创建和使用自定义的bridge
原创大约 3 分钟
通过docker network create命令创建自定义bridge的命令是:docker network create -d bridge [网络名称]。
> docker network create -d bridge mynet查看创建后的网络。
# docker network inspect mynet给容器指定网络。
> docker run -d --rm --name box3 --network mynet busybox /bin/sh -c "while true; do sleep 3600; done"查看容器的网络详细信息。
> docker inspect box3
"Networks": {
"mynet": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"eb8ba80521c8"
],
"NetworkID": "7984433eed3c720ccc84890d75a31ee922366a5e6dd097a0977a9ca726f075f7",
"EndpointID": "124dbd98c5c6bc64435b71f609261ea15e36a3e853b26e52be8c3557752f371e",
"Gateway": "172.19.0.1",
"IPAddress": "172.19.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:13:00:02",
"DriverOpts": null
}
}这样显示出来的信息太多,看起来不太方便,可以这样过滤掉多余信息: docker inspect --format '{{.NetworkSettings.Networks.[网络名称].IPAddress}}' [容器名称]。
> docker inspect --format '{{.NetworkSettings.Networks.mynet.IPAddress}}' box3
172.19.0.2让容器同时连上多个网络(box3创建时已经连接了mynet):docker network connect [网络名称] [容器名称]。
> docker network connect bridge box3
> docker inspect box3
"Networks": {
"bridge": {
"IPAMConfig": {},
"Links": null,
"Aliases": [],
"NetworkID": "708ad429f52de0c2efc2a7a993e66558f2704e4c508b3ab3edc77b2f22b0d2cd",
"EndpointID": "428de3a1f13bad1b8c8a2a472cb4e664489a6a7886318cb5c2517ab3afbf5310",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.6",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:06",
"DriverOpts": {}
},
"mynet": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"eb8ba80521c8"
],
"NetworkID": "7984433eed3c720ccc84890d75a31ee922366a5e6dd097a0977a9ca726f075f7",
"EndpointID": "124dbd98c5c6bc64435b71f609261ea15e36a3e853b26e52be8c3557752f371e",
"Gateway": "172.19.0.1",
"IPAddress": "172.19.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:13:00:02",
"DriverOpts": null
}
}或者通过ip a命令查看。
> docker exec -it box3 sh
/> ip a
将容器断开某个网络连接:docker network disconnect [网络名称] [容器名称]。
# docker network disconnect bridge box3创建使用自定义网络的box4。
> docker run -d --rm --name box4 --network mynet busybox /bin/sh -c "while true; do sleep 3600; done"查看box4的ip地址。
> docker exec -it box4 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
365: eth0@if366: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:13:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.19.0.3/16 brd 172.19.255.255 scope global eth0
valid_lft forever preferred_lft forever可以通过box4来ping一下box3。
> docker exec -it box4 ping 172.19.0.2或者直接ping容器名称。
> docker exec -it box4 ping box3这种ping容器名称的方式只能通过自定义网络完成,默认的bridge不行,因为它不提供DNS功能。
> docker exec -it box1 ping box2box1只能ping通ip地址,使用名字就ping不通了。
指定网关和子网。
> docker network create -d bridge --gateway 172.100.0.1 --subnet 172.100.0.0/16 mynet2
> docker network inspect mynet2
[
{
"Name": "mynet2",
"Id": "350f49ef3d902f81fd8866256f64743101e8c99bcab8226bf3cfa76605e0b3c2",
"Created": "2024-01-20T20:00:47.446638178+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.100.0.0/16",
"Gateway": "172.100.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]创建使用自定义网络的box5和box6。
> docker run -d --rm --name box5 --network mynet2 busybox /bin/sh -c "while true; do sleep 3600; done"
> docker run -d --rm --name box6 --network mynet2 busybox /bin/sh -c "while true; do sleep 3600; done"再次查看mynet2子网中的容器。
> docker network inspect mynet2
......
"Containers": {
"310f3d078e44a6e3ffac22de14feef6c81c050d6c7ffd91212455aaaaf82f8dd": {
"Name": "box6",
"EndpointID": "5d268d7f1b77337b9dcff193a3aaec9e899b0431a030cf9f1202732774951bb5",
"MacAddress": "02:42:ac:64:00:03",
"IPv4Address": "172.100.0.3/16",
"IPv6Address": ""
},
"5a22d50625862e3cf837d16238a0dc7a5667849a84b6f26037cc86e3cd5dae79": {
"Name": "box5",
"EndpointID": "f748aa84e31098fd93d61d51fb445681e494b4928142a57a6c010669b248928a",
"MacAddress": "02:42:ac:64:00:02",
"IPv4Address": "172.100.0.2/16",
"IPv6Address": ""
}
}
......让box5和box6相互ping通。
> docker exec -it box5 ping box6如果想删除自定义的网桥,那么可以执行下面的命令。
> brctl show
bridge name bridge id STP enabled interfaces
br-18358ef8bbe1 8000.02426dab5b16 no
docker0 8000.024266e4991b no
mydocker0 8000.a2718354cda9 no veth-ns1
veth-ns2
virbr0 8000.5254002435e0 yes virbr0-nic然后先停掉需要删除的网桥。
> ip link set br-18358ef8bbe1 down再来删除它。
> brctl delbr br-18358ef8bbe1注意这两个命令的区别。
docker network ls命令显示的是Docker所有可用的网络驱动。brctl show显示的是已经启动的网桥接口。
感谢支持
更多内容,请移步《超级个体》。