DockerHub
登录服务器
Usage: docker login [OPTIONS] [SERVER]
Log in to a Docker registry.
If no server is specified, the default is defined by the daemon.
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username
root@K8S-APP-T02:/root#docker login -u yunhgu
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
提交镜像
root@K8S-APP-T02:/root#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
yunhgu/djangoweb 1.0 2f5f21b871a4 3 days ago 920MB
djangoweb latest 2f5f21b871a4 3 days ago 920MB
mysql latest c0cdc95609f1 4 days ago 556MB
nacos/nacos-server latest aa0ed1af6fc3 2 weeks ago 1.04GB
python 3.9.2 587b1bc803b3 6 weeks ago 886MB
root@K8S-APP-T02:/root#docker push yunhgu/djangoweb:1.0
The push refers to repository [docker.io/yunhgu/djangoweb]
c2f481b5e11e: Pushed
05abbb64f9fa: Pushed
8eb8c22ae193: Pushed
24cfc7b55b45: Pushed
d176ad4c69a5: Pushed
c249277a0e30: Mounted from library/python
e0b2f4d03f7b: Mounted from library/python
4cbe584e1645: Mounted from library/python
5ece9340957c: Mounted from library/python
093501b0a9e2: Mounted from library/python
b1169e57b139: Mounted from library/python
b3577d595e75: Mounted from library/python
3ee270f20d54: Mounted from library/python
4ef4adca5c3b: Mounted from library/python
1.0: digest: sha256:d3e3b1a3dee323059cb4ff740bad223ff388c48c95b17b12a0d41ccd60f05ff5 size: 3261
Docker网络
理解Docker0
root@K8S-APP-T02:/root#ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a6:a5:10 brd ff:ff:ff:ff:ff:ff
inet 10.50.132.157/24 brd 10.50.132.255 scope global noprefixroute ens192
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fea6:a510/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:80:a9:8e:c2 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:80ff:fea9:8ec2/64 scope link
valid_lft forever preferred_lft forever
# 查看启动的容器的ip地址
root@K8S-APP-T02:/root#docker run -it python:3.9.2 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
478: eth0@if479: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.4/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
# 本机ping它
ping 172.17.0.4
原理
每启动一个容器,docker就会给它分配一个ip,只要安装了docker,就会有一个网卡docker0 桥接模式使用的是evth-pair技术
# evth-pair 技术就是一对的虚拟设备接口,成对出现,一端连着协议,一端彼此相连
# 因为这个特性,evth-pair充当一个桥梁,连接各种虚拟网络设备的
# OpenStac, Docker容器之间的连接,OVS的连接,都是使用evth-pair技术
Docker中的所有的网络接口都是虚拟的。虚拟的转发效率很高。
--link
# 容器间的联通
docker run -it --name tomcat02 tomcat:latest
docker run -it --name tomcat01 --link tomcat02 tomcat:latest
# 查看tomcat01 hosts 配置
发现会有tomcat02 的IP地址
局限性,不支持容器名访问。
自定义网络
docker network --help
docker network ls
网络模式:
bridge: 桥接 docker(默认)
none: 不配置网络
host: 和宿主机共享网络
container :容器网络连通
# 我们直接启动默认了net
docker run -d -P --name tomcat01 tomcat
docker run -d -P --name tomcat01 --net bridge tomcat
创建网络
docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
docker network ls
NETWORK ID NAME DRIVER SCOPE
ef8e47112b9a bridge bridge local
4eb6a0d48bcf composttest_default bridge local
5fec7da508b6 home_default bridge local
5f69ba2db66a host host local
206960a4da9f mynet bridge local
0eb40fb28d40 none null local
root@K8S-APP-T02:/root#docker network inspect mynet
[
{
"Name": "mynet",
"Id": "206960a4da9f76ee6120fece980393df4aa75c0c14243ac3a4d73e7f7027ff8e",
"Created": "2021-05-17T14:50:49.104869121+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
# 使用自定义网络创建容器
docker run -d -P --name tomcat01 --net mynet tomcat
docker run -d -P --name tomcat02 --net mynet tomcat
root@K8S-APP-T02:/root#docker network inspect mynet
[
{
"Name": "mynet",
"Id": "206960a4da9f76ee6120fece980393df4aa75c0c14243ac3a4d73e7f7027ff8e",
"Created": "2021-05-17T14:50:49.104869121+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"526667eba1620159396632a01ea67208c0b3c7068e22b8057bce2acd2bb54c53": {
"Name": "tomcat02",
"EndpointID": "91825251fb06867b5293a64d596419edbd1dca08d6b4fb2859e14f11ced024fd",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"bedf9b4cbc0d4080a56f5893ef2afb5615b31137f73d9161b7c14c8ec3b2ad82": {
"Name": "tomcat01",
"EndpointID": "e0ec9a1133d5927b81e3f9e2f87c5b10b3de5efa7c929b1964c0b5f6c0b1a5ef",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
结果:
docker exec -it tomcat01 ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.137 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.083 ms
^C
--- 192.168.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.069/0.096/0.137/0.030 ms
root@K8S-APP-T02:/root#docker exec -it tomcat02 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.110 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.084 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=64 time=0.082 ms
^C
--- 192.168.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.082/0.092/0.110/0.012 ms
好处: 不同的集群使用不同的网络,保证集群是安全和健康的
网络联通
root@K8S-APP-T02:/root#docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
docker network connect mynet 容器id