docker0
查看主机的ip
[root@iZwz908j8pbqd86doyrez5Z test]# ip addr
#本机回环地址
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
#阿里云内网地址
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:10:37:ba brd ff:ff:ff:ff:ff:ff
inet 172.18.199.233/20 brd 172.18.207.255 scope global dynamic eth0
valid_lft 309999819sec preferred_lft 309999819sec
#docker生成的地址
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:6f:43:1c:ae brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
查看容器的ip
[root@iZwz908j8pbqd86doyrez5Z test]# docker exec -it 5046feaea51f ip addr
#容器内网地址
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
#docker生成的地址
282: eth0@if283: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
尝试从主机直接ping通容器的eth0ip
#尝试ping通主机和容器
[root@iZwz908j8pbqd86doyrez5Z test]# ping 172.17.0.2
#连接成功
容器间的通信:docker网络
原理:使用了evth-pair技术,本质上都是通过主机相连.每个主机有一个端口对应一个容器(如上面的容器-282和主机-283),如此构成了一个局域网.实际上各个容器无法直接相连,只能通过enth0进行桥接
#尝试ping通容器和容器
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat1 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
284: eth0@if285: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat2 ping 172.17.0.3
#测试:可以ping通
docker网络解决的问题:容器之间的ping通
原理
我们没启动一个docker容器,docker就会给docker容器分配一个ip,我们只要安装了docker,就会有一个网卡桥接模式,使用的技术是evth-pair技术
#再次查看主机ip:多了一个263(猜测“283: veth30fdc0b@if282”表示:这里的263与容器内的262相对应,即每运行一个容器,都会创建一对网卡)
[root@iZwz908j8pbqd86doyrez5Z test]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:10:37:ba brd ff:ff:ff:ff:ff:ff
inet 172.18.199.233/20 brd 172.18.207.255 scope global dynamic eth0
valid_lft 309996899sec preferred_lft 309996899sec
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:6f:43:1c:ae brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
283: veth30fdc0b@if282: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 4e:d2:72:ba:14:a0 brd ff:ff:ff:ff:ff:ff link-netnsid 0
linux桥接:我们每启动一个容器,linux主机就会多一个虚拟网卡,这个网卡连接着各个容器,我们可以尝试使用两个容器进行通信
#evth-pair技术:一对虚拟设备接口,他们都是成对出现的,一端连着协议,一端彼此相连
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat1 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
284: eth0@if285: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat2 ping 172.17.0.3
网络模型图
结论:tomcat1和tomcat2公用一个路由器docker0
小结
注:
–link(官方不推荐)
当通过datasource连接mysql时,通常总是对应一个指定的端口,而容器的端口却是在启动难时生成(主机端口-容器端口),是否有办法通过主机端口-服务找到对应的端口?
#尝试直接ping通
docker exec -it tomcat2 ping tomcat1 #无法直接ping通
#尝试使用link启动一个容器
docker run -d -P --name tomcat3 --link tomcat2 tomcat
docker exec -it tomcat3 ping tomcat2 #可以ping通
#尝试tomcat1向tomcat2反向Ping通
docker exec -it tomcat1 ping tomcat3 #失败
#查看/etc/hosts文件探究--link原理
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat3 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.4 tomcat2 e55b43eede71 #其实本质上是更改了hosts文件,将访问转到本地对应的端口
172.17.0.5 c13e595e3183
原理:直接在/etc/hosts中写死了
自定义网络
#查看当前的网络
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
e33b6b9e8a86 bridge bridge local
e4a72501819c host host local
ee755fa64360 none null local
网络模式
bridge:桥接模式,桥接docker(默认)
none:不配置网络
host:和宿主机共享网络
container:容器内网络连通(不建议)
测试
# 我们直接启动的命令 --net bridge,也就是我们docker0的桥接
docker run -d -P --name tomcat01 tomcat
docker run -d -P --name tomcat01 --net bridge tomcat #与上面等同
# docker0特点:默认,域名不能访问,可以--link打通,但是不推荐
#尝试建立一个自定义网络
#--driver bridge:桥接模式
#--subnet 192.168.0.0/16:子网地址(/16,说明只限制了前面16位,可以有255*255个不同的地址;如果是/24,则只有255个地址)
#--getaway 192.168.0.1:网关
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet27ebc9223f194268120a12710971c9093c53b9fc3f65e19697ca63e05ee464f9
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
e33b6b9e8a86 bridge bridge local
e4a72501819c host host local
27ebc9223f19 mynet bridge local #*
ee755fa64360 none null local
#docker network inspect mynet
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "27ebc9223f194268120a12710971c9093c53b9fc3f65e19697ca63e05ee464f9",
"Created": "2020-09-15T15:13:49.178777935+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16", #子网
"Gateway": "192.168.0.1" #网关
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
#ping测试
[root@iZwz908j8pbqd86doyrez5Z ~]# docker run -d -P --net mynet --name tomcat4 tomcat
b763cb6ecf5d4befefcacac1c4fafff8bc3ef28de3ba51d11dfa36e64e0c7cbd
[root@iZwz908j8pbqd86doyrez5Z ~]# docker run -d -P --net mynet --name tomcat5 tomcat
f292f97cf1d6a0b7d6fc77f207730cf3774a65cf72bf99c3bb392e1acf6b4993
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat4 ping tomcat5
#再次查看信息
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "27ebc9223f194268120a12710971c9093c53b9fc3f65e19697ca63e05ee464f9",
"Created": "2020-09-15T15:13:49.178777935+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": { #两个容器
"b763cb6ecf5d4befefcacac1c4fafff8bc3ef28de3ba51d11dfa36e64e0c7cbd": {
"Name": "tomcat4",
"EndpointID": "5f7cd9c91fdf08ff27ed82d0419aa428c365c1a2d1b5eed476bb1bdb45a86d06",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"f292f97cf1d6a0b7d6fc77f207730cf3774a65cf72bf99c3bb392e1acf6b4993": {
"Name": "tomcat5",
"EndpointID": "92660007315adb53a812b564b06090b3039a7771e7c5d9a4fad2b1c9df9753d8",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
注:
网络连通
#尝试ping通不同网段(bridge和mynet)的容器
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat3 ping tomcat4
ping: tomcat4: Name or service not known
#在mynet网络中加入tomcat3容器
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network connect mynet tomcat3
[root@iZwz908j8pbqd86doyrez5Z ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "27ebc9223f194268120a12710971c9093c53b9fc3f65e19697ca63e05ee464f9",
"Created": "2020-09-15T15:13:49.178777935+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"b763cb6ecf5d4befefcacac1c4fafff8bc3ef28de3ba51d11dfa36e64e0c7cbd": {
"Name": "tomcat4",
"EndpointID": "5f7cd9c91fdf08ff27ed82d0419aa428c365c1a2d1b5eed476bb1bdb45a86d06",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"c13e595e31833afb032661b077f310bebce5d68bc19012caabc67dbaced129b9": {
"Name": "tomcat3",
"EndpointID": "ad22702408b9cad4cd67d58758506e60b6a48a0274f26a1134403c4153468a1f",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
},
"f292f97cf1d6a0b7d6fc77f207730cf3774a65cf72bf99c3bb392e1acf6b4993": {
"Name": "tomcat5",
"EndpointID": "92660007315adb53a812b564b06090b3039a7771e7c5d9a4fad2b1c9df9753d8",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
#尝试用tomcat3来ping通tomcat4
[root@iZwz908j8pbqd86doyrez5Z ~]# docker exec -it tomcat3 ping tomcat4 #成功
注:
springboot打包docker镜像
原文:https://www.cnblogs.com/Arno-vc/p/13673795.html