关于docker:44-容器之间的link

7次阅读

共计 3411 个字符,预计需要花费 9 分钟才能阅读完成。

应用 –link 来连贯容器

https://docs.docker.com/netwo…

Warning: The –link flag is a legacy feature of Docker. It may eventually be removed. Unless you absolutely need to continue using it, we recommend that you use user-defined networks to facilitate communication between two containers instead of using –link. One feature that user-defined networks do not support that you can do with –link is sharing environmental variables between containers. However, you can use other mechanisms such as volumes to share environment variables between containers in a more controlled way.

删除原有的 test2 容器,而后从新创立一个,应用 –link 选项连贯 test1 容器

docker run -d --name test2 --link test1 busybox /bin/sh -c "while true;do sleep 3600;done"

目前 test1 与 test2 的 ip 别离为 172.17.0.2/16,172.17.0.3/16。
因为创立 test2 容器的时候,应用了 –link,如下两种形式都是等价的。
但第二种形式的益处是:

  • 它能够让咱们在解决业务逻辑的时候不必关怀连贯的内部容器的 ip 到底是什么。
  • 假如咱们设置的 db 内部的容器重启之后 IP 变了,这个
docker exec -it test2 ping 172.17.0.2
docker exec -it test2 ping test1

–link 并不是双向的,想在 test1 上应用 name 来 ping 通 test2 就是不行的

#ok
docker exec -it test1 ping 172.17.0.3
#failure
docker exec -it test1 ping test2

手动建设 bridge 网络

做完上述的 link 试验之后,删掉 test2 容器,回过头查看一下 docker 网络

[vagrant@docker-node1 ~]$ docker network ls
NETWORK ID NAME DRIVER SCOPE
a61c325bd7ba bridge bridge local
efb6975c8935 host host local
3fa0f2e1a00b none null local

而后咱们本人新建一个 bridge 网络

docker network create -d bridge my-bridge

建完之后,网络列表是这样的:

[vagrant@docker-node1 ~]$ docker network ls
NETWORK ID NAME DRIVER SCOPE
a61c325bd7ba bridge bridge local
efb6975c8935 host host local
4213425c5293 my-bridge bridge local
3fa0f2e1a00b none null local

应用 brctl show 命令查看,后果如下

bridge name bridge id STP enabled interfaces
br-4213425c5293 8000.02421f24b958 no
docker0 8000.02425387e6fb no veth1d4a1de

而后新建一个 test3 容器,使它连贯到咱们手动建设的 my-bridge 网络

docker run -d --name test3 --network my-bridge busybox /bin/sh -c "while true;do sleep 3600;done"

此时再应用 brctl show 命令,就能够查看到 my-bridge 网络的 veth 接口了

bridge name bridge id STP enabled interfaces
br-4213425c5293 8000.02421f24b958 no veth7bb5433
docker0 8000.02425387e6fb no veth1d4a1de

应用 docker network inspect 4213425c5293 命令,也能看到该网络下的 test3 容器了

{
    "Containers": {
        "b9716e4b50ddb4800a03bd04530eea086331493a50fa1dffbcdcadad1801ba58": {
            "Name": "test3",
            "EndpointID": "ee2124e316486c522ba5414fb5bfd4fc463f45c22e944d65a0028fbcacf39794",
            "MacAddress": "02:42:ac:12:00:02",
            "IPv4Address": "172.18.0.2/16",
            "IPv6Address": ""
        }
    }
}

而后咱们再让 test1 在连贯 name 为 bridge 的网络的根底上,使它还能够连贯到 my-bridge

docker network connect my-bridge test1

此时 test1 就同时连贯到 bridge 和 my-bridge 两个网络上了。
name 为 bridge 的网络

docker network inspect a61c325bd7ba
{
    "Containers": {
        "5b567458c87cc1c7eff73d47a753e1171c6478f2705868f01ebd858b196a2283": {
            "Name": "test1",
            "EndpointID": "e6710f0db01bdbf3669aabeab866a4f27bf1605226dd3d3c98a8b7ea1c6896f0",
            "MacAddress": "02:42:ac:11:00:02",
            "IPv4Address": "172.17.0.2/16",
            "IPv6Address": ""
        }
    }
}

name 为 my-bridge 的网络

docker network inspect 4213425c5293
{
    "Containers": {
        "5b567458c87cc1c7eff73d47a753e1171c6478f2705868f01ebd858b196a2283": {
            "Name": "test1",
            "EndpointID": "a12ab3ef7cdb07c4cd6cb7bd7f5114e6b05107b19de0240abe1f704d46d8afae",
            "MacAddress": "02:42:ac:12:00:03",
            "IPv4Address": "172.18.0.3/16",
            "IPv6Address": ""},"b9716e4b50ddb4800a03bd04530eea086331493a50fa1dffbcdcadad1801ba58": {"Name":"test3","EndpointID":"ee2124e316486c522ba5414fb5bfd4fc463f45c22e944d65a0028fbcacf39794","MacAddress":"02:42:ac:12:00:02","IPv4Address":"172.18.0.2/16","IPv6Address":""}
    }
}

而后做如下测试,发现 test1 和 test3 都是能够 ping 通的,至于为啥没有应用 –link 选项也能通过 name 来 ping 通,而且还是双向 ping 通呢?

这是因为 docker 容器只有不是退出默认的 bridge 网络,而是自定义的 bridge 网络,容器之间都是能够相互 ping 通的

docker exec test1 ping test3
docker exec test1 ping 172.18.0.2
docker exec test3 ping test1
docker exec test3 ping 172.18.0.3

至于如下 ping 失败的起因,则是 test1 尽管有两个 ip,并且和 test3 有互通的网络,然而这两个 ip 齐全不在一个网段上了。

docker exec test3 ping 172.17.0.2
正文完
docker
发表至: docker
2021-03-14
 0
关于docker:Docker-笔记-让-dockercompose-命令在任意路径下都能使用
关于docker:使用Docker方式安装Jenkins
关于docker:62-Docker-Compose到底是什么
关于docker:Docker-系统性入门进阶实践2021最新版一起学习

站内搜索

-「