docker网络

tech2025-12-30 2

1.docker原生网络

host网络模式需要在容器创建时指定 --network=host 此时他是直接使用eth0接口，和宿主机运用同一个接口

[root@server1 ~]# docker run -it -d --name=demo --network host nginx 1d70691b7cc4739324e9a401cec05d09c6f3e2495071bd1bf2bf5708374fa557 [root@server1 ~]#

此时用这个浏览器打开宿主机ip如我自己的ip地址是172.25.16.1 就可以访问到nginx页面

我们在主机上直接添加nginx的index.html 页面

[root@server1 docker]# docker container cp index.html demo:/usr/share/nginx/html [root@server1 docker]# cat index.html hello nginx [root@server1 docker]#

自定义网络模式,docker提供了三种自定义网络驱动:

创建最基本的自定义网络

[root@server1 docker]# docker network create mynet1 4b5112bba5c7f474b790784e4371544364b1e79d979f1f62a9e11ac2234d0a53 [root@server1 docker]# docker network ls NETWORK ID NAME DRIVER SCOPE 87cafd9c8326 bridge bridge local e3a4487b07f1 harbor_harbor bridge local 7be9cafe0c01 host host local 4b5112bba5c7 mynet1 bridge local 3fa04b255f2a none null local [root@server1 docker]#

我们创建一个这个mynet1 网络的nginx

[root@server1 docker]# docker run -d --name vm1 --network mynet1 nginx 102efdc075b7ffcc5cee0e8e5dcc3d817af2652292bcd284bce1dea2e8fab63e

此时我们使用一个menet1的busyboxplus，看能否在vm2中访问nginx

[root@server1 docker]# docker run -it --name vm3 --network mynet1 radial/busyboxplus / # curl 172.19.0.2 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> / # //可以访问

两个不同网段的ip能否访问了？此时我们使用在同一个vm中接多块网卡我们先创建一个mynet2

[root@server1 docker]# docker network create --subnet 172.25.0.0/24 --gateway 172.25.0.1 mynet2 07fb37c36091a632d9d1179ed7fe9ab6134336ad84c020360cb174bf04dfa072 [root@server1 docker]# docker network ls NETWORK ID NAME DRIVER SCOPE 87cafd9c8326 bridge bridge local e3a4487b07f1 harbor_harbor bridge local 7be9cafe0c01 host host local 4b5112bba5c7 mynet1 bridge local 07fb37c36091 mynet2 bridge local

在vm1 上嫁接mynet2 端口

[root@server1 docker]# docker network connect mynet2 vm1 [root@server1 docker]# docker run -it --name vm4 --network container:vm1 radial/busyboxplus / # curl 172.19.0.2 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 109: eth0@if110: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:13:00:02 brd ff:ff:ff:ff:ff:ff inet 172.19.0.2/16 brd 172.19.255.255 scope global eth0 valid_lft forever preferred_lft forever 113: eth1@if114: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:19:00:02 brd ff:ff:ff:ff:ff:ff inet 172.25.0.2/24 brd 172.25.0.255 scope global eth1 valid_lft forever preferred_lft forever

link 方法

跨主机容器间的通信

在两台docker主机上各创建macvlan网络: 添加网卡两台主机相同操作：

[root@server2 ~]# cd /etc/sysconfig/network-scripts/ [root@server2 network-scripts]# ls ifcfg-eth0 ifdown-ipv6 ifdown-Team ifup-eth ifup-post ifup-tunnel ifcfg-lo ifdown-isdn ifdown-TeamPort ifup-ippp ifup-ppp ifup-wireless ifdown ifdown-post ifdown-tunnel ifup-ipv6 ifup-routes init.ipv6-global ifdown-bnep ifdown-ppp ifup ifup-isdn ifup-sit network-functions ifdown-eth ifdown-routes ifup-aliases ifup-plip ifup-Team network-functions-ipv6 ifdown-ippp ifdown-sit ifup-bnep ifup-plusb ifup-TeamPort [root@server2 network-scripts]# cp ifcfg-eth0 ifcfg-eth1 [root@server2 network-scripts]# vim ifcfg-eth1 -bash: vim: command not found [root@server2 network-scripts]# vi ifcfg-eth1 [root@server2 network-scripts]# ifup eth1 RTNETLINK answers: File exists [root@server2 network-scripts]# systemctl restart network [root@server2 network-scripts]# ip link set eth1 promisc on [root@server2 network-scripts]# cat ifcfg-eth1 BOOTPROTO=none DEVICE=eth0 ONBOOT=yes [root@server2 network-scripts]#

创建vlan1

docker network create -d macvlan --subnet 172.21.0.0/24 --gateway 172.21.0.1-o parent=eth1 vlan1 ## 两台主机无所谓ip相同直接一样没有问题

测试： server1:

docker run -it --rm --network vlan1 --ip 172.21.0.10 radial/busyboxplus

server2:

docker run -it --rm --network vlan1 --ip 172.21.0.20 radial/busyboxplus

此时需要这个两个的ip地址不一样

出现问题：

docker run -it --rm --network vlan1 --ip 172.20.0.2 radial/busyboxplus WARNING: IPv4 forwarding is disabled. Networking will not work. / # 解决方法：

[root@server1 network-scripts]# echo “net.ipv4.ip_forward=1” >>/usr/lib/sysctl.d/00-system.conf [root@server1 network-scripts]# systemctl restart network [root@server1 network-scripts]# systemctl restart docker [root@server1 network-scripts]# docker run -it --rm --network vlan1 --ip 172.20.0.1 radial/busyboxplus / #

最新回复(0)