自定义docker0桥的网络属性信息
自定义docker0桥的网络属性信息需要修改/etc/docker/daemon.json配置文件
1 {
2 "bip": "192.168.1.5/24", # 网桥的ip
3 "fixed-cidr": "192.168.1.5/25", # 混合模式的ip
4 "fixed-cidr-v6": "2001:db8::/64", # 缓和模式ipv6的ip
5 "mtu": 1500, # 最大传输单元
6 "default-gateway": "10.20.1.1", # 网关
7 "default-gateway-v6": "2001:db8:abcd::89", # ipv6的网关
8 "dns": ["10.20.1.2","10.20.1.3"]
9 }
1 [root@localhost ~]# docker run -d --name web httpd # 启一个容器
2 b6cb0aea6b71e2d3e5330c58c3019576c2835ea5864e85c7ce2ea435ea60577e
3 [root@localhost ~]# docker ps
4 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5 b6cb0aea6b71 httpd "httpd-foreground" 11 seconds ago Up 9 seconds 80/tcp web
6 [root@localhost ~]# docker inspect web
7 "Gateway": "172.17.0.1",
8 "IPAddress": "172.17.0.2", # ip
9 [root@localhost ~]# vim /etc/docker/daemon.json # 修改如下
10 {
11 "registry-mirrors": ["https://o8iex5ry.mirror.aliyuncs.com"],
12 "bip":"192.168.1.1/24"
13 }
14 [root@localhost ~]# systemctl restart docker # 重启docker
15 web
16 [root@localhost ~]# ip a # 查看网络详细信息
17 docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
18 link/ether 02:42:e7:69:ef:af brd ff:ff:ff:ff:ff:ff
19 inet 192.168.1.1/24 brd 192.168.1.255 scope global docker0
20 valid_lft forever preferred_lft forever # IP变成我们设置的
21 [root@localhost ~]# docker ps -a # 更改以后容器会停掉
22 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
23 b6cb0aea6b71 httpd "httpd-foreground" 12 minutes ago Exited (0) 2 minutes ago web
24 [root@localhost ~]# docker start web # 重启容器
25 web
26 [root@localhost ~]# docker ps -a
27 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
28 b6cb0aea6b71 httpd "httpd-foreground" 13 minutes ago Up 5 seconds 80/tcp web
29 [root@localhost ~]# docker inspect web # 查看相信信息
30 "Gateway": "192.168.1.1",
31 "IPAddress": "192.168.1.2", # IP 也变成我们更改的
32 # 我们更改ip以后docker就会停止,重启之后容器没有启动,是我们手动启动的生产环境时候容器数量太多,我们不可能一个个去手动启动,
33 [root@localhost ~]# docker run -d --name web --restart=always httpd # 加上restart=always 选项,可以让docker重启时,自动启动相关容器
34 0dce636ec3217027391e9889e36caba9e95aec2bf3adafbd36474e5d73b6b5d5
35 [root@localhost ~]# vim /etc/docker/daemon.json
36 {
37 "registry-mirrors": ["https://o8iex5ry.mirror.aliyuncs.com"]
38 } # 删掉刚才更改的docker IP
39 [root@localhost ~]# systemctl restart docker # 重启docker,容器也会启动
40 [root@localhost ~]# docker inspect web # 查看web的ip
41 "Gateway": "192.168.1.1",
42 "IPAddress": "192.168.1.2", # 还是我们之前设置的
43 [root@localhost ~]# ip a
44 3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
45 link/ether 02:42:e7:69:ef:af brd ff:ff:ff:ff:ff:ff
46 inet 192.168.1.1/24 brd 192.168.1.255 scope global docker0
47 valid_lft forever preferred_lft forever
48 inet6 fe80::42:e7ff:fe69:efaf/64 scope link # docker0的ip也是我们之前设置的,说明你设置了,删除还是会保留你设置的,除非你重新设置。
49 [root@localhost ~]# vim /etc/docker/daemon.json
50 {
51 "registry-mirrors": ["https://o8iex5ry.mirror.aliyuncs.com"],
52 "bip": "172.17.0.1/16" # 修改回来
53 }
54 [root@localhost ~]# systemctl restart docker # 重启docker
55 [root@localhost ~]# docker inspect web # 查看web的详细信息
56 "Gateway": "172.17.0.1",
57 "IPAddress": "172.17.0.2", # 改回来了
58 "IPPrefixLen": 16,
核心选项为bip,即bridge ip之意,用于指定docker0桥自身的IP地址;其它选项可通过此地址计算得出。
docker创建自定义桥
创建一个额外的自定义桥,区别于docker0
[root@localhost ~]# docker network ls # 默认的只有三个
NETWORK ID NAME DRIVER SCOPE
7eef472aff89 bridge bridge local
77faf4b77bb6 host host local
f6caf930adf9 none null local
[root@localhost ~]# docker network create -d bridge --subnet "192.168.1.0/24" --gateway "192.168.1.1" br0 # 创建一个叫br0的网络,指定用bridge模式(默认就是bridge模式)网段为192.168.1.0/24,24位子掩码,网关为192.168.1.1
04a189ad5987db4b1faff77dc3f7e983a9c743adcf89c19d5963ea994e3be0ce
[root@localhost ~]# docker network ls # 新增了一个br0的桥
NETWORK ID NAME DRIVER SCOPE
04a189ad5987 br0 bridge local
7eef472aff89 bridge bridge local
77faf4b77bb6 host host local
f6caf930adf9 none null local
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:bc:11:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.149.130/24 brd 192.168.149.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:e7:69:ef:af brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e7ff:fe69:efaf/64 scope link
valid_lft forever preferred_lft forever
81: veth9b90e31@if80: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether e2:e9:8b:02:76:6b brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::e0e9:8bff:fe02:766b/64 scope link
valid_lft forever preferred_lft forever
82: br-04a189ad5987: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default # br0的桥
link/ether 02:42:bd:e5:d6:f4 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-04a189ad5987
valid_lft forever preferred_lft forever使用新创建的自定义桥来创建容器:
1 [root@localhost ~]# docker run -it --rm --network br0 busybox # 指定br0的桥运行一个容器
2 / # ip a
3 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
4 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
5 inet 127.0.0.1/8 scope host lo
6 valid_lft forever preferred_lft forever
7 83: eth0@if84: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
8 link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
9 inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
10 valid_lft forever preferred_lft forever
11再创建一个容器,使用默认的bridge桥:
1 [root@localhost ~]# docker run -it --rm --name b1 busybox
2 / # ip a
3 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
4 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
5 inet 127.0.0.1/8 scope host lo
6 valid_lft forever preferred_lft forever
7 85: eth0@if86: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
8 link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
9 inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
10 valid_lft forever preferred_lft forever
11 / # ping 192.168.1.2
12 PING 192.168.1.2 (192.168.1.2): 56 data bytes 不通试想一下,此时的没有名字的容器与b1容器能否互相通信?如果不能该如何实现通信?
[root@localhost ~]# docker network connect br0 b1 # b1这个容器链接br0网络
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
85: eth0@if86: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
87: eth1@if88: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:03 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.3/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever # 此时b1多了一个1.3的网段
/ # ping 192.168.1.2 # 他ping的通1.2了,因为在一个网段
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: seq=0 ttl=64 time=0.211 ms
64 bytes from 192.168.1.2: seq=1 ttl=64 time=0.201 ms
# 所以这两个容器想要通信可以新增网卡,把对方的网段加到里面去就可以了
[root@localhost ~]# docker network disconnect br0 b1 # 断开连接
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
85: eth0@if86: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever # ens1网卡就断开连接了
[root@localhost ~]# docker run -itd --name b1 busybox sleep 60000 # 创建一个新容器b1
b9409973687f0c0e4555cc004fec12514fafbf5bd56cfbaa1941a27dcc001655
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9409973687f busybox "sleep 60000" 34 seconds ago Up 33 seconds b1
[root@localhost ~]# docker exec -it b1 /bin/sh # 进到里面去
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
91: eth0@if92: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@localhost ~]# docker network connect br0 b1 # b1连接br0网络
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
91: eth0@if92: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
93: eth1@if94: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever # 连上了
[root@localhost ~]# docker restart b1 # 重启b1
[root@localhost ~]# docker exec -it b1 /bin/sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
95: eth1@if96: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth1
valid_lft forever preferred_lft forever
97: eth0@if98: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever # 还是存在
[root@localhost ~]# systemctl restart docker # 重启docker,b1会断掉
[root@localhost ~]# docker start b1 # 手动启动b1
b1
[root@localhost ~]# docker exec -it b1 /bin/sh # 进到b1 网卡还在 说明是永久性的
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
99: eth1@if100: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth1
valid_lft forever preferred_lft forever
101: eth0@if102: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
