一、Docker網絡命名空間
1、利用busybox啟動兩個容器
- 啟動test1容器
[root@localhost ~]# docker run -d --name test1 busybox /bin/sh -c "while true; do sleep 3600; done " #啟動test1容器
- 啟動test2容器
[root@localhost ~]# docker run -d --name test2 busybox /bin/sh -c "while true; do sleep 3600; done "
2、進入容器中查看網絡
- 進入test1容器查看網絡
[root@localhost ~]# docker exec -it 90964ccfc53d /bin/sh / # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever / #
- 進入test2容器查看網絡
[root@localhost ~]# docker exec -it 08d4fa600414 /bin/sh / # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever
可以看到兩個容器產生的ip不一樣,也就是說每一個容器有自己的網絡,那么它們之間是否可以通信呢?
我們可以在test2容器中嘗試ping第一個容器:
[root@localhost ~]# docker exec -it 90964ccfc53d /bin/sh / # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever / # ping 172.17.0.2 PING 172.17.0.2 (172.17.0.2): 56 data bytes 64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.194 ms 64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.068 ms 64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.088 ms 64 bytes from 172.17.0.2: seq=3 ttl=64 time=0.070 ms 64 bytes from 172.17.0.2: seq=4 ttl=64 time=0.100 ms
可以看到是可以進行通信的,所以每一個容器都有自己的網絡命名空間,並且容器之間是可以進行通信的。
二、Docker網絡
我們可以先看看Docker中的網絡情況:
[root@localhost ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 4657ce390049 bridge bridge local 2582de0db573 host host local d81e2ab77dcf none null local
可以看到有bridge、host、以及none三種情況。
(一) bridge
1、bridge網絡詳情
通過docker network inspect + id查看具體網絡情況:
[root@localhost ~]# docker network inspect 4657ce390049 [ { "Name": "bridge", "Id": "4657ce390049c246dfb67dad34ad8e456958b2875d71fb2214269aa71642eda2", "Created": "2020-01-31T10:04:59.74388944+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "08d4fa6004147b171820d7f81903e7af7ccff38498082365383ca4855e9d6482": { "Name": "test2", "EndpointID": "c2d18508f072d899f55302e2277976c43895163b0b58b95fbabc08041d9dd55a", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", "IPv6Address": "" }, "90964ccfc53d5a8c4a35a0e53f2f022205df39294daacbd6175703a704688cd4": { "Name": "test3", "EndpointID": "7f08319a7959f34be312ea03d21353edeb21b12ed4dac619b83b4c9c86065625", "MacAddress": "02:42:ac:11:00:03", "IPv4Address": "172.17.0.3/16", "IPv6Address": "" } }, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500" }, "Labels": {} } ]
可以看到這是Bridge網絡的詳情,其中container中有test2這個容器使用的就是這個網絡。
2、容器之間的通信
容器之間是如何進行通信的呢?
- 一個容器的網絡
我們先看看主機上的網絡:
[root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:f4:16:7e brd ff:ff:ff:ff:ff:ff inet 192.168.0.109/24 brd 192.168.0.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::84a4:73f5:46d2:79d3/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:de:c3:4c brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:de:c3:4c brd ff:ff:ff:ff:ff:ff 5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 02:42:a2:8a:59:a5 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:a2ff:fe8a:59a5/64 scope link valid_lft forever preferred_lft forever 7: veth309f7b4@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP link/ether be:d5:f3:b1:0b:0b brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::bcd5:f3ff:feb1:b0b/64 scope link valid_lft forever preferred_lft forever
可以看到上面的網絡有很多,但是注意docker0這個網絡,目前運行的容器有一個:
[root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 08d4fa600414 busybox "/bin/sh -c 'while t…" About an hour ago Up About an hour test2
那么上面第7個網絡veth309f7b4其實連接的就是docker0這個網絡,我們可以通過以下命令查看:
[root@localhost ~]# brctl show bridge name bridge id STP enabled interfaces docker0 8000.0242a28a59a5 no veth309f7b4
可以看到interfaces中值和第7個是一樣的。
- 兩個容器的網路
我們再運行一個容器:
[root@localhost ~]# docker run -d --name test3 busybox /bin/sh -c "while true; do sleep 3600; done " 74859a31d0bf3d0d8a2664a3de7a95a54576350b79bb764b9f5085d66d258b1a [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 74859a31d0bf busybox "/bin/sh -c 'while t…" 10 seconds ago Up 4 seconds test3 08d4fa600414 busybox "/bin/sh -c 'while t…" About an hour ago Up About an hour test2
目前有兩個容器,再看看網絡情況,首先主機網絡情況:
[root@localhost ~]# ip a ... ... 5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 02:42:a2:8a:59:a5 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:a2ff:fe8a:59a5/64 scope link valid_lft forever preferred_lft forever 7: veth309f7b4@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP link/ether be:d5:f3:b1:0b:0b brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::bcd5:f3ff:feb1:b0b/64 scope link valid_lft forever preferred_lft forever 15: veth48166c0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP link/ether 5a:f2:df:c2:7f:80 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::58f2:dfff:fec2:7f80/64 scope link valid_lft forever preferred_lft forever
我們觀察多了一個15的網絡,那么它連接的是誰呢?
[root@localhost ~]# brctl show bridge name bridge id STP enabled interfaces docker0 8000.0242a28a59a5 no veth309f7b4 veth48166c0
可以看到它連接的還是docker0這個Bridge網絡。另外可以看到test3容器的網絡情況:
[root@localhost ~]# docker exec -it 74859a31d0bf ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever
- 總結
可以看到每一個容器與docker0之間的相連都是通過一對接口進行連接,這樣通過docker0間接的達到容器之間的通信。
- 容器之間的link
上面我們可以看出來,容器之間ping通是需要通過ip地址進行通信的,那么link的好處就是在啟動容器時,通過link參數直接指定容器的名稱,這樣就可以直接通過容器名稱通信而不需要ip地址:
創建容器test1:
[root@localhost ~]# docker run -d --name test1 busybox /bin/sh -c "while true; do sleep 3600; done " b5ab3edf65f7687cc95cd23d01c5dd04bbc15c291f231a38a684ade889908ecd
創建容器test2,並且通過link參數指定test1:
[root@localhost ~]# docker run -d --name test2 --link test1 busybox /bin/sh -c "while true; do sleep 3600; done " cd8e333b7c96388318c9a5d9436997fea8a722343ca745dcbe60d5e256cf4433
這樣,我們可以進入到test2中,然后去嘗試通過名稱連接test1:
[root@localhost ~]# docker exec -it test2 /bin/sh / # ping test1 PING test1 (172.17.0.2): 56 data bytes 64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.235 ms 64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.087 ms 64 bytes from 172.17.0.2: seq=2 ttl=64 time=0.090 ms
顯然,這樣是可行的,但是如果我們進入到test1,然后通過name去連接test2的話是會失敗的,因為link是有指向性的。這個是默認的bridge所限制的,但是如果是自己搭建的網絡bridge就不是這種情況了。
3、自創建bridge網絡
在此之前,先再看一看主機上的網絡情況:
[root@localhost ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 3198a081bd7f bridge bridge local 2582de0db573 host host local d81e2ab77dcf none null local
- 創建bridge網絡
[root@localhost ~]# docker network create -d bridge my-bridge 2d6d1e198a6c2e3f98c1b6afcac19a4a7cd106d1da1029d41a73c00a0729fd5f [root@localhost ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 3198a081bd7f bridge bridge local 2582de0db573 host host local 2d6d1e198a6c my-bridge bridge local d81e2ab77dcf none null local
目前還沒有容器來連接它:
[root@localhost ~]# brctl show bridge name bridge id STP enabled interfaces br-2d6d1e198a6c 8000.0242ae7aebe7 no docker0 8000.024287a39934 no vethbc08bb5 vethf24eba9
- 創建容器test3來連接my-bridge網絡
[root@localhost ~]# docker run -d --name test3 --network my-bridge busybox /bin/sh -c "while true; do sleep 3600; done " e87b1468c7df57080177500135f6dd0e935894c447cfda47bae395affe5f58d0
此時再看,已經有一個接口了:
[root@localhost ~]# brctl show bridge name bridge id STP enabled interfaces br-2d6d1e198a6c 8000.0242ae7aebe7 no vethb722bba docker0 8000.024287a39934 no vethbc08bb5 vethf24eba9
- 讓容器test2的網絡由bridge變成my-bridge
[root@localhost ~]# docker network connect my-bridge test2 [root@localhost ~]# brctl show bridge name bridge id STP enabled interfaces br-2d6d1e198a6c 8000.0242ae7aebe7 no vethb722bba vethd2f00a0 docker0 8000.024287a39934 no vethbc08bb5 vethf24eba9
可以看到my-bridge上已經有兩個接口了,此時我們進入到其中的一個容器然后通過name去通信。
- my-bridge上的容器互相通信
[root@localhost ~]# docker exec -it test2 /bin/sh #進入test2 / # ping test3 PING test3 (172.18.0.2): 56 data bytes 64 bytes from 172.18.0.2: seq=0 ttl=64 time=1.972 ms 64 bytes from 172.18.0.2: seq=1 ttl=64 time=0.096 ms 64 bytes from 172.18.0.2: seq=2 ttl=64 time=0.081 ms [root@localhost ~]# docker exec -it test3 /bin/sh #進入test3 / # ping test2 PING test2 (172.18.0.3): 56 data bytes 64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.141 ms 64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.076 ms 64 bytes from 172.18.0.3: seq=2 ttl=64 time=0.078 ms
- 總結
如果是自建的bridge網絡,不需要通過link參數,而是本身自己在連接my-bridge已經ip和name進行了映射,我們通過名字就可以了,類似於DNS。
(二)host、none
1、host
- 創建host網絡的容器
[root@localhost ~]# docker run -d --name test1 --network host busybox /bin/sh -c "while true; do sleep 3600; done " cdedc9c7525bdfad4642c95d1d0c2dfc1b018b4a28672e1547f2b55391c9dbdf
- 查看host網絡
[root@localhost ~]# docker network inspect host [ { "Name": "host", "Id": "2582de0db573f47b1cf71cb691f5f2d72e0626b0f2574c5a861f582b981388a3", "Created": "2019-07-02T22:55:28.657713062+08:00", "Scope": "local", "Driver": "host", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "cdedc9c7525bdfad4642c95d1d0c2dfc1b018b4a28672e1547f2b55391c9dbdf": { "Name": "test1", "EndpointID": "6b36692de2f89381a53978427ee57066dd35238a326ceccd05bd7ab3fcfb9678", "MacAddress": "", "IPv4Address": "", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
可以看到host網絡中目前只有一個容器正在使用,就是我們剛剛創建的,但是注意它的MacAddress、IPv4Address、IPv6Address都是空的。此時我們再進入test1容器中查看容器網絡情況。
- 容器網絡情況
[root@localhost ~]# docker exec -it test1 /bin/sh / # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:f4:16:7e brd ff:ff:ff:ff:ff:ff inet 192.168.0.109/24 brd 192.168.0.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::84a4:73f5:46d2:79d3/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue qlen 1000 link/ether 52:54:00:de:c3:4c brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 qlen 1000 link/ether 52:54:00:de:c3:4c brd ff:ff:ff:ff:ff:ff 5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue link/ether 02:42:87:a3:99:34 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:87ff:fea3:9934/64 scope link valid_lft forever preferred_lft forever 10: br-2d6d1e198a6c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue link/ether 02:42:ae:7a:eb:e7 brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global br-2d6d1e198a6c valid_lft forever preferred_lft forever inet6 fe80::42:aeff:fe7a:ebe7/64 scope link valid_lft forever preferred_lft forever 16: veth84e019c@if15: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master br-2d6d1e198a6c link/ether ce:24:54:b5:2e:5c brd ff:ff:ff:ff:ff:ff inet6 fe80::cc24:54ff:feb5:2e5c/64 scope link valid_lft forever preferred_lft forever
容器內的網絡很全面,實際上與主機網絡做比較后,我們發現它的網絡與主機共享同一套網絡:
[root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:f4:16:7e brd ff:ff:ff:ff:ff:ff inet 192.168.0.109/24 brd 192.168.0.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::84a4:73f5:46d2:79d3/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:de:c3:4c brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:de:c3:4c brd ff:ff:ff:ff:ff:ff 5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN link/ether 02:42:87:a3:99:34 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:87ff:fea3:9934/64 scope link valid_lft forever preferred_lft forever 10: br-2d6d1e198a6c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 02:42:ae:7a:eb:e7 brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global br-2d6d1e198a6c valid_lft forever preferred_lft forever inet6 fe80::42:aeff:fe7a:ebe7/64 scope link valid_lft forever preferred_lft forever 16: veth84e019c@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-2d6d1e198a6c state UP link/ether ce:24:54:b5:2e:5c brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::cc24:54ff:feb5:2e5c/64 scope link valid_lft forever preferred_lft forever
這樣,host網絡與主機共享同一套網絡空間命名,這樣出現的問題就是端口沖突。
2、none
- 創建none網絡容器
[root@localhost ~]# docker run -d --name test1 --network none busybox /bin/sh -c "while true; do sleep 3600; done " a49418c5e24b5019b0931345bf9ade0caaddde2e615f595008f2d91c0eb62958
- 查看none網絡
[root@localhost ~]# docker network inspect none [ { "Name": "none", "Id": "d81e2ab77dcf63710f745b2c14d5bee4f46d252abc411bbc42a82d0820fe34d5", "Created": "2019-07-02T22:55:28.453452746+08:00", "Scope": "local", "Driver": "null", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "a49418c5e24b5019b0931345bf9ade0caaddde2e615f595008f2d91c0eb62958": { "Name": "test1", "EndpointID": "881efcbab7ae4f37772a3732183228321d5202d3bd121e71a8bcab02a90f9f72", "MacAddress": "", "IPv4Address": "", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
可以看到none網絡中剛剛創建的容器也是沒有MacAddress、IPv4Address、IPv6Address信息。
- 容器內部網絡
[root@localhost ~]# docker exec -it test1 ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever failed to resize tty, using default size
可以看到沒有多余的網路,這樣也就造成了無法通信。
3、總結
目前普遍用bridge網絡的情況較多,而host和none網絡的情況較少。