Compressed package
- Save
- Load
Docker network (Container Interconnection)
Understand docker0
- Understand docker0
- IP addr Displays the network configuration
View the network configuration of the started container
docker exec -it tomcat01 ip addr
Copy the code
- View the network configuration of the started container
- Check the container’s internal network address, IP addr, found that the container will get a 96: eth0@if97 IP address when started, Docker automatically assigned
- Wonder: Can Linux ping through the inside of our container?
- can
The principle of
- Every time we start a Docker container, Docker will assign an IP to the Docker container. As long as we install Docker, there will be a network card Docker0, bridge mode, using evTH-pair technology.
- On starting a container, we find an additional pair of network cards
- We found pairs of cards in this container
- An EVTH-pair is a pair of virtual device interfaces that come in pairs, with one end connected to the protocol and the other to each other
- Because of this feature, EVTH-pair acts as a bridge between various virtual network devices
- Let’s test whether the two containers can ping each other
- Ultimate principle: Docker0 routing and forwarding
- Our docker0 acts as a router. First, Tomcat01 sends a message to Docker0 via EVTH-pair technology. Then Docker0 uses routing configuration/broadcast mechanism. Send our information to Tomcat02 via EVTH-pair technology
- All containers are routed by Docker0 when no network is specified, and Docker assigns a default available IP to our containers
- All network interfaces in Docker are virtual, virtual forwarding efficiency is high!
- When we delete the container, evth-pair also disappears directly, docker automatically manages
- Ultimate principle: Docker0 routing and forwarding
Network communication by name
- Network communication by name
- The problem
- Every time we restart the container, Docker automatically reassigns the address of evth-pair, which will cause a problem. Suppose we write a service, we access mysql in the service, our mysql is started through the container, the project code is written in the mysql container address, Mysql suddenly crashed, and the IP changed after the restart. Our service could not access mysql, so the service would have problems
- The solution
- Access through the container name, access is the IP address of the container, the name of the container will not change, even if the IP is changed, we can still find the IP by pointing to the name
- Technology – the link
docker run -d -P --name tomcat03 --link tomcat02 tomcat Copy the code
- Use Tomcat02 to ping container Tomcat03. Check whether the ping succeeds.
- Can’t
- — Single connection of link (not recommended)
- why
- nature
- We actually added a 172.17.0.3 tomcat02 container ID to the hosts file
- why
- Viewing Network Details
docker network inspect bridge Copy the code
root@iZbp12kyfwxfku3288sr59Z:~# docker network inspect bridge [ { "Name": "bridge", "Id": "d80554cf321bff3d2821acfe37abdff08809fa1ee0f4a8d37693bb949e529476", "Created": 2020-10-02T13:30:57.993132975+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Default", "Options", null, "Config" : [{" Subnet configures ":" 172.17.0.0/16 ", "Gateway" : "172.17.0.1" # docker0}]}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {"Network": ""}," ConfigOnly ": false," Containers ": {# vessel network" 6 fcc850bb9dda8098daae0129af2995a823330a79d6fc74a536e4f53b5bc093a ": { "Name": "tomcat02", "EndpointID": "e54399c3dd68ca240379dfff6251652a888e61fa880b90334ac8cff872794521", "MacAddress": "02:42: AC :11:00:03", "IPv4Address": "172.17.0.3/16", # tomcat02 network "IPv6Address": "" }, "8d2b39b543083ba0028212ccf2fc986eeb9b7591662c28b0171321c7dcaf93d5": { "Name": "tomcat01", "EndpointID": "453f09d79583b22ce429d2054eb720b0666d2cfb0c5978379b6a7dd89aa2907f", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", # tomcat01 network "IPv6Address" : ""}," acf6df2a5d4e36e23b32aad793f1d28b9f91dfc1a53ecac569ec1c64f812ed3e ": { "Name": "tomcat03", "EndpointID": "60eeb95e2e97d91070378771d2a4bd384e55e2285603232e067dd6cb25ebd622", "MacAddress": "02:42: AC :11:00:04", "IPv4Address": "172.17.0.4/16", # tomcat03 network "IPv6Address": ""}}, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.net work. Bridge. The name" : "docker0", "com.docker.net work. Driver. Mtu" : "1500"}, "Labels" : {}}]Copy the code
- Viewing All Networks
- Network mode
- Bridge docker: Bridge docker: Bridge docker
- None: The network is not configured
- Host: Shares the network with the Host
- Container: Container network connectivity (not recommended)
docker network ls root@iZbp12kyfwxfku3288sr59Z:~# docker network ls NETWORK ID NAME DRIVER SCOPE d80554cf321b bridge bridge local 0985e4179804 host host local d95b28d99da4 none null local Copy the code
- Network mode
- The problem
Custom network
- The full version of the default command
- We directly use the run command –net Bridge and this is our docker0
docker run -d -P --name tomcat01 --net bridge tomcat
Copy the code
- Create a custom network
Docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynetCopy the code
- parameter
- — Driver Bridge network mode
- — Subnet 192.168.0.0/16 Defines the network segment and the number of hosts
- –gateway 192.168.0.0 Indicates the gateway route
- Details of the custom network MyNet
root@iZbp12kyfwxfku3288sr59Z:~# docker network inspect mynet [ { "Name": "mynet", "Id": "11690a7560b3c847045e9216a2fb3e91d90b0c8c8c5c3711ac57ce834ed0991b", "Created": 2020-10-04T20:50:40.991733452+08:00", "Scope": "local", "Driver": "bridge", # EnableIPv6: false, "IPAM": {" Driver ":" default ", "Options" : {}, "Config" : [{" Subnet configures ":" 192.168.0.0/16 ", # Subnet mask "Gateway" : "192.168.0.1" # gateway}]}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {"Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": {}, "Labels": {} } ]Copy the code
- Create three containers under the custom network
root@iZbp12kyfwxfku3288sr59Z:~# docker network inspect mynet [ { "Name": "mynet", "Id": "11690a7560b3c847045e9216a2fb3e91d90b0c8c8c5c3711ac57ce834ed0991b", "Created": 2020-10-04T20:50:40.991733452+08:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Default", "Options" : {}, "Config" : [{" Subnet configures ":" 192.168.0.0/16 ", "Gateway" : "192.168.0.1"}]}, "Internal" : false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {# in this part of the container options, contains three containers "5 ef9b87d364aafd27a509422bb24cdfbd249c2bcf74b2297b47bbfae1601b1e8" : {" Name ": "tomcat-net-01", "EndpointID": "e83f9febc5939b18d3e6c459c8564c12389c10cc2346678060327235437c23c3", "MacAddress": "02:42: c0: a8:00:02", "IPv4Address" : "192.168.0.2/16", "IPv6Address" : "" }, "99c0df5990a5ec9d78fc392eb0ee698d00f320e387b5a66d05782ea2013ac3a1": { "Name": "tomcat-net-03", "EndpointID": "41c4e5a4f2f5712a3a070e5337aa80021e8c13844cac1243aa1d8b371cb1679e", "MacAddress": "02:42:c0:a8:00:04", "IPv4Address": "" IPv6Address 192.168.0.4/16", ":" "}, "cb12e21c37b83c38d894cca0a3b55816aebca90ba8b3b083289f28608d70a566" : {" Name ": "tomcat-net-02", "EndpointID": "ba491227f9a347145718fd051ff461aa1bd7200c66cacf3397a5a915a86e52a3", "MacAddress": "02:42: c0: a8:00:03", "IPv4Address" : "192.168.0.3/16", "IPv6Address" : ""}}," Options ":" Labels ": {} {},}]Copy the code
- Ping tests by IP address and container name
- Our customized network Docker has helped us maintain the corresponding relationship, we recommend that we usually use the network like this
- Benefits:
- You can create different subnets between different clusters to isolate each other
Network unicom
- It is actually a connection between two different self-networks in our custom network
- Test the following routine
- Solutions:
Docker network conmect mynet tomcat01 Copy the code
-
- Tomcat01 has two IP addresses: 172.17.0.1 under Docker0 and 192.168.0.5 under Mynet. This is similar to ali Cloud network, 121.199.122.222 in public network. 172.186.11.1(private network IP) explains the problem of having two IP addresses for one container
- The test results
-
In actual combat
- Set up the redis cluster
- Step 1: Create a subnet
Docker network create redis --subnet 172.38.0.0/16Copy the code
- Step 2: Use shell scripts to build nodes of Redis
for port in $(seq 1 6); \ do \ mkdir -p /mydata/redis/node-${port}/conf touch /mydata/redis/node-${port}/conf/redis.conf cat << EOF >> /mydata/redis/node-${port}/conf/redis.conf port 6379 bind 0.0.0.0 cluster-enabled yes cluster-config-file nodes.conf Cluster-node-timeout 5000 cluster-announce-ip 172.38.0.1${port} cluster-announce-port 6379 cluster-announce-bus-port 16379 appendonly yes EOF doneCopy the code
- Step 3: Set up containers (custom networks, volume mappings, ports, etc.)
#Just replace the red numbers below with the corresponding numbers 1 to 6docker run -p 6376:6379 -p 16676:16379 --name redis-6 -v /mydata/redis/node-6/data:/data -v / mydata/redis/node - 6 / conf/redis. Conf: / etc/redis/redis conf - d -.net redis - IP 172.38.0.16 redis: 5.0.9 - alpine3.11 redis-server /etc/redis/redis.confCopy the code
- Step 4: Access one of the Redis machines
Docker exec it redis-1 /bin/sh #redis does not have bash by defaultCopy the code
- Step 5: Create a cluster and build nodes
Redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379-1 - cluster - replicasCopy the code
- Test setup results
- Step 1: Create a subnet