Docker跨宿主機容器通信-通過網絡跨宿主機互聯

本文轉載自查看原文 2020-02-01 07:20 1198 Docker

　　　　　　　　　　　Docker跨宿主機容器通信-通過網絡跨宿主機互聯

　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　作者：尹正傑

一.docker網絡類型

　　Docker的網絡有四種類型,分別為host模式,none模式,container模式,bridge模式。

　　host模式:
　　　　創建容器時,可以使用"-net=host"指定。
　　　　啟動的容器如果指定了網絡類型為host模式，那么新創建的容器不會創建自己的虛擬網卡,而是直接使用宿主機的網卡和IP地址,因此容器里面查看到的IP信息就是宿主機的信息，訪問容器的時候直接使用"宿主機IP:容器端口"即可,不過容器的其它資源們比如文件系統，系統進程等還是和宿主機保持隔離。
　　　　此模式的網絡性能最高,但是各容器之間端口不能相同(因為該模式直接使用的是宿主機的網絡)，適用於運行容器端口比較固定的業務，比如Mysql,Redis等。

　　none模式:
　　　　創建容器時，可以使用"-net=none"指定。
　　　　在使用none模式后,docker容器不會進行任何網絡配置，其沒有網卡，沒有IP也沒有路由，因此默認無法與外界通信，需要手動添加配置IP等，所以極少使用。

　　container模式:
　　　　創建容器時,可以使用"-net=container:容器名稱或容器ID"指定。
　　　　使用此模式創建的容器需指定和一個已經存在的容器共享一個網絡,而不是和宿主機共享網絡，換句話說，就是兩個容器公用同一個IP地址。
　　　　新創建的容器不會創建自己的網卡也不會配置自己的IP,而是和一個已經存在的被指定的容器IP和端口范圍,因此這個容器的端口不能和被指定的端口沖突,除了網絡之外的文件系統，進程信息等仍然保持相互隔離，兩個容器的進程可以通過lo網卡設備通信。

　　bridge模式:
　　　　docker的默認模式即不指定任何模式就是bridge模式，也是使用比較多的模式，此模式創建的容器會為每一個容器分配自己的網絡IP等信息，並將容器連接到一個虛擬網橋與外界通信。　　　

　　博主推薦閱讀:
　　　　https://www.cnblogs.com/yinzhengjie/p/11517865.html

1>.不指定容器的網絡模式默認就是bridge模式

[root@docker101.yinzhengjie.org.cn ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
    inet 172.200.3.101/21 brd 172.200.7.255 scope global bond0
       valid_lft forever preferred_lft forever
7: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.200.3.101/21 brd 192.200.7.255 scope global bond1
       valid_lft forever preferred_lft forever
8: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:81:7d:84:58 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name nginx-web01-net-bridge -d nginx:v0.1-20200201 
0b55d9badcb01e113b19fa4b3b1fa399d1705ce467d19dc87d1a3ce9b76d814a
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container ps
CONTAINER ID        IMAGE                 COMMAND             CREATED             STATUS              PORTS               NAMES
0b55d9badcb0        nginx:v0.1-20200201   "nginx"             3 seconds ago       Up 3 seconds        80/tcp, 443/tcp     nginx-web01-net-bridge
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
    inet 172.200.3.101/21 brd 172.200.7.255 scope global bond0
       valid_lft forever preferred_lft forever
7: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.200.3.101/21 brd 192.200.7.255 scope global bond1
       valid_lft forever preferred_lft forever
8: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:81:7d:84:58 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
34: veth72e6ea8@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 82:5a:ca:c9:1f:59 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name nginx-web01-net-bridge -d nginx:v0.1-20200201　　　　#默認使用bridge模式，該模式會自動創建一塊虛擬網卡喲~

[root@docker101.yinzhengjie.org.cn ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
    inet 172.200.3.101/21 brd 172.200.7.255 scope global bond0
       valid_lft forever preferred_lft forever
7: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.200.3.101/21 brd 192.200.7.255 scope global bond1
       valid_lft forever preferred_lft forever
8: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:81:7d:84:58 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
34: veth72e6ea8@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default 
    link/ether 82:5a:ca:c9:1f:59 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE                 COMMAND             CREATED             STATUS              PORTS               NAMES
0b55d9badcb0        nginx:v0.1-20200201   "nginx"             3 seconds ago       Up 3 seconds        80/tcp, 443/tcp     nginx-web01-net-bridge
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container rm -fv `docker container ps -a -q`
0b55d9badcb0
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
5: eth3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
6: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:9a brd ff:ff:ff:ff:ff:ff
    inet 172.200.3.101/21 brd 172.200.7.255 scope global bond0
       valid_lft forever preferred_lft forever
7: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0c:29:fa:bd:a4 brd ff:ff:ff:ff:ff:ff
    inet 192.200.3.101/21 brd 192.200.7.255 scope global bond1
       valid_lft forever preferred_lft forever
8: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:81:7d:84:58 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft fore

[root@docker101.yinzhengjie.org.cn ~]# docker container rm -fv `docker container ps -a -q`　　　　　　　　　　　　　　　　　　　　#刪除容器時虛擬網卡也隨之刪除啦

2>.創建容器時顯式指定網絡模式為host

[root@docker102.yinzhengjie.org.cn ~]# docker container rm -fv `docker container ps -a -q`　　　　　　　　　　　　　　　　　　　　#為了試驗方便，我們將其它容器刪除掉
11bc2df8a985
9c4086710d57
[root@docker102.yinzhengjie.org.cn ~]#

[root@docker102.yinzhengjie.org.cn ~]# docker container rm -fv `docker container ps -a -q`　　　　　　　　　　　　　　　　　　　　#為了試驗方便，我們將其它容器刪除掉

[root@docker102.yinzhengjie.org.cn ~]# ss -ntl
State      Recv-Q Send-Q                                                                                          Local Address:Port                                                                                                         Peer Address:Port              
LISTEN     0      128                                                                                                         *:22                                                                                                                      *:*                  
LISTEN     0      128                                                                                                        :::22                                                                                                                     :::*                  
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container run -it --name redis-net-host1 --net=host -d redis:latest
f53da097d378134762858c8663bd7263df91e63a01f26e5585f45348e93f3ef6
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# ss -ntl
State      Recv-Q Send-Q                                                                                          Local Address:Port                                                                                                         Peer Address:Port              
LISTEN     0      511                                                                                                         *:6379                                                                                                                    *:*                  
LISTEN     0      128                                                                                                         *:22                                                                                                                      *:*                  
LISTEN     0      511                                                                                                        :::6379                                                                                                                   :::*                  
LISTEN     0      128                                                                                                        :::22                                                                                                                     :::*                  
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
f53da097d378        redis:latest        "docker-entrypoint.s…"   16 seconds ago      Up 15 seconds                           redis-net-host1
[root@docker102.yinzhengjie.org.cn ~]#

[root@docker102.yinzhengjie.org.cn ~]# docker container run -it --name redis-net-host1 --net=host -d redis:latest　　　　　　#第一個容器創建成功

[root@docker102.yinzhengjie.org.cn ~]# ss -ntl
State      Recv-Q Send-Q                                                                                          Local Address:Port                                                                                                         Peer Address:Port              
LISTEN     0      511                                                                                                         *:6379                                                                                                                    *:*                  
LISTEN     0      128                                                                                                         *:22                                                                                                                      *:*                  
LISTEN     0      511                                                                                                        :::6379                                                                                                                   :::*                  
LISTEN     0      128                                                                                                        :::22                                                                                                                     :::*                  
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
f53da097d378        redis:latest        "docker-entrypoint.s…"   16 seconds ago      Up 15 seconds                           redis-net-host1
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container run -it --name redis-net-host2 --net=host -d redis:latest
78b42aaa9b8520680d243de85f8efc2d8c4a85ec0947a952223958d2c6886aab
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                     PORTS               NAMES
78b42aaa9b85        redis:latest        "docker-entrypoint.s…"   3 seconds ago        Exited (1) 3 seconds ago                       redis-net-host2
f53da097d378        redis:latest        "docker-entrypoint.s…"   About a minute ago   Up About a minute                              redis-net-host1
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# ss -ntl
State      Recv-Q Send-Q                                                                                          Local Address:Port                                                                                                         Peer Address:Port              
LISTEN     0      511                                                                                                         *:6379                                                                                                                    *:*                  
LISTEN     0      128                                                                                                         *:22                                                                                                                      *:*                  
LISTEN     0      511                                                                                                        :::6379                                                                                                                   :::*                  
LISTEN     0      128                                                                                                        :::22                                                                                                                     :::*                  
[root@docker102.yinzhengjie.org.cn ~]#

[root@docker102.yinzhengjie.org.cn ~]# docker container run -it --name redis-net-host2 --net=host -d redis:latest　　　　　　#第二次啟動容器時卻失敗啦~

[root@docker102.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                     PORTS               NAMES
78b42aaa9b85        redis:latest        "docker-entrypoint.s…"   3 seconds ago        Exited (1) 3 seconds ago                       redis-net-host2
f53da097d378        redis:latest        "docker-entrypoint.s…"   About a minute ago   Up About a minute                              redis-net-host1
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# ss -ntl
State      Recv-Q Send-Q                                                                                          Local Address:Port                                                                                                         Peer Address:Port              
LISTEN     0      511                                                                                                         *:6379                                                                                                                    *:*                  
LISTEN     0      128                                                                                                         *:22                                                                                                                      *:*                  
LISTEN     0      511                                                                                                        :::6379                                                                                                                   :::*                  
LISTEN     0      128                                                                                                        :::22                                                                                                                     :::*                  
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container logs redis-net-host2
1:C 01 Feb 2020 10:29:26.160 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 01 Feb 2020 10:29:26.160 # Redis version=5.0.7, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 01 Feb 2020 10:29:26.160 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 01 Feb 2020 10:29:26.160 # Could not create server TCP listening socket *:6379: bind: Address already in use
[root@docker102.yinzhengjie.org.cn ~]#

[root@docker102.yinzhengjie.org.cn ~]# docker container logs redis-net-host2　　　　　　　　　　　　　　　　　　　　　　　　　　　　#可以查看啟動失敗的日志信息

[root@docker101.yinzhengjie.org.cn ~]# yum -y install epel-release
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.tuna.tsinghua.edu.cn
 * extras: mirrors.tuna.tsinghua.edu.cn
 * updates: mirror.bit.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================================================================================================================================================================
 Package                                                               Arch                                                            Version                                                          Repository                                                       Size
==============================================================================================================================================================================================================================================================================
Installing:
 epel-release                                                          noarch                                                          7-11                                                             extras                                                           15 k

Transaction Summary
==============================================================================================================================================================================================================================================================================
Install  1 Package

Total download size: 15 k
Installed size: 24 k
Downloading packages:
epel-release-7-11.noarch.rpm                                                                                                                                                                                                                           |  15 kB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : epel-release-7-11.noarch                                                                                                                                                                                                                                   1/1 
  Verifying  : epel-release-7-11.noarch                                                                                                                                                                                                                                   1/1 

Installed:
  epel-release.noarch 0:7-11                                                                                                                                                                                                                                                  

Complete!
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# yum -y install epel-release

[root@docker101.yinzhengjie.org.cn ~]# yum -y install redis
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink                                                                                                                                                                                                                                   | 8.7 kB  00:00:00     
 * base: mirrors.tuna.tsinghua.edu.cn
 * epel: mirrors.tuna.tsinghua.edu.cn
 * extras: mirrors.tuna.tsinghua.edu.cn
 * updates: mirror.bit.edu.cn
epel                                                                                                                                                                                                                                                   | 5.4 kB  00:00:00     
(1/3): epel/x86_64/group_gz                                                                                                                                                                                                                            |  90 kB  00:00:00     
(2/3): epel/x86_64/updateinfo                                                                                                                                                                                                                          | 1.0 MB  00:00:00     
(3/3): epel/x86_64/primary_db                                                                                                                                                                                                                          | 6.9 MB  00:00:11     
Resolving Dependencies
--> Running transaction check
---> Package redis.x86_64 0:3.2.12-2.el7 will be installed
--> Processing Dependency: libjemalloc.so.1()(64bit) for package: redis-3.2.12-2.el7.x86_64
--> Running transaction check
---> Package jemalloc.x86_64 0:3.6.0-1.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================================================================================================================================================================
 Package                                                           Arch                                                            Version                                                                Repository                                                     Size
==============================================================================================================================================================================================================================================================================
Installing:
 redis                                                             x86_64                                                          3.2.12-2.el7                                                           epel                                                          544 k
Installing for dependencies:
 jemalloc                                                          x86_64                                                          3.6.0-1.el7                                                            epel                                                          105 k

Transaction Summary
==============================================================================================================================================================================================================================================================================
Install  1 Package (+1 Dependent package)

Total download size: 648 k
Installed size: 1.7 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/epel/packages/jemalloc-3.6.0-1.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY                                                                                                      ]  0.0 B/s |    0 B  --:--:-- ETA 
Public key for jemalloc-3.6.0-1.el7.x86_64.rpm is not installed
(1/2): jemalloc-3.6.0-1.el7.x86_64.rpm                                                                                                                                                                                                                 | 105 kB  00:00:00     
(2/2): redis-3.2.12-2.el7.x86_64.rpm                                                                                                                                                                                                                   | 544 kB  00:00:00     
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                                                                                         936 kB/s | 648 kB  00:00:00     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Importing GPG key 0x352C64E5:
 Userid     : "Fedora EPEL (7) <epel@fedoraproject.org>"
 Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5
 Package    : epel-release-7-11.noarch (@extras)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : jemalloc-3.6.0-1.el7.x86_64                                                                                                                                                                                                                                1/2 
  Installing : redis-3.2.12-2.el7.x86_64                                                                                                                                                                                                                                  2/2 
  Verifying  : redis-3.2.12-2.el7.x86_64                                                                                                                                                                                                                                  1/2 
  Verifying  : jemalloc-3.6.0-1.el7.x86_64                                                                                                                                                                                                                                2/2 

Installed:
  redis.x86_64 0:3.2.12-2.el7                                                                                                                                                                                                                                                 

Dependency Installed:
  jemalloc.x86_64 0:3.6.0-1.el7                                                                                                                                                                                                                                               

Complete!
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# yum -y install redis

[root@docker101.yinzhengjie.org.cn ~]# redis-cli -h docker102.yinzhengjie.org.cn
docker102.yinzhengjie.org.cn:6379> info
# Server
redis_version:5.0.7
redis_git_sha1:00000000
redis_git_dirty:0
redis_build_id:b671f408463590b9
redis_mode:standalone
os:Linux 3.10.0-957.el7.x86_64 x86_64
arch_bits:64
multiplexing_api:epoll
atomicvar_api:atomic-builtin
gcc_version:8.3.0
process_id:1
run_id:77cfc6e3c18987d1752a9dfcb48cecd537a979b0
tcp_port:6379
uptime_in_seconds:1170
uptime_in_days:0
hz:10
configured_hz:10
lru_clock:3495764
executable:/data/redis-server
config_file:

# Clients
connected_clients:1
client_recent_max_input_buffer:2
client_recent_max_output_buffer:0
blocked_clients:0

# Memory
used_memory:854160
used_memory_human:834.14K
used_memory_rss:11182080
used_memory_rss_human:10.66M
used_memory_peak:854160
used_memory_peak_human:834.14K
used_memory_peak_perc:100.12%
used_memory_overhead:841982
used_memory_startup:792288
used_memory_dataset:12178
used_memory_dataset_perc:19.68%
allocator_allocated:1355032
allocator_active:1609728
allocator_resident:8474624
total_system_memory:4123009024
total_system_memory_human:3.84G
used_memory_lua:37888
used_memory_lua_human:37.00K
used_memory_scripts:0
used_memory_scripts_human:0B
number_of_cached_scripts:0
maxmemory:0
maxmemory_human:0B
maxmemory_policy:noeviction
allocator_frag_ratio:1.19
allocator_frag_bytes:254696
allocator_rss_ratio:5.26
allocator_rss_bytes:6864896
rss_overhead_ratio:1.32
rss_overhead_bytes:2707456
mem_fragmentation_ratio:13.77
mem_fragmentation_bytes:10369920
mem_not_counted_for_evict:0
mem_replication_backlog:0
mem_clients_slaves:0
mem_clients_normal:49694
mem_aof_buffer:0
mem_allocator:jemalloc-5.1.0
active_defrag_running:0
lazyfree_pending_objects:0

# Persistence
loading:0
rdb_changes_since_last_save:0
rdb_bgsave_in_progress:0
rdb_last_save_time:1580552898
rdb_last_bgsave_status:ok
rdb_last_bgsave_time_sec:-1
rdb_current_bgsave_time_sec:-1
rdb_last_cow_size:0
aof_enabled:0
aof_rewrite_in_progress:0
aof_rewrite_scheduled:0
aof_last_rewrite_time_sec:-1
aof_current_rewrite_time_sec:-1
aof_last_bgrewrite_status:ok
aof_last_write_status:ok
aof_last_cow_size:0

# Stats
total_connections_received:1
total_commands_processed:1
instantaneous_ops_per_sec:0
total_net_input_bytes:31
total_net_output_bytes:11468
instantaneous_input_kbps:0.00
instantaneous_output_kbps:0.00
rejected_connections:0
sync_full:0
sync_partial_ok:0
sync_partial_err:0
expired_keys:0
expired_stale_perc:0.00
expired_time_cap_reached_count:0
evicted_keys:0
keyspace_hits:0
keyspace_misses:0
pubsub_channels:0
pubsub_patterns:0
latest_fork_usec:0
migrate_cached_sockets:0
slave_expires_tracked_keys:0
active_defrag_hits:0
active_defrag_misses:0
active_defrag_key_hits:0
active_defrag_key_misses:0

# Replication
role:master
connected_slaves:0
master_replid:9d2adf0cdd5cad67d6173cf06ca8bed2b9dc4237
master_replid2:0000000000000000000000000000000000000000
master_repl_offset:0
second_repl_offset:-1
repl_backlog_active:0
repl_backlog_size:1048576
repl_backlog_first_byte_offset:0
repl_backlog_histlen:0

# CPU
used_cpu_sys:0.748182
used_cpu_user:0.957966
used_cpu_sys_children:0.001870
used_cpu_user_children:0.000882

# Cluster
cluster_enabled:0

# Keyspace
docker102.yinzhengjie.org.cn:6379> 
docker102.yinzhengjie.org.cn:6379> quit
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# redis-cli -h docker102.yinzhengjie.org.cn

3>.創建容器時顯式指定網絡模式為none(使用場景相對較少)

[root@docker101.yinzhengjie.org.cn ~]# docker image ls
REPOSITORY               TAG                 IMAGE ID            CREATED             SIZE
nginx                    v0.1-20200201       1a8b4f68e96a        3 hours ago         449MB
centos-haproxy           v1.8.20             1858fe05d96f        8 days ago          606MB
registry                 latest              708bc6af7e5e        8 days ago          25.8MB
tomcat-app01             v0.1                bf45c22f2d5b        9 days ago          983MB
tomcat-base              8.5.50              9ff79f369094        10 days ago         968MB
jdk-base                 1.8.0_231           0f63a97ddc85        10 days ago         953MB
centos-base              7.6.1810            b4931fd9ace2        10 days ago         551MB
centos                   centos7.6.1810      f1cb7c7d58b7        10 months ago       202MB
lorel/docker-stress-ng   latest              1ae56ccafe55        3 years ago         8.1MB
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container run --name nginx-net-none --net=none -v /yinzhengjie:/yinzhengjie -d nginx:v0.1-20200201 
3efb710ed1868dd514758bee0b2864957f914741f445ba47102845897535fe3c
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE                 COMMAND             CREATED             STATUS              PORTS               NAMES
3efb710ed186        nginx:v0.1-20200201   "nginx"             3 seconds ago       Up 3 seconds                            nginx-net-none
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-net-none bash
[root@3efb710ed186 /]# 
[root@3efb710ed186 /]# ifconfig -a
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@3efb710ed186 /]# 
[root@3efb710ed186 /]# ll /yinzhengjie/
total 0
drwxr-xr-x 4 root root 34 Jan 29 16:48 data
drwxr-xr-x 3 root root 24 Jan 21 23:27 softwares
[root@3efb710ed186 /]# 
[root@3efb710ed186 /]# exit 
exit
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# ll /yinzhengjie/
total 0
drwxr-xr-x 4 root root 34 Jan 30 00:48 data
drwxr-xr-x 3 root root 24 Jan 22 07:27 softwares
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker container run --name nginx-net-none --net=none -v /yinzhengjie:/yinzhengjie -d nginx:v0.1-20200201

4>.創建容器時顯式指定網絡模式為一個已經存在的容器的網絡空間(即兩個容器共用同一塊網卡設備)

[root@docker101.yinzhengjie.org.cn ~]# docker container rm -fv `docker container ps -a -q`
90ddc49aa5e8
972600e88309
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker container rm -fv `docker container ps -a -q`　　　　　　　　　　#刪除無效的容器

[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name nginx-net-bridge --net=bridge -v /yinzhengjie:/yinzhengjie -d tomcat-base:8.5.50 
232919619cc7eaf19bc6ed064087ca0d6933816c345a2b47c1f8ebcc0aa88814
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE                COMMAND             CREATED             STATUS              PORTS               NAMES
232919619cc7        tomcat-base:8.5.50   "/bin/bash"         3 seconds ago       Up 2 seconds                            nginx-net-bridge
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-net-bridge bash
[root@232919619cc7 /]# 
[root@232919619cc7 /]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@232919619cc7 /]# 
[root@232919619cc7 /]# ll /yinzhengjie/
total 0
drwxr-xr-x 4 root root 34 Jan 30 00:48 data
drwxr-xr-x 3 root root 24 Jan 22 07:27 softwares
[root@232919619cc7 /]# 
[root@232919619cc7 /]# exit 
exit
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name nginx-net-bridge --net=bridge -v /yinzhengjie:/yinzhengjie -d tomcat-base:8.5.50　　　　　　　　#創建一個容器

[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name nginx-net-bridge2 --net=container:nginx-net-bridge -d nginx:v0.1-20200201 
d0d41584cd60a5990c59380d0013db80f6fea202e449035646ee3c65906c8a05
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container ps -a
CONTAINER ID        IMAGE                 COMMAND             CREATED             STATUS              PORTS               NAMES
d0d41584cd60        nginx:v0.1-20200201   "nginx"             3 seconds ago       Up 2 seconds                            nginx-net-bridge2
232919619cc7        tomcat-base:8.5.50    "/bin/bash"         31 seconds ago      Up 30 seconds                           nginx-net-bridge
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it nginx-net-bridge2 bash
[root@232919619cc7 /]# 
[root@232919619cc7 /]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@232919619cc7 /]# 
[root@232919619cc7 /]# ll /yinzhengjie
ls: cannot access /yinzhengjie: No such file or directory
[root@232919619cc7 /]# 
[root@232919619cc7 /]# exit 
exit
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name nginx-net-bridge2 --net=container:nginx-net-bridge -d nginx:v0.1-20200201　　　　　　　　#在創建一個容器，網絡空間和上面創建的"nginx-net-bridge"容器共享

5>.查看宿主機默認網絡模式的信息概要

[root@docker101.yinzhengjie.org.cn ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
34054a7dc2e6        bridge              bridge              local
e537f0ed209d        host                host                local
408c4e463c01        none                null                local
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "34054a7dc2e6fd90f7b3038a93130db1e629398659ea84ed9b1dd2d566ba212e",
        "Created": "2020-02-01T15:21:36.488094467+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "232919619cc7eaf19bc6ed064087ca0d6933816c345a2b47c1f8ebcc0aa88814": {
                "Name": "nginx-net-bridge",
                "EndpointID": "f12d868d0dc6b4277bccb19dd1c44a33690d9f738eea6bc3d5dcf482c8ebf3da",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker network inspect bridge

[root@docker101.yinzhengjie.org.cn ~]# docker network inspect host
[
    {
        "Name": "host",
        "Id": "e537f0ed209d7594743c7d35a221bd09bbb6999f35fee80b44f3fa8188e0ffda",
        "Created": "2020-01-21T16:25:36.207042152+08:00",
        "Scope": "local",
        "Driver": "host",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker network inspect host

[root@docker101.yinzhengjie.org.cn ~]# docker network inspect none
[
    {
        "Name": "none",
        "Id": "408c4e463c01f8662a1f82ffde60b2a97b2aaf317779ce661197a1b10362da00",
        "Created": "2020-01-21T16:25:36.199531528+08:00",
        "Scope": "local",
        "Driver": "null",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# docker network inspect none

二.docker跨主機互聯簡單實現

　　跨主機互聯是說A宿主機的容器可以訪問B宿主機上的容器,但是前提是保證各宿主機之間的網絡是可以相互通信的，然后各容器才可以通過各自的宿主機訪問到對方的容器。

　　實現原理是在各宿主機上做相應的網絡路由就可以實現A宿主機和容器訪問B主機的目的，復雜的網絡或者大型的網絡可以通過Google開源的K8S進行互聯。

　　Docker的默認網段都是172.17.0.0/24，而且每個宿主機都是一樣的,因此要做路由的前提就是個主機網絡不能一致。為了避免對實驗的影響，建議大家選兩個"干凈"的docker環境節點，或者刪除之前在試驗節點創建的所有容器，在個節點上執行"docker container  rm -f `docker container ps -a -q`"

1>.修改docker101.yinzhengjie.org.cn節點的默認網段

[root@docker101.yinzhengjie.org.cn ~]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:81:7d:84:58  txqueuelen 0  (Ethernet)
        RX packets 13994  bytes 609179 (594.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 16608  bytes 78555306 (74.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# grep ExecStart /lib/systemd/system/docker.service 
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# vim /lib/systemd/system/docker.service 
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# grep ExecStart /lib/systemd/system/docker.service 
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --bip=10.100.0.254/16
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# systemctl daemon-reload 
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# systemctl restart docker.service 
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 10.100.0.254  netmask 255.255.0.0  broadcast 10.100.255.255
        ether 02:42:81:7d:84:58  txqueuelen 0  (Ethernet)
        RX packets 13994  bytes 609179 (594.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 16608  bytes 78555306 (74.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@docker101.yinzhengjie.org.cn ~]#

2>.修改docker102.yinzhengjie.org.cn節點的默認網段

[root@docker102.yinzhengjie.org.cn ~]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:6b:e0:f6:2e  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# grep ExecStart /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry docker103.yinzhengjie.org.cn --insecure-registry docker104.yinzhengjie.org.cn
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# vim /lib/systemd/system/docker.service
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# grep ExecStart /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry docker103.yinzhengjie.org.cn --insecure-registry docker104.yinzhengjie.org.cn --bip=10.200.0.254/16
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# systemctl daemon-reload
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# systemctl restart docker.service
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 10.200.0.254  netmask 255.255.0.0  broadcast 10.200.255.255
        ether 02:42:6b:e0:f6:2e  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@docker102.yinzhengjie.org.cn ~]#

3>.docker101.yinzhengjie.org.cn節點上運行一個容器並查看網關信息

[root@docker101.yinzhengjie.org.cn ~]# docker image pull centos:centos7.6.1810
centos7.6.1810: Pulling from library/centos
ac9208207ada: Pull complete 
Digest: sha256:62d9e1c2daa91166139b51577fe4f4f6b4cc41a3a2c7fc36bd895e2a17a3e4e6
Status: Downloaded newer image for centos:centos7.6.1810
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container run -it --name centos01 -d centos:centos7.6.1810
6f147e263a544757b0c443ca7f801edb2de968c808a30d612adbfe09260ea2bf
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it 6f147e263a544757b0c443ca7f801edb2de968c808a30d612adbfe09260ea2bf bash
[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# yum -y install net-tools
[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.100.0.1  netmask 255.255.0.0  broadcast 10.100.255.255
        ether 02:42:0a:64:00:01  txqueuelen 0  (Ethernet)
        RX packets 2779  bytes 13327375 (12.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2545  bytes 140646 (137.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.100.0.254    0.0.0.0         UG    0      0        0 eth0
10.100.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth0
[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# exit 
exit
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]#

4>.docker102.yinzhengjie.org.cn節點上運行一個容器並查看網關信息

[root@docker102.yinzhengjie.org.cn ~]# docker image pull centos:centos7.6.1810
centos7.6.1810: Pulling from library/centos
ac9208207ada: Pull complete 
Digest: sha256:62d9e1c2daa91166139b51577fe4f4f6b4cc41a3a2c7fc36bd895e2a17a3e4e6
Status: Downloaded newer image for centos:centos7.6.1810
docker.io/library/centos:centos7.6.1810
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container run -it --name centos02 -d centos:centos7.6.1810
f7329ef9419289c4d9599c557f04518f383ced60c01e3a3749d6a18ef32244bb
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# docker container exec -it f7329ef9419289c4d9599c557f04518f383ced60c01e3a3749d6a18ef32244bb bash
[root@f7329ef94192 /]# 
[root@f7329ef94192 /]# yum -y install net-tools
[root@f7329ef94192 /]# 
[root@f7329ef94192 /]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.200.0.1  netmask 255.255.0.0  broadcast 10.200.255.255
        ether 02:42:0a:c8:00:01  txqueuelen 0  (Ethernet)
        RX packets 2429  bytes 13308486 (12.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2345  bytes 129858 (126.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@f7329ef94192 /]# 
[root@f7329ef94192 /]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.200.0.254    0.0.0.0         UG    0      0        0 eth0
10.200.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth0
[root@f7329ef94192 /]# 
[root@f7329ef94192 /]# exit 
exit
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]#

5>.docker101.yinzhengjie.org.cn節點上添加靜態路徑

[root@docker101.yinzhengjie.org.cn ~]# iptables -vnL
Chain INPUT (policy ACCEPT 61 packets, 5225 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 42 packets, 6673 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# iptables -A FORWARD -s 172.200.0.0/21 -j ACCEPT
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# iptables -vnL
Chain INPUT (policy ACCEPT 17 packets, 1132 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       172.200.0.0/21       0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 11 packets, 1308 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# iptables -A FORWARD -s 172.200.0.0/21 -j ACCEPT

[root@docker101.yinzhengjie.org.cn ~]# hostname -i
172.200.3.101
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.200.7.254   0.0.0.0         UG    0      0        0 bond0
10.100.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
169.254.0.0     0.0.0.0         255.255.0.0     U     1006   0        0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 bond1
172.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond0
192.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond1
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# route add -net 10.200.0.0/16 gw 172.200.3.102
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.200.7.254   0.0.0.0         UG    0      0        0 bond0
10.100.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
10.200.0.0      172.200.3.102   255.255.0.0     UG    0      0        0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U     1006   0        0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 bond1
172.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond0
192.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond1
[root@docker101.yinzhengjie.org.cn ~]#

[root@docker101.yinzhengjie.org.cn ~]# route add -net 10.200.0.0/16 gw 172.200.3.102

6>.docker102.yinzhengjie.org.cn節點上添加靜態路徑

[root@docker102.yinzhengjie.org.cn ~]# iptables -vnL
Chain INPUT (policy ACCEPT 60 packets, 5185 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 42 packets, 6481 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# iptables -A FORWARD -s 172.200.0.0/21 -j ACCEPT
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# iptables -vnL
Chain INPUT (policy ACCEPT 8 packets, 528 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       172.200.0.0/21       0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 5 packets, 716 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
[root@docker102.yinzhengjie.org.cn ~]#

[root@docker102.yinzhengjie.org.cn ~]# iptables -A FORWARD -s 172.200.0.0/21 -j ACCEPT

[root@docker102.yinzhengjie.org.cn ~]# hostname -i
172.200.3.102
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.200.7.254   0.0.0.0         UG    0      0        0 bond0
10.200.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
169.254.0.0     0.0.0.0         255.255.0.0     U     1006   0        0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 bond1
172.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond0
192.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond1
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# route add -net 10.100.0.0/16 gw 172.200.3.101
[root@docker102.yinzhengjie.org.cn ~]# 
[root@docker102.yinzhengjie.org.cn ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.200.7.254   0.0.0.0         UG    0      0        0 bond0
10.100.0.0      172.200.3.101   255.255.0.0     UG    0      0        0 bond0
10.200.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
169.254.0.0     0.0.0.0         255.255.0.0     U     1006   0        0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U     1007   0        0 bond1
172.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond0
192.200.0.0     0.0.0.0         255.255.248.0   U     0      0        0 bond1
[root@docker102.yinzhengjie.org.cn ~]#

[root@docker102.yinzhengjie.org.cn ~]# route add -net 10.100.0.0/16 gw 172.200.3.101

7>.兩個節點相互ping測試

[root@docker101.yinzhengjie.org.cn ~]# docker container ps
CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS               NAMES
6f147e263a54        centos:centos7.6.1810   "/bin/bash"         About an hour ago   Up 8 minutes                            centos01
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it centos01 bash
[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.100.0.1  netmask 255.255.0.0  broadcast 10.100.255.255
        ether 02:42:0a:64:00:01  txqueuelen 0  (Ethernet)
        RX packets 11  bytes 1050 (1.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 11  bytes 910 (910.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# ping 10.200.0.1
PING 10.200.0.1 (10.200.0.1) 56(84) bytes of data.
64 bytes from 10.200.0.1: icmp_seq=1 ttl=62 time=0.481 ms
64 bytes from 10.200.0.1: icmp_seq=2 ttl=62 time=0.729 ms
64 bytes from 10.200.0.1: icmp_seq=3 ttl=62 time=1.71 ms
64 bytes from 10.200.0.1: icmp_seq=4 ttl=62 time=0.583 ms
64 bytes from 10.200.0.1: icmp_seq=5 ttl=62 time=1.04 ms
64 bytes from 10.200.0.1: icmp_seq=6 ttl=62 time=1.66 ms

8>.在任意一個容器中使用tcpdump工具進行抓包

[root@docker101.yinzhengjie.org.cn ~]# docker container ps 
CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS               NAMES
6f147e263a54        centos:centos7.6.1810   "/bin/bash"         About an hour ago   Up 19 minutes                           centos01
[root@docker101.yinzhengjie.org.cn ~]# 
[root@docker101.yinzhengjie.org.cn ~]# docker container exec -it centos01  bash
[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# yum -y install tcpdump
[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.100.0.1  netmask 255.255.0.0  broadcast 10.100.255.255
        ether 02:42:0a:64:00:01  txqueuelen 0  (Ethernet)
        RX packets 288  bytes 27244 (26.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 288  bytes 27104 (26.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@6f147e263a54 /]# 
[root@6f147e263a54 /]# tcpdump -i eth0 -vnn icmp

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 Docker同一台宿主機容器通信-通過容器名稱互聯 docker容器間通信 (共用宿主機) 宿主機網絡中其它機器與Docker容器網絡互通配置解決docker容器無法訪問宿主機網絡的問題 Docker:使用Ambassador進行跨主機間容器通信 Docker：macvlan實現容器跨主機通信 [十四] Docker之宿主機ssh至docker容器 Linux nsenter 命令簡介及切換宿主機網絡為docker容器網絡實踐 docker從容器中怎么訪問宿主機 Docker拷貝宿主機與容器中的文件