首页 > 编程学习 > 自定义docker网络与自定义的网络之间的连通

一、自定义一个docker网络

1、创建一个自定义网络
[root@master ~]# docker network create --driver bridge --subnet 10.192.0.0/24 --gateway 10.192.0.1 mynet
806b16d9d8b2c2535e28071d9dc413b1852bb3e99acbcb13477c8918fc201310
[root@master ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
e52ef1cd9c37        bridge              bridge              local
20f229ec5603        host                host                local
806b16d9d8b2        mynet               bridge              local
5e0bd1d2525c        none                null                local
[root@master ~]# 
2、使用自定义网络运行两个容器
# 先下载一个centos镜像
[root@master ~]# docker pull centos

[root@master home]# docker run -it -d --name cn1 --net mynet centos
a694e63f485a6de5a909d9b48bf3385af1980ef78a04ddc457a6dc396715cacc

[root@master home]# docker run -it -d --name cn2 --net mynet centos
43861b425af6db813bb548823de07bb4e66b4cc289ebbecfb15ed545c5a7f142
3、查看网络情况
[root@master home]# docker inspect mynet 
[
    ...
    ...
        "ConfigOnly": false,
        "Containers": {
            "43861b425af6db813bb548823de07bb4e66b4cc289ebbecfb15ed545c5a7f142": {
                "Name": "cn2",
                "EndpointID": "154af184fc7d67b714fe213d18f6a72aeac3f52b168d02d2787a489d994e6e34",
                "MacAddress": "02:42:0a:c0:00:03",
                "IPv4Address": "10.192.0.3/24",
                "IPv6Address": ""
            },
            "a694e63f485a6de5a909d9b48bf3385af1980ef78a04ddc457a6dc396715cacc": {
                "Name": "cn1",
                "EndpointID": "8a73a643c52d41ed1c5910c63c2fa89633c0e17fd89d9932dec39f790f6ae4bf",
                "MacAddress": "02:42:0a:c0:00:02",
                "IPv4Address": "10.192.0.2/24",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]
[root@master home]# 
4、测试1,宿主机ping容器,成功
[root@master home]# ping 10.192.0.2
PING 10.192.0.2 (10.192.0.2) 56(84) bytes of data.
64 bytes from 10.192.0.2: icmp_seq=1 ttl=64 time=0.059 ms
64 bytes from 10.192.0.2: icmp_seq=2 ttl=64 time=0.075 ms
^C
--- 10.192.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.059/0.067/0.075/0.008 ms

[root@master home]# ping 10.192.0.3
PING 10.192.0.3 (10.192.0.3) 56(84) bytes of data.
64 bytes from 10.192.0.3: icmp_seq=1 ttl=64 time=0.047 ms
64 bytes from 10.192.0.3: icmp_seq=2 ttl=64 time=0.055 ms
64 bytes from 10.192.0.3: icmp_seq=3 ttl=64 time=0.051 ms
^C
--- 10.192.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.047/0.051/0.055/0.003 ms
[root@master home]# 
5、测试2,容器之间通过名称互ping,成功
# cn1 Ping cn2
[root@master home]# docker exec -it cn1 ping cn2
PING cn2 (10.192.0.3) 56(84) bytes of data.
64 bytes from cn2.mynet (10.192.0.3): icmp_seq=1 ttl=64 time=0.035 ms
64 bytes from cn2.mynet (10.192.0.3): icmp_seq=2 ttl=64 time=0.056 ms
^C
--- cn2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.035/0.045/0.056/0.012 ms

# cn2 Ping cn1
[root@master home]# docker exec -it cn2 ping cn1
PING cn1 (10.192.0.2) 56(84) bytes of data.
64 bytes from cn1.mynet (10.192.0.2): icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from cn1.mynet (10.192.0.2): icmp_seq=2 ttl=64 time=0.055 ms
^C
--- cn1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1ms
rtt min/avg/max/mdev = 0.055/0.060/0.065/0.005 ms
[root@master home]# 
6、结论

使用自定义的网络,docker会自动帮我们建立好对应关系。

好处:当一台服务器中,部署不同的集群时,不同的集群使用不同的网络,可以保证集群的安全与健康。

二、两个相互隔离的网络的连通

1、实验要求

实验:如下图所示,如何使mn1与cn1连通:

在这里插入图片描述

2、环境介绍
网络名 容器名 ip
mynet cn1 10.192.0.2
mynet cn2 10.192.0.3
mynet2 mn1 10.193.0.2
mynet2 mn1 10.193.0.3

创建mynet2的脚本:

[root@master home]# docker network create --driver bridge --subnet 10.193.0.0/24 --gateway 10.193.0.1 mynet2

[root@master home]# docker run -it -d --name mn1 --net mynet2 centos
6f99c08f45116a8260a12037ebb98c3647751bb6bf328174aca0156e7f2f1594

[root@master home]# docker run -it -d --name mn2 --net mynet2 centos
50bc87335d51bc20ca0b4842b4b419a2fed0fca2bcbd59651ec4587e1224afc2
3、连通

3.1、直接ping,不通

[root@master home]# docker exec -it cn1 ping mn1
ping: mn1: Name or service not known
[root@master home]# 

3.2、通过帮助文档可知,可以通过网络与容器进行连接,格式为docker network connect [OPTIONS] NETWORK CONTAINER

[root@master home]# docker network connect --help

Usage:  docker network connect [OPTIONS] NETWORK CONTAINER

Connect a container to a network

Options:
      --alias strings           Add network-scoped alias for the container
      --ip string               IPv4 address (e.g., 172.30.100.104)
      --ip6 string              IPv6 address (e.g., 2001:db8::33)
      --link list               Add link to another container
      --link-local-ip strings   Add a link-local address for the container
[root@master home]# 

3.3、连通,使用mynet与mn1连通

[root@master home]# docker network connect mynet mn1
[root@master home]# 

3.4、 测试

# cn1 ping mn1
[root@master home]# docker exec -it cn1 ping mn1
PING mn1 (10.192.0.4) 56(84) bytes of data.
64 bytes from mn1.mynet (10.192.0.4): icmp_seq=1 ttl=64 time=0.067 ms
64 bytes from mn1.mynet (10.192.0.4): icmp_seq=2 ttl=64 time=0.057 ms
64 bytes from mn1.mynet (10.192.0.4): icmp_seq=3 ttl=64 time=0.058 ms
^C
--- mn1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 0.057/0.060/0.067/0.010 ms
[root@master home]# 

# cn2 ping mn1
[root@master home]# docker exec -it cn2 ping mn1
PING mn1 (10.192.0.4) 56(84) bytes of data.
64 bytes from mn1.mynet (10.192.0.4): icmp_seq=1 ttl=64 time=0.091 ms
64 bytes from mn1.mynet (10.192.0.4): icmp_seq=2 ttl=64 time=0.054 ms
^C
--- mn1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 0.054/0.072/0.091/0.020 ms
[root@master home]# 


#cn1 ping mn2
[root@master home]# docker exec -it cn1 ping mn2
ping: mn2: Name or service not known
[root@master home]# 
4、结论

连通方式如下图所示:

这种情况下:

mn1与cn1和cn2相互连通,

mn2与cn1和cn2不能连通。

在这里插入图片描述

Copyright © 2010-2022 mfbz.cn 版权所有 |关于我们| 联系方式|豫ICP备15888888号