网站导航
> 文档中心 > 探索云原生技术之基石-Docker容器高级篇(2)

探索云原生技术之基石-Docker容器高级篇(2)

网友: 文档中心 2022-05-17 23:05:08

❤️作者简介:2022新星计划第三季云原生与云计算赛道Top5🏅、华为云享专家🏅、云原生领域潜力新星🏅

💛博客首页:C站个人主页🌞

💗作者目的:如有错误请指正,将来会不断的完善笔记,帮助更多的Java爱好者入门,共同进步!

文章目录

    • 探索云原生技术之基石-Docker容器高级篇(2)
      • Dockerfile详解
        • 常用关键字
        • Dockerfile(实战1)
        • Dockerfile构建centos+java10(实战2)
      • Dockerfile+SpringBoot微服务项目(实战3)
        • 问题1:运行微服务镜像失败
          • 解决办法
      • Docker网络
        • docker network命令帮助
        • 4种网络模式
        • docker inspect获取容器信息
        • 网络的应用(实战)
          • 为什么要自定义网络
        • 删除网络

探索云原生技术之基石-Docker容器高级篇(2)

本博文一共有7篇,如下

  • 探索云原生技术之基石-Docker容器入门篇(1)
  • 探索云原生技术之基石-Docker容器入门篇(2)
  • 探索云原生技术之基石-Docker容器入门篇(3)
  • 探索云原生技术之基石-Docker容器入门篇(4),=>由于篇幅过长,所以另起一篇

等你对Docker有一定理解的时候可以看高级篇,不过不太建议。

  • 探索云原生技术之基石-Docker容器高级篇(1)
  • 探索云原生技术之基石-Docker容器高级篇(2)
  • 探索云原生技术之基石-Docker容器高级篇(3)

剧透:未来将出云原生技术-Kubernetes(k8s),此时的你可以对Docker进行统一管理、动态扩缩容等等。

看完之后你会对Docker有一定的理解,并能熟练的使用Docker进行容器化开发、以及Docker部署微服务、Docker网络等等。干起来!

Dockerfile详解

常用关键字

  • FROM:构建的镜像的基础镜像。

  • MAINTAINER:镜像的维护者姓名或者邮箱地址。

  • RUN:镜像构建时(docker build)将会执行该命令(注意:每一次RUN都会构建一层

  • CMD:容器运行时(docker run)将会执行该命令(注意:容器启动的命令,如果有多个则以最后一个为准(前面的CMD会被最后一个CMD覆盖),也可以为ENTRYPOINT提供参数

  • VOLUME:容器数据卷,仅仅能指定容器里面的目录,然后会自动分配一个宿主机目录与之绑定。(不能指定宿主机的目录和-v参数不同

  • ADD:复制➕自动解压缩(简而言之就是COPY+自动解压缩,COPY的增强版)。

  • COPY:和ADD类似,都有复制的意义,但是不会解压缩。

  • ENTRYPOINT:运行容器时执行的shell命令。

  • EXPOSE:暴露端口号

  • ENV:设置容器环境变量(设置变量属性值,容器内部也会起作用)

  • USER:为RUN、CMD、和 ENTRYPOINT 执行命令指定运行用户(较少用)

  • WORKDIR:为 RUN、CMD、ENTRYPOINT、COPY 和 ADD 设置工作目录,就是切换目录,简而言之就是当我们进入容器内部的默认目录。

  • HEALTHCHECH:健康检查(较少用)

  • ARG:构建时指定参数

Dockerfile(实战1)

vim Dockerfile
  • 内容如下:
FROM ubuntu:latestMAINTAINER youzhengjieENV MYPATH /usr/localWORKDIR $MYPATHRUN echo "RUN--->hello ubuntu1"RUN echo "RUN--->hello ubuntu2"EXPOSE 80CMD echo "CMD--->hello ubuntu1"CMD echo "CMD--->hello ubuntu2"CMD /bin/bash
  • 构建镜像
[root@aubin dc]# docker build -t myubuntu9:3.1 .Sending build context to Docker daemon  2.048kBStep 1/10 : FROM ubuntu:latest ---> ba6acccedd29Step 2/10 : MAINTAINER youzhengjie<1550324080@qq.com> ---> Running in d35296dbb171Removing intermediate container d35296dbb171 ---> d83366611306Step 3/10 : ENV MYPATH /usr/local ---> Running in 148d7365d403Removing intermediate container 148d7365d403 ---> 77dffad12d15Step 4/10 : WORKDIR $MYPATH ---> Running in beb4c0ac3435Removing intermediate container beb4c0ac3435 ---> 309649b57915Step 5/10 : RUN echo "RUN--->hello ubuntu1" ---> Running in 064b6a6bcb37RUN--->hello ubuntu1Removing intermediate container 064b6a6bcb37 ---> daddf2c42fd1Step 6/10 : RUN echo "RUN--->hello ubuntu2" ---> Running in 827c94f312c2RUN--->hello ubuntu2Removing intermediate container 827c94f312c2 ---> 0cb85f694c60Step 7/10 : EXPOSE 80 ---> Running in ec15bbeb62c9Removing intermediate container ec15bbeb62c9 ---> 3f777dd9eac9Step 8/10 : CMD echo "CMD--->hello ubuntu1" ---> Running in b11439ac7b11Removing intermediate container b11439ac7b11 ---> 60a1e78eff8cStep 9/10 : CMD echo "CMD--->hello ubuntu2" ---> Running in ea7bd505d595Removing intermediate container ea7bd505d595 ---> cd8a17d04f66Step 10/10 : CMD /bin/bash ---> Running in 43c0fbc2728cRemoving intermediate container 43c0fbc2728c ---> dc33567bdde0Successfully built dc33567bdde0Successfully tagged myubuntu9:3.1
  • 优化一下,可以把多余的RUN舍去。
FROM ubuntu:latestMAINTAINER youzhengjieENV MYPATH /usr/localWORKDIR $MYPATHRUN echo "RUN--->hello ubuntu1" \&& echo "RUN--->hello ubuntu2"EXPOSE 80CMD echo "CMD--->hello ubuntu1"CMD echo "CMD--->hello ubuntu2"CMD /bin/bash
  • 再次进行构建
[root@aubin dc]# docker build -t myubuntu9:4.1 .Sending build context to Docker daemon  2.048kBStep 1/9 : FROM ubuntu:latest ---> ba6acccedd29Step 2/9 : MAINTAINER youzhengjie<1550324080@qq.com> ---> Running in 24d24c8399e2Removing intermediate container 24d24c8399e2 ---> c65a88e33529Step 3/9 : ENV MYPATH /usr/local ---> Running in bbc59635fbd4Removing intermediate container bbc59635fbd4 ---> 0bca06d97095Step 4/9 : WORKDIR $MYPATH ---> Running in e0535d2c6fd4Removing intermediate container e0535d2c6fd4 ---> af7c365c8e51Step 5/9 : RUN echo "RUN--->hello ubuntu1" && echo "RUN--->hello ubuntu2" ---> Running in 50acd599101bRUN--->hello ubuntu1RUN--->hello ubuntu2Removing intermediate container 50acd599101b ---> 401489dae859Step 6/9 : EXPOSE 80 ---> Running in 2bf7c8cf21c2Removing intermediate container 2bf7c8cf21c2 ---> 6d5297967bf8Step 7/9 : CMD echo "CMD--->hello ubuntu1" ---> Running in 39a16548458aRemoving intermediate container 39a16548458a ---> 8cff1e5fc805Step 8/9 : CMD echo "CMD--->hello ubuntu2" ---> Running in 6a021819b6beRemoving intermediate container 6a021819b6be ---> 4600b91d4a53Step 9/9 : CMD /bin/bash ---> Running in e9e40cf4f6baRemoving intermediate container e9e40cf4f6ba ---> 3aca036254ecSuccessfully built 3aca036254ecSuccessfully tagged myubuntu9:4.1

  • 总结:我们可以发现少了一层镜像!!!!这将会起到优化的效果

  • 进入我们构建好的镜像容器

docker run -it myubuntu9:4.1 /bin/bashroot@ad0268623aec:/usr/local# ls

可以发现我们一进入容器内部就自动切换到/usr/local目录,因为我们设置的WORKDIR。

Dockerfile构建centos+java10(实战2)

  • 目的:在centos镜像的基础上加入vim、net-tools和java10环境。

  • 1:先去oracle官网下载jdk-10.0.2_linux-x64_bin.tar压缩包,并且传到我们即将编写的Dockerfile同一个目录下(必须是同一个目录)。

  • 2:创建Dockerfile文件(名字必须为这个,大小写都不能变)

vim Dockerfile
  • 3:编写Dockerfile文件内容
FROM centosMAINTAINER youzhengjieENV MYPATH /usr/localWORKDIR $MYPATHRUN yum -y install vim \&& yum -y install net-tools \&& yum -y install glibc.i686 \&& mkdir /usr/local/javaADD jdk-10.0.2_linux-x64_bin.tar.gz /usr/local/java/ENV JAVA_HOME /usr/local/java/jdk-10.0.2ENV JRE_HOME $JAVA_HOME/jreENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATHENV PATH $JAVA_HOME/bin:$PATHEXPOSE 80CMD echo $MYPATHCMD echo "Java build success!!! "CMD /bin/bash
  • 4:构建Dockerfile镜像
docker build -t centos-java:10.0 .

Dockerfile+SpringBoot微服务项目(实战3)

  • Java代码:
    • 注意:由于我们下面的FROM java:8的原因,使得编写Java代码并且打jar包的jdk环境必须为JDK1.8,作者当时使用的是JDK10进行编写代码打jar包,虽然docker build可以正常运行,但是docker run我们那个项目镜像就会报版本不一致的错误,所以后面又重新装了JDK1.8来演示这个案例。
package com.boot.controller;import org.springframework.web.bind.annotation.GetMapping;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RestController;import java.util.UUID;@RestController@RequestMapping(path = "/test")public class TestController {    @GetMapping(path = "/randomId")    public String responseRandomId(){ return UUID.randomUUID().toString().replaceAll("-","");    }}
package com.boot;import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.SpringBootApplication;@SpringBootApplicationpublic class SimpleApplication {    public static void main(String[] args) { SpringApplication.run(SimpleApplication.class,args);    }}
  • 使用maven插件将其打成jar包。名字为:simple-java-1.0-SNAPSHOT.jar
  • 将simple-java-1.0-SNAPSHOT.jar用xftp上传到centos7系统上面去。
  • 编写Dockerfile文件
vim Dockerfile
  • 内容如下:
FROM java:8MAINTAINER youzhengjieVOLUME /tmpADD simple-java-1.0-SNAPSHOT.jar simpleTest.jarENTRYPOINT ["java","-jar","simpleTest.jar"]EXPOSE 8080
  • 等待Docker build构建我们的SpringBoot微服务镜像:
[root@aubin mservice]# docker build -t simple-java .Sending build context to Docker daemon  75.99MBStep 1/6 : FROM java:88: Pulling from library/java5040bd298390: Pull complete fce5728aad85: Pull complete 76610ec20bf5: Pull complete 60170fec2151: Pull complete e98f73de8f0d: Pull complete 11f7af24ed9c: Pull complete 49e2d6393f32: Downloading [=================>     ]  45.67MB/130.1MBbb9cdec9c7f3: Download complete
  • 构建SpringBoot微服务镜像成功:
[root@aubin mservice]# docker build -t simple-java .Sending build context to Docker daemon  75.99MBStep 1/6 : FROM java:88: Pulling from library/java5040bd298390: Pull complete fce5728aad85: Pull complete 76610ec20bf5: Pull complete 60170fec2151: Pull complete e98f73de8f0d: Pull complete 11f7af24ed9c: Pull complete 49e2d6393f32: Pull complete bb9cdec9c7f3: Pull complete Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9dStatus: Downloaded newer image for java:8 ---> d23bdf5b1b1bStep 2/6 : MAINTAINER youzhengjie<1550324080@qq.com> ---> Running in 9f5235caca9eRemoving intermediate container 9f5235caca9e ---> d3a68015534bStep 3/6 : VOLUME /tmp ---> Running in a0421ee34d11Removing intermediate container a0421ee34d11 ---> fdac864986c8Step 4/6 : ADD simple-java-1.0-SNAPSHOT.jar simpleTest.jar ---> 8afe328a826cStep 5/6 : ENTRYPOINT ["java","-jar","simpleTest.jar"] ---> Running in 7516af6adb4dRemoving intermediate container 7516af6adb4d ---> 96adcafc23a1Step 6/6 : EXPOSE 8080 ---> Running in 6c498b3fd205Removing intermediate container 6c498b3fd205 ---> dc17cb44f4ddSuccessfully built dc17cb44f4ddSuccessfully tagged simple-java:latest
  • 查看一下我们本地镜像:
[root@aubin mservice]# docker imagesREPOSITORY   TAGIMAGE IDCREATED   SIZEsimple-java  latest    dc17cb44f4dd   52 seconds ago   661MBjava  8  d23bdf5b1b1b   5 years ago      643MB[root@aubin mservice]#

可以看到我们Dockerfile文件的FROM java:8实际上就是下载按照java8的docker镜像。

simple-java 就是我们的SpringBoot微服务项目镜像。

  • 最后使用docker run运行这个simple-java镜像即可。
[root@aubin mservice]# docker run -it -p 8080:8080 --name smp simple-java  .   ____   _     __ _ _ /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \ \\/  ___)| |_)| | | | | || (_| |  ) ) ) )  '  |____| .__|_| |_|_| |_\__, | / / / / =========|_|==============|___/=/_/_/_/ :: Spring Boot ::  (v2.5.9)2022-05-16 17:00:45.226  INFO 1 --- [    main] com.boot.SimpleApplication : Starting SimpleApplication using Java 1.8.0_111 on b5ea2c619d65 with PID 1 (/simpleTest.jar started by root in /)2022-05-16 17:00:45.243  INFO 1 --- [    main] com.boot.SimpleApplication : No active profile set, falling back to default profiles: default2022-05-16 17:00:46.508  INFO 1 --- [    main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)2022-05-16 17:00:46.535  INFO 1 --- [    main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]2022-05-16 17:00:46.535  INFO 1 --- [    main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.56]2022-05-16 17:00:46.622  INFO 1 --- [    main] o.a.c.c.C.[Tomcat].[localhost].[/]: Initializing Spring embedded WebApplicationContext2022-05-16 17:00:46.622  INFO 1 --- [    main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1223 ms2022-05-16 17:00:47.044  INFO 1 --- [    main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''2022-05-16 17:00:47.052  INFO 1 --- [    main] com.boot.SimpleApplication : Started SimpleApplication in 2.306 seconds (JVM running for 2.747)
  • 使用curl来访问一下我们项目的接口:
[root@aubin mservice]# curl 192.168.184.132:8080/test/randomId61a0557d346049a9b4d7a667578c94e2

问题1:运行微服务镜像失败

[root@aubin m2]# docker run -it -p 8080:8080 --name smp simple-javaWARNING: IPv4 forwarding is disabled. Networking will not work.Exception in thread "main" java.lang.UnsupportedClassVersionError: com/boot/XXXApplication has been compiled by a more recent version of the Java Runtime (class file version 54.0), this version of the Java Runtime only recognizes class file versions up to 52.0at java.lang.ClassLoader.defineClass1(Native Method)at java.lang.ClassLoader.defineClass(ClassLoader.java:763)at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)at java.net.URLClassLoader.access$100(URLClassLoader.java:73)at java.net.URLClassLoader$1.run(URLClassLoader.java:368)at java.net.URLClassLoader$1.run(URLClassLoader.java:362)at java.security.AccessController.doPrivileged(Native Method)at java.net.URLClassLoader.findClass(URLClassLoader.java:361)at java.lang.ClassLoader.loadClass(ClassLoader.java:424)at org.springframework.boot.loader.LaunchedURLClassLoader.loadClass(LaunchedURLClassLoader.java:151)at java.lang.ClassLoader.loadClass(ClassLoader.java:357)at java.lang.Class.forName0(Native Method)at java.lang.Class.forName(Class.java:348)at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:46)at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:88)
解决办法
  • 上面这种情况就是因为你编写Java代码和打包项目使用的JDK环境和Dockerfile指定的JDK环境不一致造成的。
    • 由于我们Dockerfile指定的是java:8,所以我们编写Java代码和打包项目使用的JDK版本应该换成JDK8。

Docker网络

[root@aubin dc]# ifconfigdocker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500 inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255 inet6 fe80::42:ffff:fe2a:e623  prefixlen 64  scopeid 0x20<link> ether 02:42:ff:2a:e6:23  txqueuelen 0  (Ethernet) RX packets 0  bytes 0 (0.0 B) RX errors 0  dropped 0  overruns 0  frame 0 TX packets 13  bytes 1768 (1.7 KiB) TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker network命令帮助

[root@aubin dc]# docker network --helpUsage:  docker network COMMANDManage networksCommands:  connect     Connect a container to a network  create      Create a network  disconnect  Disconnect a container from a network  inspect     Display detailed information on one or more networks  ls   List networks  pruneRemove all unused networks  rm   Remove one or more networksRun 'docker network COMMAND --help' for more information on a command.

4种网络模式

[root@aubin dc]# docker network lsNETWORK ID     NAME      DRIVER    SCOPE8c1bb35ef410   bridge    bridge    local22fb71d0775a   host      host      localdeeb8c6478cc   none      null      local
  • bridge模式:桥接网络(默认使用的是这个)。
  • 特点是:该模式下的容器的IP地址和网络配置都是独一无二的,并且都有eth0和网桥docker0的veth接口与之一一对应,该模式下的容器与宿主机(或者是容器)之间的通信都需要经过网桥docker0的veth接口。

格式如下:

docker run -it --network bridge --name p1 alpine:latest /bin/sh

或者:

docker run -it --name p1 alpine:latest /bin/sh

查看网络配置:(特点是有eth0接口和lo本地回环,ip和网络配置是唯一的)

/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02     inet addr:172.17.0.2  Bcast:172.17.255.255  Mask:255.255.0.0   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1   RX packets:7 errors:0 dropped:0 overruns:0 frame:0   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:0    RX bytes:586 (586.0 B)  TX bytes:0 (0.0 B)lo Link encap:Local Loopback     inet addr:127.0.0.1  Mask:255.0.0.0   UP LOOPBACK RUNNING  MTU:65536  Metric:1   RX packets:0 errors:0 dropped:0 overruns:0 frame:0   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:1000    RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  • host模式:容器和宿主机共享network namespace。
  • 特点是:该模式下的容器的IP地址和网络配置全都和本机(Linux宿主机)一模一样。

格式如下:

docker run -it --network host --name p1 alpine:latest /bin/sh

查看网络配置:(特点是和Linux宿主机的ifconfig获取的内容是一模一样的。)

/ # ifconfigbr-44089e4e0ce4 Link encap:Ethernet  HWaddr 02:42:7C:C9:EE:0F     inet addr:172.19.0.1  Bcast:172.19.255.255  Mask:255.255.0.0   inet6 addr: fe80::42:7cff:fec9:ee0f/64 Scope:Link   UP BROADCAST MULTICAST  MTU:1500  Metric:1   RX packets:9 errors:0 dropped:0 overruns:0 frame:0   TX packets:13 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:0    RX bytes:252 (252.0 B)  TX bytes:1768 (1.7 KiB)docker0   Link encap:Ethernet  HWaddr 02:42:AB:28:FD:D4     inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0   inet6 addr: fe80::42:abff:fe28:fdd4/64 Scope:Link   UP BROADCAST MULTICAST  MTU:1500  Metric:1   RX packets:17 errors:0 dropped:0 overruns:0 frame:0   TX packets:27 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:0    RX bytes:926 (926.0 B)  TX bytes:3275 (3.1 KiB)ens33     Link encap:Ethernet  HWaddr 00:0C:29:23:28:59     inet addr:192.168.184.132  Bcast:192.168.184.255  Mask:255.255.255.0   inet6 addr: fe80::5c87:5037:8d1d:7650/64 Scope:Link   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1   RX packets:6989 errors:0 dropped:0 overruns:0 frame:0   TX packets:3719 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:1000    RX bytes:3530243 (3.3 MiB)  TX bytes:567285 (553.9 KiB)lo Link encap:Local Loopback     inet addr:127.0.0.1  Mask:255.0.0.0   inet6 addr: ::1/128 Scope:Host   UP LOOPBACK RUNNING  MTU:65536  Metric:1   RX packets:108 errors:0 dropped:0 overruns:0 frame:0   TX packets:108 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:1000    RX bytes:9180 (8.9 KiB)  TX bytes:9180 (8.9 KiB)virbr0    Link encap:Ethernet  HWaddr 52:54:00:C0:74:37     inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0   UP BROADCAST MULTICAST  MTU:1500  Metric:1   RX packets:0 errors:0 dropped:0 overruns:0 frame:0   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:1000    RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  • container模式:容器和另外一个容器共享network namespace。例如kubernates中的pod就是多个容器共享一个network namespace。
  • 特点是:该模式下的容器的IP地址和网络配置全都和绑定在一起的另外一个容器的IP和网络配置一模一样。

格式如下:

docker run -it     --name p1 alpine:latest /bin/sh
docker run -it --network container:p1 --name p2 alpine:latest /bin/sh

查看网络配置:(特点是和p1容器的ip和网络配置是一模一样的。)

/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02     inet addr:172.17.0.2  Bcast:172.17.255.255  Mask:255.255.0.0   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1   RX packets:8 errors:0 dropped:0 overruns:0 frame:0   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:0    RX bytes:656 (656.0 B)  TX bytes:0 (0.0 B)lo Link encap:Local Loopback     inet addr:127.0.0.1  Mask:255.0.0.0   UP LOOPBACK RUNNING  MTU:65536  Metric:1   RX packets:0 errors:0 dropped:0 overruns:0 frame:0   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:1000    RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  • none模式:容器有独立的network namespace,但没有对其进行过网络配置,例如IP这些都是没有的。(非常少用
  • 特点是:该模式下的容器有独立的network namespace,但是并没有作任何的网络配置,包括IP地址都是没有的,只有本地回环(lo),如果需要网络配置必须要进行手动配置。所以该配置很少用。

格式如下:

docker run -it --network none --name p1 alpine:latest /bin/sh

查看网络配置:(可以看到只有一个lo本地回环。)

/ # ifconfiglo Link encap:Local Loopback     inet addr:127.0.0.1  Mask:255.0.0.0   UP LOOPBACK RUNNING  MTU:65536  Metric:1   RX packets:0 errors:0 dropped:0 overruns:0 frame:0   TX packets:0 errors:0 dropped:0 overruns:0 carrier:0   collisions:0 txqueuelen:1000    RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

docker inspect获取容器信息

docker run -it --name u1 ubuntu /bin/bashdocker run -it --name u2 ubuntu /bin/bash
  • 查看u1的细节
docker inspect u1
"Networks": {  "bridge": {      "IPAMConfig": null,      "Links": null,      "Aliases": null,      "NetworkID": "8c1bb35ef410947e363a2164eb5d890a5d4127808f9d662c086356fafcd4e580",      "EndpointID": "922775fda0f969a67dadfe45f0cf2946b1b4c0471c22805e25015e63c7f92be0",      "Gateway": "172.17.0.1",      "IPAddress": "172.17.0.3",      "IPPrefixLen": 16,      "IPv6Gateway": "",      "GlobalIPv6Address": "",      "GlobalIPv6PrefixLen": 0,      "MacAddress": "02:42:ac:11:00:03",      "DriverOpts": null  }     }
  • 查看u2的细节
docker inspect u2
"Networks": {  "bridge": {      "IPAMConfig": null,      "Links": null,      "Aliases": null,      "NetworkID": "8c1bb35ef410947e363a2164eb5d890a5d4127808f9d662c086356fafcd4e580",      "EndpointID": "dbb752f8ac376c7159e370be862f32b972844c7985ed9c593e34eb75234be7d3",      "Gateway": "172.17.0.1",      "IPAddress": "172.17.0.4",      "IPPrefixLen": 16,      "IPv6Gateway": "",      "GlobalIPv6Address": "",      "GlobalIPv6PrefixLen": 0,      "MacAddress": "02:42:ac:11:00:04",      "DriverOpts": null  }     }
  • 从上面可以看到每个容器IPAddress,并且默认都是bridge模式。

网络的应用(实战)

  • 由于Ubuntu没有ping命令,为了方便演示案例,我们使用一个极其小的Linux(alpine),大小仅仅才5.5M。alpine自带了ping命令。

  • 搜索alpine镜像:

[root@aubin ~]# docker search alpineNAME  DESCRIPTION  STARS     OFFICIAL   AUTOMATEDalpineA minimal Docker image based on Alpine Linux…   8742      [OK]
  • 拉取最新的alpine镜像:
docker pull alpine:latest
  • 启动两个alpine实例:
docker run -it --name p1 alpine:latest /bin/sh
docker run -it --name p2 alpine:latest /bin/sh
[root@aubin ~]# docker psCONTAINER ID   IMAGE    COMMAND     CREATED  STATUS  PORTS     NAMES1eccdf19e591   alpine:latest   "/bin/sh"   4 seconds ago   Up 3 seconds      p26a4f18edc677   alpine:latest   "/bin/sh"   9 seconds ago   Up 9 seconds      p1
  • 查看这两个alpine的ip地址:

p1:(ip=172.17.0.2)

/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02     inet addr:172.17.0.2  Bcast:172.17.255.255  Mask:255.255.0.0

p2:(ip=172.17.0.3)

/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03     inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0
  • 进入p1容器内,去ping一下p2的ip地址:
/ # ping 172.17.0.3PING 172.17.0.3 (172.17.0.3): 56 data bytes64 bytes from 172.17.0.3: seq=0 ttl=64 time=1.928 ms64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.072 ms
  • 进入p2容器内,去ping一下p1的ip地址:
/ # ping 172.17.0.2PING 172.17.0.2 (172.17.0.2): 56 data bytes64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.096 ms64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.104 ms

发现在容器内部去ping对方的ip是完全可以ping通的,因为他们属于同一网段(172.17.0.x)

  • 我们进入p1的容器内,去ping一下p2的容器名
/ # ping p2ping: bad address 'p2'
  • 我们进入p2的容器内,去ping一下p1的容器名
/ # ping p1ping: bad address 'p1'

发现完全ping不同!!!所以这时候需要我们自定义网络还解决这个问题了。

  • 自定义网络(创建网络):
docker network create mynetwork
  • 先把刚刚的镜像删除掉,我们这里为了快捷直接删除全部容器(生产环境不可以这样):
docker rm -f $(docker ps -aq)
  • 分别运行容器p1和p2两个容器,并指定网络为自定义网络(mynetwork):
docker run -it --network mynetwork --name p1 alpine:latest /bin/sh
docker run -it --network mynetwork --name p2 alpine:latest /bin/sh
[root@aubin ~]# docker psCONTAINER ID   IMAGE    COMMAND     CREATED   STATUS  PORTS     NAMES0c0f4fed8535   alpine:latest   "/bin/sh"   5 seconds ago    Up 5 seconds      p29f56283c1469   alpine:latest   "/bin/sh"   10 seconds ago   Up 9 seconds      p1
  • 我们进入p1的容器内,去ping一下p2的容器名
/ # ping p2PING p2 (172.19.0.3): 56 data bytes64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.094 ms64 bytes from 172.19.0.3: seq=1 ttl=64 time=0.075 ms64 bytes from 172.19.0.3: seq=2 ttl=64 time=0.072 ms
  • 我们进入p2的容器内,去ping一下p1的容器名
/ # ping p1PING p1 (172.19.0.2): 56 data bytes64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.075 ms64 bytes from 172.19.0.2: seq=1 ttl=64 time=0.095 ms

总结:我们通过自定义网络解决了无法通过容器名去ping的问题。

为什么要自定义网络
  • 我们查看刚刚那两个容器的ip,发现和刚刚使用bridge模式的ip不一样
  • p1:172.19.0.2
  • p2:172.19.0.3
[root@aubin ~]# docker exec -it p1 /bin/sh/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:13:00:02     inet addr:172.19.0.2  Bcast:172.19.255.255  Mask:255.255.0.0   [root@aubin ~]# docker exec -it p2 /bin/sh/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:13:00:03     inet addr:172.19.0.3  Bcast:172.19.255.255  Mask:255.255.0.0
  • 把p2的容器给停掉:
docker stop p2
  • 启动一个新的容器p3:
docker run -it --network mynetwork --name p3 alpine:latest /bin/sh
  • 查看p3的ip地址:
/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:13:00:03     inet addr:172.19.0.3  Bcast:172.19.255.255  Mask:255.255.0.0

总结:我们可以看到p3的ip地址是刚刚被停掉的p2容器的ip地址!!!!

  • 重新启动刚刚被停掉的p2容器:
[root@aubin ~]# docker restart p2p2[root@aubin ~]# docker psCONTAINER ID   IMAGE    COMMAND     CREATED   STATUS   PORTS     NAMESf8437f57467c   alpine:latest   "/bin/sh"   4 minutes ago    Up 4 minutesp30c0f4fed8535   alpine:latest   "/bin/sh"   37 minutes ago   Up 3 secondsp29f56283c1469   alpine:latest   "/bin/sh"   37 minutes ago   Up 37 minutes      p1
  • 进入p2容器,并查看其ip地址:
[root@aubin ~]# docker exec -it p2 /bin/sh/ # ifconfigeth0      Link encap:Ethernet  HWaddr 02:42:AC:13:00:04     inet addr:172.19.0.4  Bcast:172.19.255.255  Mask:255.255.0.0

我们可以看到之前p2的ip地址(172.19.0.3)已经被p3给抢了,变成了(172.19.0.4)!!!!

  • 由此可见,容器的ip地址受到容器的状态影响,若容器宕机了,重新启动可能会导致ip地址的变更;
  • 假如我们的p1容器需要调用p2,若按照p2的ip地址来调用的话,之前p2的ip地址是172.19.0.3,此时p2宕机了,但是同时又启动了新容器p3(p2的ip地址就会被抢走),过后我们重新启动刚刚宕机了p2容器,但是ip地址变成了(172.19.0.4)。
  • 重点:如果p1容器是按照p2的ip地址来调用,一定会导致调用到p3容器的ip地址,而没有正确调用到p2容器。
  • 引入自定义网络的好处:我们的p1容器不需要通过p2的ip去调用(因为容器ip可变),我们直接可以通过p2的容器名去调用容器(容器名可以保证不变),这样下来就可以不担心调用到其他容器了!!!

删除网络

[root@aubin dc]# docker network lsNETWORK ID     NAME  DRIVER    SCOPE8c1bb35ef410   bridgebridge    local22fb71d0775a   host  host      local2a4fb0891f66   my-network   bridge    localdeeb8c6478cc   none  null      local
docker network rm 2a4fb0891f66

❤️💛🧡本章结束,下一章见❤️💛🧡

网络标签:

相关问题