完全可以ping通的,因为他们属于同一网段(172.17.0.x)
- 我们进入p1的容器内,去ping一下p2的容器名
/ # ping p2
ping: bad address 'p2'
- 我们进入p2的容器内,去ping一下p1的容器名
/ # ping p1
ping: bad address 'p1'
发现完全ping不同!!!所以这时候需要我们自定义网络还解决这个问题了。
- 自定义网络(创建网络):
docker network create mynetwork
- 先把刚刚的镜像删除掉,我们这里为了快捷直接删除全部容器(生产环境不可以这样):
docker rm -f $(docker ps -aq)
- 分别运行容器p1和p2两个容器,并指定网络为自定义网络(mynetwork):
docker run -it --network mynetwork --name p1 alpine:latest /bin/sh
docker run -it --network mynetwork --name p2 alpine:latest /bin/sh
[root@aubin ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0c0f4fed8535 alpine:latest "/bin/sh" 5 seconds ago Up 5 seconds p2
9f56283c1469 alpine:latest "/bin/sh" 10 seconds ago Up 9 seconds p1
- 我们进入p1的容器内,去ping一下p2的容器名
/ # ping p2
PING p2 (172.19.0.3): 56 data bytes
64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.094 ms
64 bytes from 172.19.0.3: seq=1 ttl=64 time=0.075 ms
64 bytes from 172.19.0.3: seq=2 ttl=64 time=0.072 ms
- 我们进入p2的容器内,去ping一下p1的容器名
/ # ping p1
PING p1 (172.19.0.2): 56 data bytes
64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.075 ms
64 bytes from 172.19.0.2: seq=1 ttl=64 time=0.095 ms
总结:我们通过自定义网络解决了无法通过容器名去ping的问题。
为什么要自定义网络
- 我们查看刚刚那两个容器的ip,发现和刚刚使用bridge模式的ip不一样
- p1:172.19.0.2
- p2:172.19.0.3
[root@aubin ~]# docker exec -it p1 /bin/sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:13:00:02
inet addr:172.19.0.2 Bcast:172.19.255.255 Mask:255.255.0.0
[root@aubin ~]# docker exec -it p2 /bin/sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:13:00:03
inet addr:172.19.0.3 Bcast:172.19.255.255 Mask:255.255.0.0
- 把p2的容器给停掉:
docker stop p2
- 启动一个新的容器p3:
docker run -it --network mynetwork --name p3 alpine:latest /bin/sh
- 查看p3的ip地址:
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:13:00:03
inet addr:172.19.0.3 Bcast:172.19.255.255 Mask:255.255.0.0
总结:我们可以看到p3的ip地址是刚刚被停掉的p2容器的ip地址!!!!
- 重新启动刚刚被停掉的p2容器:
[root@aubin ~]# docker restart p2
p2
[root@aubin ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f8437f57467c alpine:latest "/bin/sh" 4 minutes ago Up 4 minutes p3
0c0f4fed8535 alpine:latest "/bin/sh" 37 minutes ago Up 3 seconds p2
9f56283c1469 alpine:latest "/bin/sh" 37 minutes ago Up 37 minutes p1
- 进入p2容器,并查看其ip地址:
[root@aubin ~]# docker exec -it p2 /bin/sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:13:00:04
inet addr:172.19.0.4 Bcast:172.19.255.255 Mask:255.255.0.0
我们可以看到之前p2的ip地址(172.19.0.3)已经被p3给抢了,变成了(172.19.0.4)!!!!
- 由此可见,容器的ip地址受到容器的状态影响,若容器宕机了,重新启动可能会导致ip地址的变更;
- 假如我们的p1容器需要调用p2,若按照p2的ip地址来调用的话,之前p2的ip地址是172.19.0.3,此时p2宕机了,但是同时又启动了新容器p3(p2的ip地址就会被抢走),过后我们重新启动刚刚宕机了p2容器,但是ip地址变成了(172.19.0.4)。
- 重点:如果p1容器是按照p2的ip地址来调用,一定会导致调用到p3容器的ip地址,而没有正确调用到p2容器。
- 引入自定义网络的好处:我们的p1容器不需要通过p2的ip去调用(因为容器ip可变),我们直接可以通过p2的容器名去调用容器(容器名可以保证不变),这样下来就可以不担心调用到其他容器了!!!
删除网络
[root@aubin dc]# docker network ls
NETWORK ID NAME DRIVER SCOPE
8c1bb35ef410 bridge bridge local
22fb71d0775a host host local
2a4fb0891f66 my-network bridge local
deeb8c6478cc none null local
docker network rm 2a4fb0891f66
❤️本章结束,下一章见❤️