Docker network mode and configuration method

1. Docker Network Mode

When docker run creates a Docker container, you can use the –net option to specify the container’s network mode. Docker has the following four network modes:

Host mode, specified using –net=host.

Container mode, specified using –net=container:NAME_or_ID.

None mode, specified using –net=none.

Bridge mode, specified using –net=bridge, the default setting.

Host Mode

If you use the host mode when starting a container, the container will not obtain an independent Network Namespace, but will share a Network Namespace with the host. The container will not virtualize its own network card, configure its own IP, etc., but will use the host's IP and port.

For example, we start a Docker container containing a web application in host mode on the machine 10.10.101.105/24, listening on TCP port 80. When we execute any command like ifconfig in the container to view the network environment, we see the information on the host machine. When the outside world accesses the application in the container, you can directly use 10.10.101.105:80 without any NAT conversion, just like running directly in the host machine. However, other aspects of the container, such as the file system and process list, are still isolated from the host machine.

Container Mode

This mode specifies that the newly created container shares a Network Namespace with an existing container instead of sharing it with the host. The newly created container will not create its own network card, configure its own IP, but share the IP, port range, etc. with a specified container. Similarly, except for the network, other aspects of the two containers, such as the file system and process list, are still isolated. The processes of the two containers can communicate through the lo network card device.

None mode

This mode is different from the previous two. In this mode, the Docker container has its own Network Namespace, but no network configuration is performed for the Docker container. In other words, this Docker container has no network card, IP, routing and other information. We need to add network cards and configure IP for the Docker container ourselves.

Bridge mode

The bridge mode is the default network setting of Docker. This mode allocates a Network Namespace for each container, sets the IP address, etc., and connects the Docker container on a host to a virtual bridge.

When the Docker server is started, a virtual bridge named docker0 is created on the host. The Docker containers started on this host are connected to this virtual bridge.

The virtual bridge works similarly to a physical switch, so that all containers on the host are connected to a Layer 2 network through the switch. The next step is to assign an IP to the container. Docker will select an IP address and subnet different from the host machine from the private IP segment defined in RFC1918 and assign it to docker0. The container connected to docker0 will select an unoccupied IP from this subnet.

For example, Docker generally uses the network segment 172.17.0.0/16 and assigns 172.17.42.1/16 to the docker0 bridge (docker0 can be seen by using the ifconfig command on the host. It can be considered as the management interface of the bridge and used as a virtual network card on the host)

2. Docker network configuration – setting fixed IP

The Docker container uses the bridge mode by default when it is started. After the Docker container is started, it will be connected to a virtual bridge named docker0. Therefore, the IP address of the Docker container is not fixed each time it is started, which is inconvenient to manage. Sometimes fixed IP mapping is required, such as when managing a Docker cluster.

When setting a fixed IP for a Docker container, pipework is needed to set the IP for the container:

1. The host downloads pipework as follows:

$ git clone https://github.com/jpetazzo/pipework.git
$ cp pipework/pipework /usr/local/bin/

2. Install the bridge tool package bridge-utils

$ yum -y install bridge-utils

3. Create a bridge and set the IP segment

$ brctl addbr br1
$ ip link set dev br1 up
$ ip addr add 192.168.10.1/24 dev br1

4. Start a container

#Start a container based on the centos image, named centos-ip
$ docker run -d --name=centos-ip centos

5. Set IP

$ pipework br1 centos-ip 192.168.10.20/24

The container named centos-ip is assigned the IP 192.168.10.20

Use the ping and ssh commands to verify whether you can ping and log in successfully.

$ ping 192.168.10.20
$ ssh 192.168.10.20

Note: You need to enter the root password of the centos container when SSH. If you did not specify the root password when creating the centos container, you can enter the container to set the root password first:

docker exec -it container ID/NAME
sudo passwd root

Appendix: Deleting a bridge

brctl show 
# Check the bridge status brctl delif <bridge name> <port name> 
#Uninstall the port on the bridge ifconfig 
# Check if there is a bridge network card name ifconfig <bridge name> down 
#Close this network card brctl delbr <bridge name> 
#Delete the bridge

Docker version 1.9 and later can use the following method:

1. Create a custom network

docker network create --subnet=192.168.10.1/24 network_my
# docker network ls 
NETWORK ID NAME DRIVER SCOPE
1fb22da7d8a3 bridge bridge local
fe259334b842 host host local
8c5971ff48d8 network_my bridge local
3aaf0356c19c none null local

2. Start the Docker container

docker run -itd --name hadoop0 --hostname hadoop0 --net network_my --ip 192.168.10.30 -d -P -p 50070:50070 -p 8088:8088 hadoop:master

Supplement: Docker image source changes and network mode changes

The docker image has been changed. Add the image address in /etc/docker/daemon.json and use another method to make it effective.

{ "exec-opts": ["native.cgroupdriver=systemd"] }

Restart Docker

systemctl restart docker systemctl status docker

It actually worked.

The docker configuration sometimes works this way and sometimes works that way. It's really speechless

The above is my personal experience. I hope it can give you a reference. I also hope that you will support 123WORDPRESS.COM. If there are any mistakes or incomplete considerations, please feel free to correct me.