关于docker:46-容器网络之host和none

34次阅读

共计 2198 个字符,预计需要花费 6 分钟才能阅读完成。

none 网络

创立一个 name 为 test4 的容器,network 为 none

docker run -d --name test4 --network none busybox /bin/sh -c "while true;do sleep 3600;done"

而后应用如下命令查看网络,发现 test4 容器没有对外的网络地址,也就意味着它是孤立的,只能通过 docker exec 来进行拜访了

docker network inspect none
{
    "Containers": {
        "c79d3e5d65e9c4e108ba235bcb88afcf91a0e33d757103edaf69494be5f8efef": {
            "Name": "test4",
            "EndpointID": "15d02e63a684dbb221d9499a24dd3d1af727f54411571d3aa5d18e997f985f24",
            "MacAddress": "","IPv4Address":"",
            "IPv6Address": ""
        }
    }
}
[vagrant@docker-node1 ~]$ docker exec test4 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever

host 网络

创立一个 name 为 test5 的容器,network 为 host

docker run -d --name test5 --network host busybox /bin/sh -c "while true;do sleep 3600;done"

而后应用docker network inspect host,发现 test5 容器也是没有对外的网络地址的

{
    "Containers": {
        "d5fd809592045345d79c8fd68656219782f9b82fb7defe1e00da9e46b9ea7b23": {
            "Name": "test5",
            "EndpointID": "5b950483a8e7f19e5238be72c38c0d9da7bef07e4592662aa5ced5f0a7eba020",
            "MacAddress": "","IPv4Address":"",
            "IPv6Address": ""
        }
    }
}

然而执行 docker exec test5 ip a 命令,发现它的网络和容器所在的虚拟主机是一样的。

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 52:54:00:c9:c7:04 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic eth0
       valid_lft 73267sec preferred_lft 73267sec
    inet6 fe80::5054:ff:fec9:c704/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 08:00:27:33:6b:20 brd ff:ff:ff:ff:ff:ff
    inet 192.168.205.10/24 brd 192.168.205.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe33:6b20/64 scope link
       valid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
    link/ether 02:42:53:87:e6:fb brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:53ff:fe87:e6fb/64 scope link
       valid_lft forever preferred_lft forever

也就是说基于 host 网络的容器,它是没有本人的 name space 的,它与主机共享同一个 name space。

正文完
docker
发表至: docker
2021-03-14
 0
关于docker:dndbind
关于docker:CentOS-7安装dockerceyum安装
关于docker:URLOS站群快速部署解决方案-快速建站批量建站站群解决方案
关于docker:Docker-PHP-入门实践三