原创

Docker network 02操作

温馨提示:
本文最后更新于 2024年04月10日 ,已超过 374 天没有更新。若文章内的图片失效(无法正常加载),请留言反馈或直接联系我

Docker network 命令**

network基本命令操作参数

[root@app01 ~]# docker network create --help

Usage:  docker network create [OPTIONS] NETWORK

Create a network

Options:
      --attachable           Enable manual container attachment
      --aux-address map      Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
      --config-from string   The network from which copying the configuration
      --config-only          Create a configuration only network
  -d, --driver string        Driver to manage the Network (default "bridge")
      --gateway strings      IPv4 or IPv6 Gateway for the master subnet
      --ingress              Create swarm routing-mesh network
      --internal             Restrict external access to the network
      --ip-range strings     Allocate container ip from a sub-range
      --ipam-driver string   IP Address Management Driver (default "default")
      --ipam-opt map         Set IPAM driver specific options (default map[])
      --ipv6                 Enable IPv6 networking
      --label list           Set metadata on a network
  -o, --opt map              Set driver specific options (default map[])
      --scope string         Control the network's scope
      --subnet strings       Subnet in CIDR format that represents a network segment

查看网络network ls

docker network ls

创建一个网络 create name

# 基础用法
 docker network create --driver=bridge --gateway=172.16.100.1 --subnet=172.16.100.0/24 mynet
# 创建网络时是可以添加一系列参数的:
# --driver:驱动程序类型,不指定任何选项的时候默认的–driver(网络模式)也是bridge(桥接)
# --gateway:主子网的IPV4和IPV6的网关,不指定自动生成
# --subnet:代表网段的CIDR格式的子网,不指定自动生成
# mynet:自定义网络名称

删除一个网络 rm name

docker network rm mynet 
# 如果网络中有容器连接需要加 -f 参数强制删除,建议不要这样执行,网络中若没有任何容器连接直接执行删除即可.

查看一个网络的详情 inspect name

$ docker network inspect oneblog_oneblog

[
    {
        "Name": "oneblog_oneblog",
        "Id": "2cb8fd6236b09b9519717d810583b124622eedad75fa7fc224548b58edc7c401",
        "Created": "2023-05-25T03:30:11.600251673Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {
            "com.docker.compose.network": "oneblog",
            "com.docker.compose.project": "oneblog",
            "com.docker.compose.version": "2.15.1"
        }
    }
]

删除所有未使用的网络 network prune name

docker network prune 

# ps: -f 强制删除,不提供任何确认情况下删除

将一个容器加入到一个网络中 connect ,取消 disconnect

docker network connect 网络名称 容器ID/容器名称
docker network disconnect 网络名称 容器ID/容器名称
# ps : -f 强制删除参数

默认情况下,来自连接到默认网桥网络的容器的流量 不会转发到外界。要启用转发,您需要更改两个设置。这些不是Docker命令,它们会影响Docker主机的内核。

配置Linux内核以允许IP转发

# 如果下面命令的值为0,说明禁止进行IP转发;如果是1,则说明IP转发功能已经打开。
cat /proc/sys/net/ipv4/ip_forward

# 临时开启,(写入内存,在内存中开启)
echo "1" > /proc/sys/net/ipv4/ip_forward
# 永久开启,(写入内核)
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf 
sysctl -p  # ----加载,使得配置文件立即生效,等同于 sysctl -p /etc/sysctl.conf

将策略的iptables FORWARD策略从更改DROP为 ACCEPT iptables -P FORWARD ACCEPT

Docker运行容器指定网络模式

docker run --name nginx0 -p 8080:80 -d nginx
docker run --net=bridge --name nginx1 -p 8081:80 -d nginx
# 绑定了主机的IP
docker run --net=host --name nginx2  -d nginx

#查看bridge网络,可以看到容器nginx0和nginx1的ip
$ docker network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "4cac0b7e0b1abe7157b0183e1c92c3ada2de897db344abdca89384f4580032ce",
        "Created": "2023-04-09T23:38:32.185797849+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.0/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "1823067a3bd8b62023793287eba1377f0bd70300d05b273f6e05d411c08fca9b": {
                "Name": "nginx1",
                "EndpointID": "69354cde26d8a5a141c20437029c99ab328f2c76eb4d164d98ed146d90be57fa",
                "MacAddress": "02:42:ac:11:00:03",
                "IPv4Address": "172.17.0.3/16",
                "IPv6Address": ""
            },
            "58702d97fd30b2d10c20de6608fc7c9c82485c48bb337dd2fbfc5812180f3cf9": {
                "Name": "nginx0",
                "EndpointID": "4a212c9017ea1240c749041a57733d21b3f515393da716b6f94cc4fe03290e0d",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "1500"
        },
        "Labels": {}
    }
]
正文到此结束
所属分类:后端技术
热门推荐
相关文章
说给你听

本文目录
    标签云
    Linux Java Spring Spring Boot 其他 docker gateway k8s mysql Nacos seata rabbitmq SpringCloud jenkins flutter 前端 vue Android 证书 易小康 压力测试 jmeter yarn nodejs Mac idea dns gradle xcode no'de notepad plus adb logcat
    近期评论
    1. 暂无相关文章
    网站信息
    • 文章总数:66 篇
    • 标签总数:33 个
    • 分类总数:4 个
    • 留言数量:1 条
    • 在线人数:1
    • 运行天数:719天
    • 最后更新:2023年05月25日16点
    • 系统版本:v2.3.4