Docker network principles and detailed analysis of custom networks
|
Docker virtualizes a bridge on the host machine. When creating and starting a container, each container will be assigned an IP address that is consistent with the bridge's network segment by default. The bridge serves as the gateway of the container. The bridge is connected to each container, and containers can communicate through the bridge. Because the bridge is virtualized, the external network cannot be addressed, that is, the external network cannot access the container by default. It is necessary to map the host port to the container port when creating and starting the container, and access the container through the host IP port. This is the default network for Docker. One of its drawbacks is that containers can only access each other through IP. If you want to access each other using container name or container ID, you need to modify the hosts file using link when creating and starting the container. Generally, a custom network is used. A custom network is created using network. When creating a custom network, you can specify information such as the subnet segment and gateway. When creating and starting a container, specify the network to use. In this way, all containers in a custom network can be accessed directly using the container name. If a container wants to access containers in other networks, it can also be set in the network so that the container and the container in the target network can communicate using the container name. 1 Default network docker0Tested with vm virtual machine, docker is not started. There are two networks in the system (loopback network and virtual machine network) When the docker service is started, the host has an additional network docker0, which is the default network of docker # Start the docker service [root@localhost ~]# systemctl start docker Start a tomcat container and you will find that the host has an additional network. Start tomcat [root@localhost ~]# docker run -d -P --name tomcat1 tomcat Starting another tomcat will add another network to the host machine # Start tomcat [root@localhost ~]# docker run -d -P --name tomcat2 tomcat Test that the two tomcat network IPs are connected
# View the ip address of tomcat [root@localhost ~]# docker exec -it tomcat2 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
# Ping tomcat2's IP address from tomcat1
[root@localhost ~]# docker exec -it tomcat1 ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.146 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.067 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.088 ms
^C
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 0.067/0.100/0.146/0.034 msPinging the container name of tomcat2 in tomcat1 fails # Ping tomcat2's container name in tomcat1 [root@localhost ~]# docker exec -it tomcat1 ping tomcat2 ^C[root@localhost ~]# Stop tomcat1 and recreate and start tomcat. Use link to modify the hosts file of tomcat1 at the bottom layer to realize the container name as the ip domain name so that tomcat1 can ping tomcat2 in one direction.
# Delete tomcat1
[root@localhost ~]# docker rm -f tomcat1
tomcat1
# View the help documentation link usage of run [root@localhost ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cgroupns string Cgroup namespace to use (host|private)
'host': Run the container in the Docker host's cgroup namespace
'private': Run the container in its own private cgroup namespace
'': Use the cgroup namespace as configured by the
default-cgroupns-mode option on the daemon (default)
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown
(ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (eg, 172.30.100.104)
--ip6 string IPv6 address (eg, 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (eg, 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--platform string Set platform if server is multi-platform capable
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--pull string Pull image before running ("always"|"missing"|"never") (default "missing")
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
# Start tomcat1 link to specify the container name to be accessed [root@localhost ~]# docker run -d -P --name tomcat1 --link tomcat2 tomcat
f78c51961662a1d3558fc8d0d95906b902a7a042f251a60858e72bcfa62e7a08
# Test ping
[root@localhost ~]# docker exec -it tomcat1 ping tomcat2
PING tomcat2 (172.17.0.3) 56(84) bytes of data.
64 bytes from tomcat2 (172.17.0.3): icmp_seq=1 ttl=64 time=0.088 ms
64 bytes from tomcat2 (172.17.0.3): icmp_seq=2 ttl=64 time=0.071 ms
64 bytes from tomcat2 (172.17.0.3): icmp_seq=3 ttl=64 time=0.071 ms
^C
--- tomcat2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.071/0.076/0.088/0.012 ms
# Check that tomcat1's hosts have been added to tomcat2's domain name [root@localhost ~]# docker exec -it tomcat1 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 tomcat2 27766c324de6
172.17.0.2 f78c51961662
# tomcat2 cannot ping tomcat1
[root@localhost ~]# docker exec -it tomcat2 ping tomcat1
^C[root@localhost ~]#2 Custom NetworkNeed to use the network command # View help documentation [root@localhost ~]# docker network --help Usage: docker network COMMAND Manage networks Commands: connect Connect a container to a network create Create a network disconnect Disconnect a container from a network inspect Display detailed information on one or more networks ls List networks prune Remove all unused networks rm Remove one or more networks Run 'docker network COMMAND --help' for more information on a command. List the current docker network bridge as the default network docker0 [root@localhost ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 9b27ff0926bf bridge bridge local 8dfa2efae677 host host local 2025b7fb1d7c none null local Create a network mynet
[root@localhost ~]# docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which to copy the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
[root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672",
"Created": "2021-05-13T11:21:13.494039122+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]Use mynet to create and start two tomcats, and they can ping each other directly through the container name.
[root@localhost ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cgroupns string Cgroup namespace to use (host|private)
'host': Run the container in the Docker host's cgroup namespace
'private': Run the container in its own private cgroup namespace
'': Use the cgroup namespace as configured by the
default-cgroupns-mode option on the daemon (default)
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown
(ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (eg, 172.30.100.104)
--ip6 string IPv6 address (eg, 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (eg, 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--platform string Set platform if server is multi-platform capable
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--pull string Pull image before running ("always"|"missing"|"never") (default "missing")
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
[root@localhost ~]# docker run -d -P --name tomcat-n-1 --network mynet tomcat
404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a
[root@localhost ~]# docker run -d -P --name tomcat-n-2 --network mynet tomcat
f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6352fb3db01 tomcat "catalina.sh run" 3 seconds ago Up 2 seconds 0.0.0.0:49159->8080/tcp, :::49159->8080/tcp tomcat-n-2
404e4e63622b tomcat "catalina.sh run" 10 seconds ago Up 9 seconds 0.0.0.0:49158->8080/tcp, :::49158->8080/tcp tomcat-n-1
f78c51961662 tomcat "catalina.sh run" 15 minutes ago Up 15 minutes 0.0.0.0:49157->8080/tcp, :::49157->8080/tcp tomcat1
27766c324de6 tomcat "catalina.sh run" 16 minutes ago Up 16 minutes 0.0.0.0:49156->8080/tcp, :::49156->8080/tcp tomcat2
[root@localhost ~]# docker exec -it tomcat-n-1 ping tomcat-n-2
PING tomcat-n-2 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.102 ms
64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from tomcat-n-2.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.164 ms
^C
--- tomcat-n-2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 3ms
rtt min/avg/max/mdev = 0.069/0.111/0.164/0.041 msView the detailed information of the mynet network, including the network information of the two started tomcat containers
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672",
"Created": "2021-05-13T11:21:13.494039122+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a": {
"Name": "tomcat-n-1",
"EndpointID": "b9efbd78daabe9345ade2a2e55291b7646d01679516e2f0be1efd5c2d6fea6b8",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f": {
"Name": "tomcat-n-2",
"EndpointID": "6b05a1ceff43514305bf3d0adf9e30ba8007db5ec8349d47f96ff2b216912fc0",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]Start a tomcat3 using the default network docker0
[root@localhost ~]# docker run -d -P --name tomcat3 tomcat
90e94ac30a3c61b493d2ea38c32cf5dddb781e88c30547b609db765b15d7d1e0
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
9b27ff0926bf bridge bridge local
8dfa2efae677 host host local
1abaa8e6a387 mynet bridge local
2025b7fb1d7c none null local
# View docker0 detailed information tomcat3 appears in the default network [root@localhost ~]# docker network inspect 9b27ff0926bf
[
{
"Name": "bridge",
"Id": "9b27ff0926bf22d0828ccd07d6e14eb17d96a4989f9def6f9118c099cf1ca1c6",
"Created": "2021-05-13T10:51:20.244232273+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"27766c324de619b24e2ed522d8064c5a4610c8f509ff0aed8fa1719691f01bf1": {
"Name": "tomcat2",
"EndpointID": "de913778ce2d7478e25daca26809aa75c9093c43853d9420c70886fb16741722",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"90e94ac30a3c61b493d2ea38c32cf5dddb781e88c30547b609db765b15d7d1e0": {
"Name": "tomcat3",
"EndpointID": "2223e522a0950b846bb7691b31f60bbd88ab3c9b8e71d601a495cce39387b8cc",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"f78c51961662a1d3558fc8d0d95906b902a7a042f251a60858e72bcfa62e7a08": {
"Name": "tomcat1",
"EndpointID": "59299fdca5497e55dc5a94e408529cc98819b673568720c81aa1c554dff1bbe5",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]tomcat3 and mynet are not in the same network, so tomcat3 cannot access the two tomcats in the mynet network. You can use network to connect tomcat3 and mynetwork to achieve two-way mutual access (supporting container names).
# View the IP address of the container in the mynet network
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "1abaa8e6a387bc8bbc7ac50d9f2289e96a143a92f074e90f698bd70411c86672",
"Created": "2021-05-13T11:21:13.494039122+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"404e4e63622b207af2ed534e768996f4d1cba4c798bba9e5d9b33c42711eaa4a": {
"Name": "tomcat-n-1",
"EndpointID": "b9efbd78daabe9345ade2a2e55291b7646d01679516e2f0be1efd5c2d6fea6b8",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"f6352fb3db01beed6ddf17ef84999a4ab209f026a6137b3bc7e35335d434785f": {
"Name": "tomcat-n-2",
"EndpointID": "6b05a1ceff43514305bf3d0adf9e30ba8007db5ec8349d47f96ff2b216912fc0",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
# tomcat3 ping ip does not work [root@localhost ~]# docker exec -it tomcat3 ping 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
^C
--- 192.168.0.2 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 11ms
[root@localhost ~]# docker exec -it tomcat3 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
^C
--- 192.168.0.3 ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 20ms
# Use connect to connect a network to another network's containers, and you can access each other's container names [root@localhost ~]# docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (eg, 172.30.100.104)
--ip6 string IPv6 address (eg, 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
[root@localhost ~]# docker network connect mynet tomcat3
[root@localhost ~]# docker exec -it tomcat3 ping tomcat-n-1
PING tomcat-n-1 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.235 ms
64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from tomcat-n-1.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.064 ms
^C
--- tomcat-n-1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 6ms
rtt min/avg/max/mdev = 0.064/0.123/0.235/0.079 ms
[root@localhost ~]# docker exec -it tomcat-n-1 ping tomcat3
PING tomcat3 (192.168.0.4) 56(84) bytes of data.
64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=2 ttl=64 time=0.169 ms
64 bytes from tomcat3.mynet (192.168.0.4): icmp_seq=3 ttl=64 time=0.194 ms
^C
--- tomcat3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 6ms
rtt min/avg/max/mdev = 0.055/0.139/0.194/0.061 msThe above is the detailed content of Docker network principles and detailed analysis of custom networks. For more information about Docker network principles, please pay attention to other related articles on 123WORDPRESS.COM! You may also be interested in:
|
<<: Implementation of CSS scroll bar style settings
>>: How to add double quotes in HTML title
Recommend
Solution to the error when installing Docker on CentOS version
1. Version Information # cat /etc/system-release ...
Several methods of implementing two fixed columns and one adaptive column in CSS
This article introduces several methods of implem...
Detailed explanation of bash command usage
On Linux, bash is adopted as the standard, which ...
MySQL uses aggregate functions to query a single table
Aggregate functions Acts on a set of data and ret...
Native js to achieve star twinkling effect
This article example shares the specific code of ...
A brief discussion of 3 new features worth noting in TypeScript 3.7
Table of contents Preface Optional Chaining Nulli...
Basic operations of mysql learning notes table
Create Table create table table name create table...
VirtualBox installs CentOS7 virtual machine and enhancement tools (picture and text)
The computer system is: win7 This article is main...
MySQL 8.0.20 Window10 free installation version configuration and Navicat management tutorial graphic detailed explanation
1. Download and decompress MySQL 8.0.20 Download ...
How to use Nginx proxy to surf the Internet
I usually use nginx as a reverse proxy for tomcat...
Detailed explanation of Linx awk introductory tutorial
Awk is an application for processing text files, ...
Detailed explanation of the index and storage structure of the MySQL InnoDB engine
Preface In databases such as Oracle and SQL Serve...
Use ab tool to perform API stress test on the server
Table of contents 1 A brief introduction to syste...
Docker-compose one-click deployment of gitlab Chinese version method steps
1. Introduction to gitlab Gitlab official address...
How to optimize MySQL performance through MySQL slow query
As the number of visits increases, the pressure o...