Docker网络模式与配置Docker自定义网络(bridge模式)

前言

​ 上篇文章讲述了有关docker的资源控制,主要是三个方面:CPU、内存以及IO。本文将讲述docker的4种网络模式。

  • 揭开Docker的面纱 – 基础理论梳理和安装流程演示  CentOS:7 /bin/bash
    Unable to find image ‘centos:7’ locally
    7: Pulling from library/centos
    ab5ef0e58194: Pull complete
    Digest: sha256:4a701376d03f6b39b8c2a8f4a8e499441b0d567f9ab9d58e4991de4472fb813c
    Status: Downloaded newer image for centos:7
    29f9e9cbb398085d7c89bed2982d626bfb7e564371a76a6cb693cffa68b917af
    docker: Error response from daemon: user specified IP address is supported on user defined networks only.

    首先,由于没有改镜像,所以会先拉取镜像之后创建以及尝试运行容器,但是会遇到报错,报错原因是因为用户自己设置的ip地址只适合于他们自己定义的网络。但是这并不影响镜像的获取与创建,我们尝试运行看看结果:

    [root@localhost ~]# docker images
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
    centos              7                   5e35e350aded        4 months ago        203MB
    [root@localhost ~]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
    29f9e9cbb398        centos:7            "/bin/bash"         About a minute ago   Created                                 test
    [root@localhost ~]# docker start 29f9e9cbb398
    Error response from daemon: user specified IP address is supported on user defined networks only
    Error: failed to start containers: 29f9e9cbb398
    

    ​ 很显然,结果告诉我们还是上述的原因导致了这个问题,好吧只能删除这个容器了。索性还原为初始化环境吧(其实可以去掉–network bridge就不会报错,但是设置的ip地址会不生效,可以自行尝试一下),我们不指定ip地址来试一下,顺便验证一下不加这个参数试试,最后还原为初始化状态后我们再通过自定义的方式来设置ip地址吧。

    [root@localhost ~]# docker run -itd --name demo centos:7 /bin/bash
    984545df8ebf2c30f4ccf3f5f4699ed67bd2a93cbc068f2ace4865a828b4a4d1
    [root@localhost ~]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
    984545df8ebf        centos:7            "/bin/bash"         8 seconds ago       Up 6 seconds                            demo
    

    进入容器查看ip地址

    
    [root@localhost ~]# docker exec -it 984545df8ebf /bin/bash
    [root@984545df8ebf /]# yum install -y net-tools
    Loaded plugins: fastestmirror, ovl
    Determining fastest mirrors
    [root@984545df8ebf /]# ifconfig 
    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
            inet 172.17.0.2  netmask 255.255.0.0  broadcast 172.17.255.255
            ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
            RX packets 2201  bytes 15042254 (14.3 MiB)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 1999  bytes 111171 (108.5 KiB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    
    lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
            inet 127.0.0.1  netmask 255.0.0.0
            loop  txqueuelen 1000  (Local Loopback)
            RX packets 0  bytes 0 (0.0 B)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 0  bytes 0 (0.0 B)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    

    那么首先我们需要创建一个自定义的子网段,并且给他一个名称,通过这个网段给对应的容器设置固定的ip地址。

    [root@localhost ~]# docker network create --subnet=172.18.0.0/24 mynetwork
    Error response from daemon: Failed to Setup IP tables: Unable to enable SKIP DNAT rule:  (iptables failed: iptables --wait -t nat -I DOCKER -i br-4cd28c051bec -j RETURN: iptables: No chain/target/match by that name.
     (exit status 1))
    

    看来很不幸啊,又error了,不要慌,我们看看是什么原因导致的,这个报错的根源看似是防火墙,说是无法跳过DNAT(目标网络地址转换)规则,其实导致这个问题的原因是我们刚刚开启了防火墙,却没有重启docker服务,就有点类似更改了配置文件没有重启服务。

    [root@localhost ~]# systemctl restart docker
    [root@localhost ~]# docker network create --subnet=172.18.0.0/24 mynetwork
    723d0fd514eb219d57667f72c3eb75fc4864af0cd94c21b6c70e868fb8d520a1
    
    [root@localhost ~]# docker network ls
    NETWORK ID          NAME                DRIVER              SCOPE
    00008a1e778b        bridge              bridge              local
    3bb2f50eb211        host                host                local
    723d0fd514eb        mynetwork           bridge              local
    e12cd7b98c54        none                null                local
    [root@localhost ~]# 
    

    此时进行验证自定义设置一个容器的固定IP地址的测试:

    [root@localhost ~]# docker run -itd --name test2 --network mynetwork --ip 172.18.0.10 centos:7 /bin/bash
    Unable to find image 'centos:7' locally
    7: Pulling from library/centos
    ab5ef0e58194: Pull complete 
    Digest: sha256:4a701376d03f6b39b8c2a8f4a8e499441b0d567f9ab9d58e4991de4472fb813c
    Status: Downloaded newer image for centos:7
    683ad76f7789b5c16f251577047a288a3a4a00777128a216adfee15985b94c04
    

    查看容器的状态,进入容器查看ip地址

    [root@localhost ~]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
    683ad76f7789        centos:7            "/bin/bash"         23 seconds ago      Up 22 seconds                           test2
    [root@localhost ~]# docker exec -it 683ad76f7789 /bin/bash
    [root@683ad76f7789 /]# yum install -y net-tools
    Loaded plugins: fastestmirror, ovl
    ...
    [root@683ad76f7789 /]# ifconfig 
    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
            inet 172.18.0.10  netmask 255.255.255.0  broadcast 172.18.0.255
            ether 02:42:ac:12:00:0a  txqueuelen 0  (Ethernet)
            RX packets 2302  bytes 15050471 (14.3 MiB)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 2049  bytes 113777 (111.1 KiB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    
    lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
            inet 127.0.0.1  netmask 255.0.0.0
            loop  txqueuelen 1000  (Local Loopback)
            RX packets 62  bytes 7019 (6.8 KiB)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 62  bytes 7019 (6.8 KiB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    

    此时发现自定义的网络设置容器ip地址成功了。

    四、总结

    ​ 本文通过对VMware软件中的三种网络模式工作的原理,层层递进深入讲解docker的各种网络模式,并且通过案例结合排障思路详细介绍了有关docker网桥模式是如何配置容器ip地址的,有默认模式以及自定义模式。

    ​最后,需要注意的是命令还是需要多记多敲多练,谢谢阅读!

 收藏 (0) 打赏

您的赞助是我分享的最大动力!

支付宝扫一扫赞助

微信钱包扫描赞助

转载请注明出处:STBLOG » Docker网络模式与配置Docker自定义网络(bridge模式)

分享到: 更多 (0)

热门文章

  • 评论 抢沙发

    评论前必须登录!

    立即登录   注册

    ❤ 感谢您的关注与支持!❤

    对TA表白给我留言
    我要注册

    登录

    忘记密码 ?

    您也可以使用第三方帐号快捷登录

    切换登录

    注册

    我们将发送一封验证邮件至你的邮箱, 请正确填写以完成账号注册和激活