[docker]docker4种网络最佳实战

参考: http://hicu.be/docker-container-network-types

docker默认3中网络类型

参考: https://docs.docker.com/engine/userguide/networking/

$ docker network ls
NETWORK ID          NAME                DRIVER
7fca4eb8c647        bridge              bridge
9f904ee27bf5        none                null
cf03ee007fb4        host                host

• bridge 桥接到docker0网卡
• host 和宿主机共享网卡
• none 无网卡

手动创建net

手动创建net的类型是 bridge模式

docker network create neta
$ docker network list
NETWORK ID          NAME                DRIVER              SCOPE
19856a1ad2b4        neta                bridge              local

最佳实践

- 分别启动b1 b2(neta)
docker run -itd --name=b1 busybox
docker run -itd --name=b2 --net=neta busybox
 
- 查看他们ip
docker exec -it b1 ip ad
docker exec -it b2 ip ad
 
- b2 ping b1 不通
docker exec -it b2 ping 172.17.0.2
 
- 将b1连到neta,再次ping通了
docker network connect neta b1
docker exec -it b2 ping 172.18.0.3
 
- 查看b1,发现b1多了一块网卡
$ docker exec -it b1 ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
10: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 scope global eth0
       valid_lft forever preferred_lft forever
14: eth1@if15: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:12:00:03 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.3/16 scope global eth1
       valid_lft forever preferred_lft forever
 
       
- 自定义的网卡自带dns
$ docker exec -it b1 hostname
655e40ab3eed
$ docker exec -it b2 hostname
3c821d2e8b05
$ docker exec -it b2 ping 655e40ab3eed
PING 655e40ab3eed (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.085 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.129 ms
 
- 默认dns是
docker exec -it b2 cat /etc/resolv.conf
nameserver 127.0.0.11

共享另一个容器的网卡

- 启动b1
$ docker run -itd --name b1 busybox
 
- 启动b2,使之使用b1的网卡
$ docker run -itd --net=container:b1 --name b2 busybox
 
 
- 查看b1和b2的网卡 发现ip和mac一致
$ docker exec b1 ip ad
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 scope global eth0
       valid_lft forever preferred_lft forever
$ docker exec b2 ip ad
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue 
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 scope global eth0
       valid_lft forever preferred_lft forever

• dokcer cnm网络模式
  

• 网络插件

docker 原生的 driver 包括 none、bridge、overlay 和 macvlan

第三方 driver 包括 flannel、weave、calico 等。

• 加参数配置
  

• docker和k8s的对比
  

docker网卡桥接