自定义网络
查看所有的docker网络
[root@localhost ~] # docker network ls
NETWORK ID NAME DRIVER SCOPE
f0252b7d323e bridge bridge local
4d03c52372e1 host host local
898465300bee none null local
983a1a9b2f0f x34-arbitrary-file-deletion_default bridge local
网络模式
1、Bridge : 桥接 docke 0.1 0.2 0.3 都通过桥转发(默认使用模式)
2、none :不配置网络
3、host : 主机模式,和宿主机共享网络
4、container : 容器网络连通(局限性大)
测试
清空网络容器
[root@localhost ~]#docker rm -f $(docker ps -aq)
# 直接启动的命令 --net bridge, 这个就是docker0
[root@localhost ~] # docker run -d -P --name tomcat01 tomcat # 原来的启动方式
[root@localhost ~] # docker run -d -P --name tomcat01 --net bridge tomcat # 默认
# docker0特点:默认,域名不能访问, --link可以打通连接
# 我们可以自定义网络
# --driver bridge
# --subnet 192.168.0.0/24
# --gateway 192.168.0.1
[root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/24 --gateway 192.168.0.1 mynet
3fa16a661c63da775336a98aadba1447d69e01009f5afbf2e38f2bbb0cdf669d
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
f0252b7d323e bridge bridge local
4d03c52372e1 host host local
3fa16a661c63 mynet bridge local
898465300bee none null local
983a1a9b2f0f x34-arbitrary-file-deletion_default bridge local
# 查看一下自己创建的网络配置信息
[root@localhost ~]# docker network inspect 3fa16a661c63
[
{
"Name": "mynet",
"Id": "3fa16a661c63da775336a98aadba1447d69e01009f5afbf2e38f2bbb0cdf669d",
"Created": "2022-01-10T08:18:36.27124654-05:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/24", # 子网
"Gateway": "192.168.0.1" # 网关
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
},
"Options": {
},
"Labels": {
}
}
]
启动一个容器,网络配置是我们自己创建的网络
# 启动两个容器,网络配置mynet
[root@localhost ~]# docker run -d -P --name tomcat-net-01 --net mynet tomcat
5a85dd02380c7c62714c3fe64e959ad3f1d98d33e44d61e212c3e864e229f927
[root@localhost ~]# docker run -d -P --name tomcat-net-02 --net mynet tomcat
a207c17e91dbde264af88b999cd12497d8a649692d5c96d081c8bd09547bb04b
# 查看一下自己创建的网络配置信息,发现两个容器的网络配置都已配置好
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "3fa16a661c63da775336a98aadba1447d69e01009f5afbf2e38f2bbb0cdf669d",
"Created": "2022-01-10T08:18:36.27124654-05:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/24",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"5a85dd02380c7c62714c3fe64e959ad3f1d98d33e44d61e212c3e864e229f927": {
"Name": "tomcat-net-01",
"EndpointID": "3efde84d7d3d212a6d4a464467a7baf08a4577036b9c29c116f4a6977451190c",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/24", # 容器 01 网络配置
"IPv6Address": ""
},
"a207c17e91dbde264af88b999cd12497d8a649692d5c96d081c8bd09547bb04b": {
"Name": "tomcat-net-02",
"EndpointID": "1d055768a18f5d2f21b14a90a8182f103cd5d33234918b9acfcca87204545825",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/24", # 容器 02 网络配置
"IPv6Address": ""
}
},
"Options": {
},
"Labels": {
}
}
]
# 再次测试ping连接
[root@localhost ~]# docker exec -it tomcat-net-01 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.100 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.072 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=64 time=0.088 ms
# 现在不使用--link,也可以ping容器名字
[root@localhost ~]# docker exec -it tomcat-net-01 ping tomcat-net-02
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.117 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.136 ms
我们自定义的网络docker都已经帮我们维护好了对应的关系,推荐使用这样的方式!
好处:
Redis – 不同的集群使用不同的网络,保证集群都是安全和健康的 例如:192.168.0.1/24
MySQL-- 不同的集群使用不同的网络,保证集群是安全和健康的 例如:192.168.0.2/24
网络连通
# 查看docker network 帮助文件
[root@localhost ~]# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network # 连通一个容器到一个网络,结合下图 容器tomcat-01到mynet网络
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
# 测试tomcat-01容器连通mynet网络
# 执行docker network inspect mynet,发现容器tomcat-01加在了mynet网络
[root@localhost ~]# docker network connect mynet tomcat-01
# 再次检测一下mynet配置信息,结果如图:
# 发现tomcat-01容器有两个IP地址{
172.17.0.2/16 192.168.0.4/24},类似于阿里云服务:公网ip 私网ip
[root@localhost ~]# docker network inpsect mynet
# 测试tomcat-01 ping tomcat-net-01, 测试成功ok
[root@localhost ~]# docker exec -it tomcat-01 ping tomcat-net-01
# tomcat-02 依然ping不通,但是加入mynet就可以
[root@localhost ~]# docker network connect mynet tomcat-02
结论
如果跨网段连接,需要使用docker network connect命令连通!✌️
实战:部署Redis集群
m : master s : slave
首先移除所有容器
[root@localhost ~]# docker rm -f $(docker ps -aq)
