1, docker network mode
1. Virtual gateway of docker container
(1)loopback
Is the loopback network card and TCP/IP network card effective
(2)virtual bridge
linux itself inherits a virtualization function (kvm Architecture) and is a virtualization platform of the native architecture. After installing a virtualization platform, the system will automatically install the virtual network card
(example: after installing workstation, VMnet1, VMnet8 and vmnet0 will be added to the network adapter)
(3)docker 0
The gateway of the container is bound to the physical network card and is responsible for NAT address translation and port mapping; docker0 itself is also a container
(4) veth yes
A group of virtual devices where users connect two different namespaces; The host is veth
2. Four network modes of docker
(1) Host mode
net=host; Container and host share network namespace (network namespace / network protocol stack)
(2) Container mode
net=container:NAME or ID; Multiple containers share a Network namespace.
(3) None mode
net=none; The container has an independent Network namespace, but it does not have any network settings, such as allocating veth pair and bridge connection, configuring IP, etc. (self closing space)
(4) Bridge mode
Net = bridge (the default is this mode); The default mode is to connect the container and docker0 bridge through Veth. The bridge is assigned to the container IP. Meanwhile, docker0 acts as the gateway of the "Lan" content container, and finally communicates with the host network card
There is no need to configure the above. What really needs to be configured is the user-defined network
3.docker custom network
(1) View network list
[root@docker ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 9477282009db bridge bridge local 7f91145d9494 host host local 24131737de22 none null local
(2) View container
docker inspect image id view image status
[root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat test d6598c118ba0 2 days ago 599MB nginx new 8cc8975756f1 2 days ago 681MB nginx latest 822b7ec2aaf2 8 days ago 133MB centos 7 8652b9f0cb4c 10 months ago 204MB [root@docker ~]# docker run -itd --name centos centos:7 /bin/bash 378fe5ac181efae8fc5e0dfad3729f834f4c41b89e82f12afb4fb97c3d1e92af [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 378fe5ac181e centos:7 "/bin/bash" 16 seconds ago Up 15 seconds centos e2fe9ef4b577 tomcat:test "/usr/local/src/tomc..." 2 days ago Up 2 days 0.0.0.0:49154->8080/tcp, :::49154->8080/tcp cool_hermann 9639ed027de8 nginx:new "/bin/sh -c nginx" 2 days ago Up 2 days 0.0.0.0:49153->80/tcp, :::49153->80/tcp wizardly_maxwell [root@docker ~]# docker exec centos ps aux #Execute commands using exec USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.1 0.0 11828 1656 pts/0 Ss+ 17:32 0:00 /bin/bash root 16 0.0 0.0 51732 1704 ? Rs 17:33 0:00 ps aux You are /var/spool/mail/root Mail in [root@docker ~]# docker inspect centos #View the container with the specified name
(3) Custom network fixed ip
– network: Specifies the network type
– ip: Specifies the ip address
[root@docker ~]# docker run -itd --name test1 --network bridge --ip 172.17.0.10 centos:latest /bin/bash 97ea02cf3fad266e746969fbb502949bf705c0e1b040675d78e46e7ccfe95bdc docker: Error response from daemon: user specified IP address is supported on user defined networks only.
This method will report an error: you can only follow the default address allocation method; Cannot specify
① Customize the network mode first
[root@docker ~]# docker network create --subnet=172.18.0.0/16 mynetwork 8ec784189c9a83bb6eb4ab6bc01128e86e297f5867659b96cd1f7d03f175d936 You are /var/spool/mail/root Mail in [root@docker ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 9477282009db bridge bridge local 7f91145d9494 host host local 8ec784189c9a mynetwork bridge local 24131737de22 none null local
② Join specified ip
[root@docker ~]# docker run -itd --name centos-2 --net mynetwork --ip 172.18.0.10 centos:latest /bin/bash 70daaad53f1c589972ff6bf2c583c4345dc984dbf0e0b0efcda74cd1562d3aae [root@docker ~]# docker inspect centos-2
(4) Exposed port
Although the query has port 80, it cannot open the web page
① - p specifies the port
[root@docker ~]# docker run -itd -p 444:80 nginx /bin/bash cf5d03c5220cc04e4b5da89d55ec9eabcc63ad47536c778112ad5fa1ec2616bf You are /var/spool/mail/root Mail in [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cf5d03c5220c nginx "/docker-entrypoint...." 14 seconds ago Up 13 seconds 0.0.0.0:444->80/tcp, :::444->80/tcp loving_dijkstra 6245e722475b nginx:latest "/docker-entrypoint...." 2 minutes ago Up 2 minutes 80/tcp friendly_morse 70daaad53f1c centos:latest "/bin/bash" 7 minutes ago Up 7 minutes centos-2 97ea02cf3fad centos:latest "/bin/bash" 13 minutes ago Created test1 27dba7291477 centos:latest "/bin/bash" 13 minutes ago Created centos-3 378fe5ac181e centos:7 "/bin/bash" 38 minutes ago Up 38 minutes centos e2fe9ef4b577 tomcat:test "/usr/local/src/tomc..." 2 days ago Up 2 days 0.0.0.0:49154->8080/tcp, :::49154->8080/tcp cool_hermann 9639ed027de8 nginx:new "/bin/sh -c nginx" 2 days ago Up 2 days 0.0.0.0:49153->80/tcp, :::49153->80/tcp wizardly_maxwell [root@docker ~]# [root@docker ~]# docker run nginx:latest /bin/bash You are /var/spool/mail/root Mail in [root@docker ~]# docker exec cf5d03c5220c nginx 2021/09/11 18:13:45 [notice] 7#7: using the "epoll" event method 2021/09/11 18:13:45 [notice] 7#7: nginx/1.21.1 2021/09/11 18:13:45 [notice] 7#7: built by gcc 8.3.0 (Debian 8.3.0-6) 2021/09/11 18:13:45 [notice] 7#7: OS: Linux 3.10.0-957.el7.x86_64 2021/09/11 18:13:45 [notice] 7#7: getrlimit(RLIMIT_NOFILE): 1048576:1048576 2021/09/11 18:13:45 [notice] 13#13: start worker processes 2021/09/11 18:13:45 [notice] 13#13: start worker process 14 2021/09/11 18:13:45 [notice] 13#13: start worker process 15 2021/09/11 18:13:45 [notice] 13#13: start worker process 16 2021/09/11 18:13:45 [notice] 13#13: start worker process 17
Run and start nginx
Viewing website: 192.168.206.188:444
② - P random port
[root@docker ~]# docker run -itd -P nginx /bin/bash 00f5572ea156c091d86670aa395cd2dac790d8e51fcfa70d2353bb15e20aa2c9 You are /var/spool/mail/root Mail in [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 00f5572ea156 nginx "/docker-entrypoint...." 7 seconds ago Up 6 seconds 0.0.0.0:49155->80/tcp, :::49155->80/tcp goofy_agnesi 956491cfd9fd nginx:latest "/docker-entrypoint...." 4 minutes ago Exited (0) 4 minutes ago condescending_panini cf5d03c5220c nginx "/docker-entrypoint...." 6 minutes ago Up 6 minutes 0.0.0.0:444->80/tcp, :::444->80/tcp loving_dijkstra 6245e722475b nginx:latest "/docker-entrypoint...." 8 minutes ago Up 8 minutes 80/tcp friendly_morse 70daaad53f1c centos:latest "/bin/bash" 13 minutes ago Up 13 minutes centos-2 97ea02cf3fad centos:latest "/bin/bash" 19 minutes ago Created test1 27dba7291477 centos:latest "/bin/bash" 20 minutes ago Created centos-3 378fe5ac181e centos:7 "/bin/bash" 44 minutes ago Up 44 minutes centos e2fe9ef4b577 tomcat:test "/usr/local/src/tomc..." 2 days ago Up 2 days 0.0.0.0:49154->8080/tcp, :::49154->8080/tcp cool_hermann 9639ed027de8 nginx:new "/bin/sh -c nginx" 2 days ago Up 2 days 0.0.0.0:49153->80/tcp, :::49153->80/tcp wizardly_maxwell [root@docker ~]# docker exec 00f5572ea156 nginx 2021/09/11 18:17:24 [notice] 7#7: using the "epoll" event method 2021/09/11 18:17:24 [notice] 7#7: nginx/1.21.1 2021/09/11 18:17:24 [notice] 7#7: built by gcc 8.3.0 (Debian 8.3.0-6) 2021/09/11 18:17:24 [notice] 7#7: OS: Linux 3.10.0-957.el7.x86_64 2021/09/11 18:17:24 [notice] 7#7: getrlimit(RLIMIT_NOFILE): 1048576:1048576 2021/09/11 18:17:24 [notice] 13#13: start worker processes 2021/09/11 18:17:24 [notice] 13#13: start worker process 14 2021/09/11 18:17:24 [notice] 13#13: start worker process 15 2021/09/11 18:17:24 [notice] 13#13: start worker process 16 2021/09/11 18:17:24 [notice] 13#13: start worker process 17 [root@docker ~]#
See page 192.168.206.188:49155
(5) Run the container command in the host environment
docker exec -it container ID /bin/bash -c 'nginx'
docker exec command executed by container ID / container name
2, docker data volume
1. Data volume
A data volume is a special directory that provides container usage
Create data volume
docker run -d -v /data1 -v /data2 --name web httpd:centos
Mount the host directory as a data volume
docker run -d -v /var/www:/data1 --name web-1 httpd:centos
Instance view verification
[root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat test d6598c118ba0 2 days ago 599MB nginx new 8cc8975756f1 2 days ago 681MB nginx latest 822b7ec2aaf2 8 days ago 133MB centos latest 300e315adb2f 9 months ago 209MB centos 7 8652b9f0cb4c 10 months ago 204MB You are /var/spool/mail/root Mail in [root@docker ~]# docker run -v /var/www:/data1 -v /var/html:/data2 -it --name centos-v4 centos:7 /bin/bash [root@7d431361b5ef /]# cd /data1 [root@7d431361b5ef data1]# ls [root@7d431361b5ef data1]# touch 1.txt [root@7d431361b5ef data1]# cd /data2 [root@7d431361b5ef data2]# ls [root@7d431361b5ef data2]# touch 2.txt [root@7d431361b5ef data2]# ls /var/www ls: cannot access /var/www: No such file or directory [root@7d431361b5ef data2]# exit exit You are /var/spool/mail/root Mail in [root@docker ~]# ls /var/www 1.txt [root@docker ~]# ls /var/html 2.txt
2. Data volume container
It is an ordinary container to realize the interconnection between containers
example
[root@docker ~]# docker run --name web11 -v /data1 -v /data2 -it centos /bin/bash #Create data1 volume, data2 volume [root@75f345222ef9 /]# ls bin data1 data2 dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var [root@75f345222ef9 /]# cd data1 [root@75f345222ef9 data1]# ls [root@75f345222ef9 data1]# touch 1.txt [root@75f345222ef9 data1]# ls 1.txt [root@75f345222ef9 data1]# exit exit [root@docker ~]# docker run -it --volumes-from web11 --name tt centos /bin/bash #Allow a container, specify that the volume comes from web11, and the new container name tt [root@64816843721d /]# ls bin data1 data2 dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var [root@64816843721d /]# ls data1 1.txt [root@64816843721d /]#
3. Vessel interconnection
docker run -itd -P --name webb centos /bin/bash # creates and runs a container named web1, and the port number is automatically mapped
docker run -itd -P --name web2 --link webb:webb centos /bin/bash # creates and runs a container named web2 and links to web1 to communicate with it
– link: open the tunnel
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat test d6598c118ba0 2 days ago 599MB
nginx new 8cc8975756f1 2 days ago 681MB
nginx latest 822b7ec2aaf2 8 days ago 133MB
centos latest 300e315adb2f 9 months ago 209MB
centos 7 8652b9f0cb4c 10 months ago 204MB
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker ps -aq
[root@docker ~]# docker run -itd -P --name web888 centos /bin/bash
972416b46adeb73ac2321fe5c5997df431802ef7c34db3cdb18b58e091219da7
You are /var/spool/mail/root Mail in
[root@docker ~]# docker run -itd -P --name web999 --link web888:web888 centos /bin/bash
4195d537f5aebe6a1f17b2bf5c7407a4d8b95722a2558c03511941c93de60bdf
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4195d537f5ae centos "/bin/bash" 56 seconds ago Up 54 seconds web999
972416b46ade centos "/bin/bash" About a minute ago Up About a minute web888
[root@docker ~]# docker exec -it web888 /bin/bash
[root@972416b46ade /]# yum install -y net-tools
[root@972416b46ade /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 4385 bytes 16662126 (15.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4255 bytes 234697 (229.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
verification
