在我们通过docker run创建容器的时候默认就会去使用docker bridge的网络;其实在我们创建容器的时候是可以指定容器使用的网络的,并且我们也可以创建一个自定义的网络,在创建容器的时候指定使用我们自己创建的网络。
[root@docker ~]# docker network create -d bridge my-bridge
380c3f9ac371750664df0e61245a93ea3eb785aa59d90dc3223e8a6cba03a118
[root@docker ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
60e81719174c bridge bridge local
67f0fa7f22b0 host host local
380c3f9ac371 my-bridge bridge local
01f3c01c3ade none null local
[root@docker ~]# brctl show
bridge name bridge id STP enabled interfaces
br-380c3f9ac371 8000.02424dd4b4b7 no
docker0 8000.02420c4725c2 no veth2e7a7c3
veth6c15790
[root@docker ~]#
14.1 新建容器并指定使用自定义的网络
docker run -d --name test3 --network my-bridge busybox /bin/sh -c "while true;do sleep 3600;done"
查看网络信息:
[root@docker ~]# brctl show
bridge name bridge id STP enabled interfaces
br-380c3f9ac371 8000.02424dd4b4b7 no vethf1bb3b3
docker0 8000.02420c4725c2 no veth2e7a7c3
veth6c15790
[root@docker ~]# ip a|grep vethf1bb3b3
184: vethf1bb3b3@if183: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-380c3f9ac371 state UP
[root@docker ~]# docker network inspect 380c3f9ac371
[
{
"Name": "my-bridge",
"Id": "380c3f9ac371750664df0e61245a93ea3eb785aa59d90dc3223e8a6cba03a118",
"Created": "2018-06-06T12:58:16.075454193+07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"1a7e1b2aed10c47e0e04b6c8bf11bef6bfcda8edd21644defff01302b977479d": {
"Name": "test3",
"EndpointID": "3ae8e776e83660fc1013e841cabbad819b523687b3ebf098e2dbbb00d4aeb266",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
14.2 修改已存在的容器到其他网络
[root@docker ~]# docker network connect my-bridge test2
[root@docker ~]# docker network inspect 380c3f9ac371
[
{
"Name": "my-bridge",
"Id": "380c3f9ac371750664df0e61245a93ea3eb785aa59d90dc3223e8a6cba03a118",
"Created": "2018-06-06T12:58:16.075454193+07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"1a7e1b2aed10c47e0e04b6c8bf11bef6bfcda8edd21644defff01302b977479d": {
"Name": "test3",
"EndpointID": "3ae8e776e83660fc1013e841cabbad819b523687b3ebf098e2dbbb00d4aeb266",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"74d1dac13943effb5d5c3549b988d3b77049a99df88c3a7147d29623c1cb1099": {
"Name": "test2",
"EndpointID": "60400ff4299d8a469a6bb88229f0ccc919612483e20fe3474a8e7eab29e2f74e",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
修改完之后,查看原先默认使用的bridge网络信息:
[root@docker ~]# docker network inspect 60e81719174c
[
{
"Name": "bridge",
"Id": "60e81719174cd81800981dba54d9dd97e0df639e128abb92605ca2828f4f3d06",
"Created": "2018-05-31T16:47:33.917919725+07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"74d1dac13943effb5d5c3549b988d3b77049a99df88c3a7147d29623c1cb1099": {
"Name": "test2",
"EndpointID": "e5be5981ad5138aeb469e24ce8e79b1752f30e5ab51befdc68930ae01b63de42",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"a10b6f5afb766f59550650656e29cf9fc1dff2c63978ceae02bdd92b367f329a": {
"Name": "test1",
"EndpointID": "8e4b12841f72614d2df2d6b5b53da197847655e09f7bfa84c1e2ed78dd329759",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@docker ~]#
可以发现,test2既在bridge网络中也在my-bridge网络中。检查一下是否既可以通过IP访问也可以通过容器名访问:
[root@docker ~]# docker exec -it test3 /bin/sh
/ # ping 172.18.0.3
PING 172.18.0.3 (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.126 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.093 ms
^C
--- 172.18.0.3 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.093/0.109/0.126 ms
/ # ping test2
PING test2 (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.071 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.126 ms
^C
--- test2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.071/0.098/0.126 ms
/ #
[root@docker ~]# docker exec -it test2 /bin/sh
/ # ping 172.18.0.2
PING 172.18.0.2 (172.18.0.2): 56 data bytes
64 bytes from 172.18.0.2: seq=0 ttl=64 time=0.075 ms
64 bytes from 172.18.0.2: seq=1 ttl=64 time=0.094 ms
^C
--- 172.18.0.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.075/0.084/0.094 ms
/ # ping test3
PING test3 (172.18.0.2): 56 data bytes
64 bytes from 172.18.0.2: seq=0 ttl=64 time=0.072 ms
64 bytes from 172.18.0.2: seq=1 ttl=64 time=0.104 ms
^C
--- test3 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.072/0.088/0.104 ms
/ # ping test1
ping: bad address 'test1'
/ #
将test1也连接到my-bridge中:
[root@docker ~]# docker network connect my-bridge test1
[root@docker ~]# docker exec -it test2 /bin/sh
/ # ping test1
PING test1 (172.18.0.4): 56 data bytes
64 bytes from 172.18.0.4: seq=0 ttl=64 time=0.097 ms
64 bytes from 172.18.0.4: seq=1 ttl=64 time=0.086 ms
64 bytes from 172.18.0.4: seq=2 ttl=64 time=0.083 ms
^C
--- test1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.083/0.088/0.097 ms
/ # ping test3
PING test3 (172.18.0.2): 56 data bytes
64 bytes from 172.18.0.2: seq=0 ttl=64 time=0.072 ms
64 bytes from 172.18.0.2: seq=1 ttl=64 time=0.085 ms
64 bytes from 172.18.0.2: seq=2 ttl=64 time=0.095 ms
^C
--- test3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.072/0.084/0.095 ms
/ #
事实证明:两个容器之间使用的都是自定义的网络,那么他们之间就相当于添加了一个双向的link。即可以通过IP访问,也可以通过容器名访问。