介绍Docker容器的3种原生网络驱动:none、host、bridge。学习容器
如何实现通信。(了解)
一、容器网络
image.png
注:
Bridge:网桥,相当于在宿主主机上虚拟了一个交换机
Overlay:k8s使用的这种方式
安装时默认安装了3种网络
[root@cent701 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
ca0b764ff09f bridge bridge local
5b2b5dd70f33 host host local
b0ce5ca77c75 none null local
[root@cent701 ~]#
1.docker0网络(1)
- 安装docker前,仅有
1)lo(loop back)回路网卡
2)ens32 物理网卡 - 安装docker 后多了一堆
1)docker0:网桥
所有容器都连接在docker0网桥上,通过网桥进行通信转发,相当于虚拟的交换机。
2)veth0feb053@if6、veth8445097@if8
每多一个容器,就多一个这样的网络配置,是容器的网络接口。它连接的都是网桥,
[root@cent701 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:26:44:67 brd ff:ff:ff:ff:ff:ff
inet 192.168.227.3/24 brd 192.168.227.255 scope global ens32
valid_lft forever preferred_lft forever
inet6 fe80::8fec:8861:ac20:198a/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:a8:47:8d:5c brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:a8ff:fe47:8d5c/64 scope link
valid_lft forever preferred_lft forever
7: veth0feb053@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 1e:fc:1c:05:17:42 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::1cfc:1cff:fe05:1742/64 scope link
valid_lft forever preferred_lft forever
9: veth8445097@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 76:11:81:60:62:37 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::7411:81ff:fe60:6237/64 scope link
valid_lft forever preferred_lft forever
docker0网络
容器创建时,默认挂载在docker0上。
docker0是一个linux bridge。
docker0网络创建时已默认配置了Subnet(子网)。
image.png
1.docker0网络(2)
查看容器网络的详细信息
[root@cent701 ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "ca0b764ff09f68919b064caddd4d5c801a9eb79bc7f2907a75956f2afd1c210c",
"Created": "2022-01-13T09:19:36.031401781+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"4ee19318178fa5d33bc6f91abcc3d34e3b580a9cc04fd3bfd6df6aba489f5f44": {
"Name": "xenodochial_bassi",
"EndpointID": "a29678dda2ec2e0eada0c9d98a9835e401a4661fd7c991f2033d470d376adf6c",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"aa9317ccabd6ebb8e44b7a7ea2c3c7ed43f789a0991dfc05486df04ff322c966": {
"Name": "huawei4",
"EndpointID": "d7625dfda058cc00a0acf04e1b86cf93e4ec9df804c966ca0659553701ff8789",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@cent701 ~]#
网络连通性实验
