文章详情

登录

短信预约-IT技能 免费直播动态提醒

选择考试省份

  • 北京
  • 上海
  • 天津
  • 重庆
  • 河北
  • 山东
  • 辽宁
  • 黑龙江
  • 吉林
  • 甘肃
  • 青海
  • 河南
  • 江苏
  • 湖北
  • 湖南
  • 江西
  • 浙江
  • 广东
  • 云南
  • 福建
  • 海南
  • 山西
  • 四川
  • 陕西
  • 贵州
  • 安徽
  • 广西
  • 内蒙
  • 西藏
  • 新疆
  • 宁夏
  • 兵团

请输入下面的图形验证码

提交验证

短信预约提醒成功

Docker网络模型使用详解(2)Docker网络模式

2023-09-08 10:21

关注

安装Docker时会自动创建3个网络,可以使用docker network ls命令列出这些网络。

[root@localhost ~]# docker network ls

NETWORK ID     NAME                DRIVER    SCOPE

ebcfad6f4255   bridge              bridge    local

b881c67f8813   compose_lnmp_lnmp   bridge    local

fcf5201effd8   demo_net            bridge    local

8104a1b1ed6c   host                host      local

7a7562f2d82d   none                null      local

  • bridge是Docker的默认网络驱动程序,用于连接容器和主机上的网络。它是本地范围的网络,仅在主机上可见。
  • compose_lnmp_lnmp是一个命名的网络,是由Docker Compose创建的,它允许在同一Compose项目中的容器之间进行通信。
  • demo_net是另一个命名的网络,自己创建的网络。
  • host是另一种网络模式,容器与主机共享网络命名空间,因此容器可以直接与主机上的服务进行通信。
  • none表示容器没有与任何网络连接。

我们在使用docker run创建容器时,可以用--net选项指定容器的网络模式,Docker有以下4种网络模式:

  1. Host模式,使用--net=host指定。
  2. Container模式,使用--net=container:NAME_or_ID指定。
  3. None模式,使用--net=none指定。
  4. Bridge模式,使用--net=bridge指定,默认设置。

Host模式

仅主机

Docker底层使用了Linux的Namespaces技术来进行资源隔离,如PID Namespace隔离进程,Mount Namespace隔离文件系统,Network Namespace隔离网络等。一个Network Namespace提供了一份独立的网络环境,包括网卡、路由、Iptables规则等都与其他的Network Namespace隔离。一个Docker容器一般会分配一个独立的Network Namespace。但如果启动容器的时候使用host模式,那么这个容器将不会获得一个独立的Network Namespace,而是和宿主机共用一个Root Network Namespace。容器将不会虚拟出自己的网卡,配置自己的IP等,而是使用宿主机的IP和端口。出于安全考虑不推荐使用这种网络模式。

我们在192.168.50.59/24的机器上用Host模式启动一个含有WEB应用的Docker容器,监听TCP 80端口。当我们在容器中执行任何类似ifconfig命令查看网络环境时,看到的都是宿主机上的信息。而外界访问容器中的应用,则直接使用192.168.200.111:80即可,不用任何NAT转换,就如直接跑在宿主机中一样。但是,容器的其他方面,如文件系统、进程列表等还是和宿主机隔离的。

 用host启动 busybox并查看

[root@localhost ~]# docker run -itd --net=host --name=host busyboxdf0de56d85f71c01eb015946a1761373d6bb565f73fd3f43a239135c1998fa84[root@localhost ~]# docker exec -it host ifconfigbr-b881c67f8813 Link encap:Ethernet  HWaddr 02:42:00:73:93:F4            inet addr:172.18.0.1  Bcast:172.18.255.255  Mask:255.255.0.0          UP BROADCAST MULTICAST  MTU:1500  Metric:1          RX packets:0 errors:0 dropped:0 overruns:0 frame:0          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)br-fcf5201effd8 Link encap:Ethernet  HWaddr 02:42:57:20:7F:6B            inet addr:172.25.0.1  Bcast:172.25.255.255  Mask:255.255.0.0          inet6 addr: fe80::42:57ff:fe20:7f6b/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:19 errors:0 dropped:0 overruns:0 frame:0          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:1484 (1.4 KiB)  TX bytes:488 (488.0 B)docker0   Link encap:Ethernet  HWaddr 02:42:96:A8:40:FE            inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0          inet6 addr: fe80::42:96ff:fea8:40fe/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:104 errors:0 dropped:0 overruns:0 frame:0          TX packets:124 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:12669 (12.3 KiB)  TX bytes:17954 (17.5 KiB)ens33     Link encap:Ethernet  HWaddr 00:0C:29:E8:B0:6A            inet addr:192.168.50.59  Bcast:192.168.50.255  Mask:255.255.255.0          inet6 addr: fe80::dbbb:645e:9534:365f/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:6723 errors:0 dropped:0 overruns:0 frame:0          TX packets:4795 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000          RX bytes:533557 (521.0 KiB)  TX bytes:722896 (705.9 KiB)ens36     Link encap:Ethernet  HWaddr 00:0C:29:E8:B0:74            inet addr:192.168.1.110  Bcast:192.168.1.255  Mask:255.255.255.0          inet6 addr: fe80::4e02:634e:67ca:d86e/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:146425 errors:0 dropped:0 overruns:0 frame:0          TX packets:37335 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000          RX bytes:173609362 (165.5 MiB)  TX bytes:2671847 (2.5 MiB)lo        Link encap:Local Loopback            inet addr:127.0.0.1  Mask:255.0.0.0          inet6 addr: ::1/128 Scope:Host          UP LOOPBACK RUNNING  MTU:65536  Metric:1          RX packets:0 errors:0 dropped:0 overruns:0 frame:0          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)veth1cd495b Link encap:Ethernet  HWaddr 9A:18:5B:97:FC:AF            inet6 addr: fe80::9818:5bff:fe97:fcaf/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:17 errors:0 dropped:0 overruns:0 frame:0          TX packets:32 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:2115 (2.0 KiB)  TX bytes:2924 (2.8 KiB)veth1fe7fee Link encap:Ethernet  HWaddr 1A:7A:43:B5:E2:A8            inet6 addr: fe80::187a:43ff:feb5:e2a8/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:23 errors:0 dropped:0 overruns:0 frame:0          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:2086 (2.0 KiB)  TX bytes:1076 (1.0 KiB)veth21224d2 Link encap:Ethernet  HWaddr C6:5D:7E:9C:F3:E1            inet6 addr: fe80::c45d:7eff:fe9c:f3e1/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:6 errors:0 dropped:0 overruns:0 frame:0          TX packets:15 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:476 (476.0 B)  TX bytes:1174 (1.1 KiB)veth2af5e71 Link encap:Ethernet  HWaddr F2:B0:7F:98:3A:7E            inet6 addr: fe80::f0b0:7fff:fe98:3a7e/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:18 errors:0 dropped:0 overruns:0 frame:0          TX packets:30 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:2157 (2.1 KiB)  TX bytes:2521 (2.4 KiB)veth3839b96 Link encap:Ethernet  HWaddr 76:01:DE:59:71:9A            inet6 addr: fe80::7401:deff:fe59:719a/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:6 errors:0 dropped:0 overruns:0 frame:0          TX packets:15 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:476 (476.0 B)  TX bytes:1174 (1.1 KiB)veth5b04bf4 Link encap:Ethernet  HWaddr 8A:53:86:BC:37:1C            inet6 addr: fe80::8853:86ff:febc:371c/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:5 errors:0 dropped:0 overruns:0 frame:0          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:378 (378.0 B)  TX bytes:1034 (1.0 KiB)veth6d1b68f Link encap:Ethernet  HWaddr 1A:12:AA:12:AD:E2            inet6 addr: fe80::1812:aaff:fe12:ade2/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:17 errors:0 dropped:0 overruns:0 frame:0          TX packets:27 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:1795 (1.7 KiB)  TX bytes:2008 (1.9 KiB)veth7fdc9d7 Link encap:Ethernet  HWaddr 3E:7A:4E:8B:56:13            inet6 addr: fe80::3c7a:4eff:fe8b:5613/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:5 errors:0 dropped:0 overruns:0 frame:0          TX packets:19 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:378 (378.0 B)  TX bytes:1522 (1.4 KiB)veth9e68eab Link encap:Ethernet  HWaddr 16:03:A6:A6:78:F5            inet6 addr: fe80::1403:a6ff:fea6:78f5/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:23 errors:0 dropped:0 overruns:0 frame:0          TX packets:42 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:3519 (3.4 KiB)  TX bytes:6034 (5.8 KiB)vethb62206b Link encap:Ethernet  HWaddr 2E:6D:F9:34:AB:CA            inet6 addr: fe80::2c6d:f9ff:fe34:abca/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:27 errors:0 dropped:0 overruns:0 frame:0          TX packets:51 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:4455 (4.3 KiB)  TX bytes:8407 (8.2 KiB)vethd26c9e7 Link encap:Ethernet  HWaddr 46:D3:F8:F7:D5:CF            inet6 addr: fe80::44d3:f8ff:fef7:d5cf/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:5 errors:0 dropped:0 overruns:0 frame:0          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:378 (378.0 B)  TX bytes:1034 (1.0 KiB)

宿主机查看

[root@localhost ~]# ifconfigbr-b881c67f8813: flags=4099  mtu 1500        inet 172.18.0.1  netmask 255.255.0.0  broadcast 172.18.255.255        ether 02:42:00:73:93:f4  txqueuelen 0  (Ethernet)        RX packets 146479  bytes 173614294 (165.5 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 37337  bytes 2672249 (2.5 MiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0br-fcf5201effd8: flags=4163  mtu 1500        inet 172.25.0.1  netmask 255.255.0.0  broadcast 172.25.255.255        inet6 fe80::42:57ff:fe20:7f6b  prefixlen 64  scopeid 0x20        ether 02:42:57:20:7f:6b  txqueuelen 0  (Ethernet)        RX packets 27  bytes 4455 (4.3 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 51  bytes 8407 (8.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0docker0: flags=4163  mtu 1500        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255        inet6 fe80::42:96ff:fea8:40fe  prefixlen 64  scopeid 0x20        ether 02:42:96:a8:40:fe  txqueuelen 0  (Ethernet)        RX packets 104  bytes 12669 (12.3 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 124  bytes 17954 (17.5 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0ens33: flags=4163  mtu 1500        inet 192.168.50.59  netmask 255.255.255.0  broadcast 192.168.50.255        inet6 fe80::dbbb:645e:9534:365f  prefixlen 64  scopeid 0x20        ether 00:0c:29:e8:b0:6a  txqueuelen 1000  (Ethernet)        RX packets 6752  bytes 535747 (523.1 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 4822  bytes 735148 (717.9 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0ens36: flags=4163  mtu 1500        inet 192.168.1.110  netmask 255.255.255.0  broadcast 192.168.1.255        inet6 fe80::4e02:634e:67ca:d86e  prefixlen 64  scopeid 0x20        ether 00:0c:29:e8:b0:74  txqueuelen 1000  (Ethernet)        RX packets 146479  bytes 173614294 (165.5 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 37337  bytes 2672249 (2.5 MiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0lo: flags=73  mtu 65536        inet 127.0.0.1  netmask 255.0.0.0        inet6 ::1  prefixlen 128  scopeid 0x10        loop  txqueuelen 1000  (Local Loopback)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 0  bytes 0 (0.0 B)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth1cd495b: flags=4163  mtu 1500        inet6 fe80::9818:5bff:fe97:fcaf  prefixlen 64  scopeid 0x20        ether 9a:18:5b:97:fc:af  txqueuelen 0  (Ethernet)        RX packets 17  bytes 2115 (2.0 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 32  bytes 2924 (2.8 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth1fe7fee: flags=4163  mtu 1500        inet6 fe80::187a:43ff:feb5:e2a8  prefixlen 64  scopeid 0x20        ether 1a:7a:43:b5:e2:a8  txqueuelen 0  (Ethernet)        RX packets 23  bytes 2086 (2.0 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 14  bytes 1076 (1.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth21224d2: flags=4163  mtu 1500        inet6 fe80::c45d:7eff:fe9c:f3e1  prefixlen 64  scopeid 0x20        ether c6:5d:7e:9c:f3:e1  txqueuelen 0  (Ethernet)        RX packets 6  bytes 476 (476.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 15  bytes 1174 (1.1 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth2af5e71: flags=4163  mtu 1500        inet6 fe80::f0b0:7fff:fe98:3a7e  prefixlen 64  scopeid 0x20        ether f2:b0:7f:98:3a:7e  txqueuelen 0  (Ethernet)        RX packets 18  bytes 2157 (2.1 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 30  bytes 2521 (2.4 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth3839b96: flags=4163  mtu 1500        inet6 fe80::7401:deff:fe59:719a  prefixlen 64  scopeid 0x20        ether 76:01:de:59:71:9a  txqueuelen 0  (Ethernet)        RX packets 6  bytes 476 (476.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 15  bytes 1174 (1.1 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth5b04bf4: flags=4163  mtu 1500        inet6 fe80::8853:86ff:febc:371c  prefixlen 64  scopeid 0x20        ether 8a:53:86:bc:37:1c  txqueuelen 0  (Ethernet)        RX packets 5  bytes 378 (378.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 13  bytes 1034 (1.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth6d1b68f: flags=4163  mtu 1500        inet6 fe80::1812:aaff:fe12:ade2  prefixlen 64  scopeid 0x20        ether 1a:12:aa:12:ad:e2  txqueuelen 0  (Ethernet)        RX packets 17  bytes 1795 (1.7 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 27  bytes 2008 (1.9 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth7fdc9d7: flags=4163  mtu 1500        inet6 fe80::3c7a:4eff:fe8b:5613  prefixlen 64  scopeid 0x20        ether 3e:7a:4e:8b:56:13  txqueuelen 0  (Ethernet)        RX packets 5  bytes 378 (378.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 19  bytes 1522 (1.4 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0veth9e68eab: flags=4163  mtu 1500        inet6 fe80::1403:a6ff:fea6:78f5  prefixlen 64  scopeid 0x20        ether 16:03:a6:a6:78:f5  txqueuelen 0  (Ethernet)        RX packets 23  bytes 3519 (3.4 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 42  bytes 6034 (5.8 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0vethb62206b: flags=4163  mtu 1500        inet6 fe80::2c6d:f9ff:fe34:abca  prefixlen 64  scopeid 0x20        ether 2e:6d:f9:34:ab:ca  txqueuelen 0  (Ethernet)        RX packets 27  bytes 4455 (4.3 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 51  bytes 8407 (8.2 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0vethd26c9e7: flags=4163  mtu 1500        inet6 fe80::44d3:f8ff:fef7:d5cf  prefixlen 64  scopeid 0x20        ether 46:d3:f8:f7:d5:cf  txqueuelen 0  (Ethernet)        RX packets 5  bytes 378 (378.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 13  bytes 1034 (1.0 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0[root@localhost ~]# docker run -itd --name=con1 busybox890233a888725ad01804d7c569ca5f68602930312e15b49e0d2279072cd496f7[root@localhost ~]# docker exec -it con1 ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03            inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:8 errors:0 dropped:0 overruns:0 frame:0          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)lo        Link encap:Local Loopback            inet addr:127.0.0.1  Mask:255.0.0.0          UP LOOPBACK RUNNING  MTU:65536  Metric:1          RX packets:0 errors:0 dropped:0 overruns:0 frame:0          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

container模式

这个模式可以指定新创建的容器和已经存在的一个容器共享一个Network Namespace,而不是和宿主机共享。新创建的容器不会创建自己的网卡,配置自己的IP,而是和一个指定的容器共享IP、端口范围等。同样,两个容器除了网络方面,其他的如文件系统、进程列表等还是隔离的。两个容器的进程可以通过lo网卡设备通信。

使用--net=container:container_id/container_name,多个容器使用共同的网络看到的ip是一样的。

[root@localhost ~]# docker run -itd --net=container:con1 --name=con2 busybox

bda04210a24f5979d60ea5785088cbe029a66ae418e468528a288a59757827dd

[root@localhost ~]# docker run -itd --net=container:con1 --name=con3 busybox

b0e99382e36b49e976a9c38d67d39e057694d98f61bdb4ed4fad13b592156b22

[root@localhost ~]# docker exec -it con2 ifconfig

eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  

          inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:8 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

[root@localhost ~]# docker exec -it con3 ifconfig

eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  

          inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:8 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

none模式

自己玩模式

在这种模式下,Docker容器拥有自己的Network Namespace,但是并不为Docker容器进行任何网络配置。也就是说,这个Docker容器没有网卡、IP、路由等信息。需要我们自己为Docker容器添加网卡、配置IP等。

使用--net=none指定,这种模式下不会配置任何网络。

[root@localhost ~]# docker run -itd --name=none --net=none busybox
3557fefcac5a2fa0bd5f8dfe878d244c8235ecbf2f3a546085e10c3b7ff39343
[root@localhost ~]# docker exec -it none ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

bridge模式

bridge模式是Docker默认的网络设置,属于一种NAT网络模型,Docker daemon在启动的时候就会建立一个docker0网桥(通过-b参数可以指定),每个容器使用bridge模式启动时,Docker都会为容器创建一对虚拟网络接口(veth pair)设备,这对接口一端在容器的Network Namespace,另一端在docker0,这样就实现了容器与宿主机之间的通信。

 

在bridge模式下,Docker容器与外部网络通信都是通过iptables规则控制的,这也是Docker网络性能低下的一个重要原因。使用iptables -vnL -t nat可以查看NAT表,在Chain Docker中可以看到容器桥接的规则。

使用iptables -vnL -t nat可以查看NAT表,在Chain Docker中可以看到容器桥接的规则。

[root@localhost ~]# iptables -vnL -t nat

Chain PREROUTING (policy ACCEPT 17 packets, 2526 bytes)

 pkts bytes target     prot opt in     out     source               destination         

   73  3796 DOCKER     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 17 packets, 2526 bytes)

 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 3 packets, 228 bytes)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 DOCKER     all  --  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 3 packets, 228 bytes)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 MASQUERADE  all  --  *      !br-fcf5201effd8  172.25.0.0/16        0.0.0.0/0           

    0     0 MASQUERADE  all  --  *      !docker0  172.17.0.0/16        0.0.0.0/0           

    0     0 MASQUERADE  all  --  *      !br-b881c67f8813  172.18.0.0/16        0.0.0.0/0           

Chain DOCKER (2 references)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 RETURN     all  --  br-fcf5201effd8 *       0.0.0.0/0            0.0.0.0/0           

    0     0 RETURN     all  --  docker0 *       0.0.0.0/0            0.0.0.0/0           

    0     0 RETURN     all  --  br-b881c67f8813 *       0.0.0.0/0            0.0.0.0/0        

来源地址:https://blog.csdn.net/qwertyuiop_____q/article/details/132106380

阅读原文内容投诉

免责声明:

① 本站未注明“稿件来源”的信息均来自网络整理。其文字、图片和音视频稿件的所属权归原作者所有。本站收集整理出于非商业性的教育和科研之目的,并不意味着本站赞同其观点或证实其内容的真实性。仅作为临时的测试数据,供内部测试之用。本站并未授权任何人以任何方式主动获取本站任何信息。

② 本站未注明“稿件来源”的临时测试数据将在测试完成后最终做删除处理。有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341

软考中级精品资料免费领

  • 历年真题答案解析
  • 备考技巧名师总结
  • 高频考点精准押题

  • 2024年上半年信息系统项目管理师第二批次真题及答案解析(完整版)

    难度     807人已做
    查看

  • 【考后总结】2024年5月26日信息系统项目管理师第2批次考情分析

    难度     351人已做
    查看

  • 【考后总结】2024年5月25日信息系统项目管理师第1批次考情分析

    难度     314人已做
    查看

  • 2024年上半年软考高项第一、二批次真题考点汇总(完整版)

    难度     433人已做
    查看

  • 2024年上半年系统架构设计师考试综合知识真题

    难度     221人已做
    查看

相关文章

发现更多好内容

猜你喜欢

AI推送时光机

Docker网络模型使用详解(2)Docker网络模式

后端开发2023-09-08

Docker网络模式详解

后端开发2023-10-19

docker容器网络模式详解

后端开发2022-11-13

Docker的四种网络模式

后端开发2024-04-02

Docker的网络模式介绍

后端开发2024-04-02

Docker中的四种网络模式

后端开发2023-05-17

Docker 网络模式及配置方式

后端开发2024-04-02

docker的网络模式有哪些

docker的网络模式有哪些
后端开发2023-10-30

深入解析docker三种网络模式

后端开发2024-04-02

Docker四种网络模式是什么

后端开发2024-04-02

docker如何查看container-none网络模式

后端开发2024-04-02

Docker的四种网络模式是什么

后端开发2023-06-29

Docker网络模式及配置方式的示例

后端开发2023-06-14

Docker四种网络模式演示及连通性测试

后端开发2024-04-02

如何理解docker中的网络模式和跨主机通信

后端开发2023-06-05

python神经网络Xception模型复现详解

后端开发2024-04-02

python神经网络InceptionV3模型复现详解

后端开发2024-04-02

python神经网络Densenet模型复现详解

后端开发2024-04-02

python神经网络ShuffleNetV2模型复现详解

后端开发2024-04-02

python神经网络ResNet50模型的复现详解

后端开发2024-04-02
位置:首页-资讯-后端开发
咦!没有更多了?去看看其它编程学习网 内容吧
首页课程
资料下载问答资讯