Published 5月 30, 2019 by with 0 comment

4 - 01 - Docker Network




Using $ docker network ls, we can see three type networks.
None, host and bridge.
$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
3aa82fb31574        bridge              bridge              local
9a8a72ebd1bf        host                host                local
c87da00cc48c        none                null                local


1. Create a container with none network. This container cannot connect to outside.
$ docker run -it --network=none busybox


2. Create a container with host network. This container will use host NIC.
$ docker run -it --network=host busybox


3. Create a container with bridge network. This container will use bridge to connect docker bridge.
$ brctl show
bridge name     bridge id               STP enabled     interfaces
docker0         8000.024219252d6f       no

# Creating a container for 300 sec and default network is bridge.
$ docker run -itd busybox sleep 3000
c2fc1e077e19bdae682cafadd8a02da0021cd76440931e9cadbf8399407c627b

# Check the Container process 
$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
b382ec65658f        busybox             "sleep 300"         14 seconds ago      Up 13 seconds                           confident_bardeen

# Now we can see the docker bridge has a new interface(veth40bff1b)
$ brctl show
bridge name     bridge id               STP enabled     interfaces
docker0         8000.024219252d6f       no              veth40bff1b

# Let is into the container and check its interface (eth0@if117) and his IP address is 172.17.0.2/16
$ docker exec -it c2fc1e077e19 sh
/ # 
/ # ip a
1: lo:  mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
116: eth0@if117:  mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever

# Check the docker bridge network configuration. (Subnet: 172.17.0.0/16)
$ docker network inspect bridge 
[
    {
        "Name": "bridge",
        "Id": "3aa82fb315746669b0b7b2b5ad379223d1d729ee3d6a16381a581cca0b5ded04",
        "Created": "2019-05-25T15:33:37.790700177+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16"
                }

# Check the docker0 network in the host.
$ ifconfig docker0
docker0   Link encap:Ethernet  HWaddr 02:42:19:25:2d:6f  
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
          inet6 addr: fe80::42:19ff:fe25:2d6f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:136562 errors:0 dropped:0 overruns:0 frame:0
          TX packets:189854 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:9298290 (9.2 MB)  TX bytes:295225363 (295.2 MB)

# Form Host ping to container is working.
$ ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.119 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.081 ms


最初發表 / 最後更新: 2019.05.30 / 2019.05.30

0 comments:

張貼留言

訂閱: 張貼留言 (Atom)