二、--link與自定義網路
阿新 • • 發佈:2021-09-27
--link(不推薦使用)
思考一個場景,我們編寫了一個微服務,專案不重啟,資料庫ip換掉了,我們希望可以處理這個問題,可以用名字來訪問?
1.啟動兩個容器如下
[root@docker ~]# docker ps
CONTAINER IDIMAGECOMMANDCREATEDSTATUSPORTSNAMES
79bec4d5841acentos"/bin/bash"28 minutes agoUp 28 minutescentos02
95937ebb5ce8centos"/bin/bash"29 minutes agoUp 29 minutescentos01
[root@docker ~]# docker exec -it centos01 ping centos02
ping: centos02: Name or service not known
我們發現不能ping通:
解決辦法--link即可解決連線問題,但是反向連線不能ping通
[root@docker ~]# docker run -d -it --name centos03 --link centos01 --link centos02 centos
ed7e71239e34507cd1aa32590df51f0a0fdc335d7d9ef6503c170197fb1ab92e
[root@docker ~]# docker exec -it centos03 ping centos01
PING centos01 (172.17.0.2) 56(84) bytes of data.
64 bytes from centos01 (172.17.0.2): icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from centos01 (172.17.0.2): icmp_seq=2 ttl=64 time=0.043 ms
可以檢視網絡卡資訊
[root@docker ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "219769a742011931a0b08b03fc00f6135ad1bcabce1cfa93bc68902b532a2a3b",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Containers": {
"79bec4d5841a7f4bba483e0a0107383eea759d863ade5c6bf0d2c7cdf5693950": {
"Name": "centos02",
"EndpointID": "0e862a4d7bd09adaed475d9844af2d72a07a412b72534bfdac107af42b9991ef",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"95937ebb5ce8d7571232306218f44d7da65dc6e9aa8b901e8c156315199ec759": {
"Name": "centos01",
"EndpointID": "4ed26158cd299b9d834e9b90142e1131e62f0c107124f7c4babd54fa3fa58962",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"ed7e71239e34507cd1aa32590df51f0a0fdc335d7d9ef6503c170197fb1ab92e": {
"Name": "centos03",
"EndpointID": "a2eacc59f98083eccfa2ce4f8b00f7d311ab056cd0118b0bdbaad0c88cbbbcf5",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
探索 inspect
![]()
其實這個centos03就是配置了centos01-02的配置
#檢視hosts配置,在這裡原理髮現
[root@docker ~]# docker exec -it centos03 cat /etc/hosts
127.0.0.1localhost
::1localhost ip6-localhost ip6-loopback
fe00::0ip6-localnet
ff00::0ip6-mcastprefix
ff02::1ip6-allnodes
ff02::2ip6-allrouters
172.17.0.2centos01 95937ebb5ce8
172.17.0.3centos02 79bec4d5841a
172.17.0.4ed7e71239e34
本質探究:--link操作就是在hosts配置中增加了一個centos01-2的對映
在真實專案中已經不建議使用--link了
在實際中我們採用自定義網路,不使用docker0
docker的問題:它不支援容器名連線訪問
自定義網路
[root@docker ~]# docker network ls #檢視所有網絡卡
docker network rm 刪除網絡卡
[root@docker ~]# docker network ls
NETWORK IDNAMEDRIVERSCOPE
219769a74201bridgebridge local
f6b9d84b1f81 host host local
47132fb890ac none null local
網路模式
bridge :橋接(預設,自己建立網路也推薦使用bridge模式)
none: 不配置網路
host: 和宿主機共享網路
container:容器網路連通!(使用較少!侷限性很大)
測試:
#我們直接啟動的命令--network bridge ,而這個就是我們的docker0
[root@docker ~]#docker run -d -P --name centos1 --network bridge centos
#docker0 :預設,域名不能訪問,使用--link可以打通連線
#我們可以自定義一個網路
[root@docker ~]# docker network create --help #幫助命令檢視
[root@docker ~]#docker network create --driver bridge --subnet 192.168.1.0/24 --gateway 192.168.1.1 mynet
2bb4bf4c05391ed5349957522374d4e0a1043b3767f3fa7fe15a6f8754437e0b
[root@docker ~]# docker network ls
NETWORK IDNAMEDRIVERSCOPE
219769a74201bridgebridgelocal
f6b9d84b1f81hosthostlocal
2bb4bf4c0539mynetbridgelocal
47132fb890acnonenulllocal
引數講解:
--driver bridge :指定模式為橋接
--subnet: 子網地址
--gateway: 閘道器
[root@docker ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "2bb4bf4c05391ed5349957522374d4e0a1043b3767f3fa7fe15a6f8754437e0b",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.1.0/24",
"Gateway": "192.168.1.1"
}
]
},
"Internal": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
至此我們自己的網路就建立好了
接下來啟動兩個容器測試:
[root@docker ~]# docker run -d -it -P --name cenos01--network mynet centos
0f928c84f9f4615e432198d78a5e72062334041117b5b74ce66e327422dc6f78
[root@docker ~]# docker run -d -it -P --name cenos02--network mynet centos
6dcaf8d1698263309bb87d5f535981679e73958f7cb63d2fe69a9a3fa74d6808
[root@docker ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "2bb4bf4c05391ed5349957522374d4e0a1043b3767f3fa7fe15a6f8754437e0b",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.1.0/24",
"Gateway": "192.168.1.1"
}
]
},
"Internal": false,
"Containers": {
"0f928c84f9f4615e432198d78a5e72062334041117b5b74ce66e327422dc6f78": {
"Name": "cenos01",
"EndpointID": "c6a6451c319156074642e6c26d7305977c7619bd5fe3faeac1bab656dc7c81e5",
"MacAddress": "02:42:c0:a8:01:02",
"IPv4Address": "192.168.1.2/24",
"IPv6Address": ""
},
"6dcaf8d1698263309bb87d5f535981679e73958f7cb63d2fe69a9a3fa74d6808": {
"Name": "cenos02",
"EndpointID": "9346da6d8559ae555dd47a40e4f2c56e8d59f7b7d2fba674ec95f1eaac26d9ba",
"MacAddress": "02:42:c0:a8:01:03",
"IPv4Address": "192.168.1.3/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
#再次測試ping連線不使用--link也可以ping名字ping通
[root@docker ~]# docker exec -it cenos01 ping cenos02
PING cenos02 (192.168.1.3) 56(84) bytes of data.
64 bytes from cenos02.mynet (192.168.1.3): icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from cenos02.mynet (192.168.1.3): icmp_seq=2 ttl=64 time=0.047 ms
64 bytes from cenos02.mynet (192.168.1.3): icmp_seq=3 ttl=64 time=0.070 ms
我們自定義的網路docker都已經幫我們維護好了對應的關係推薦使用自定義網路
好處:保證不同的叢集使用不同的網路,保證叢集是安全和健康的