docker0 网络

在咱们启动一个容器的时候默认指定的网络就是docker0。--net bridge

# 两个命令一个意思，网络属于docker0docker run -d -it --name tomcat01 tomcat:9.0docker run -d -it --name tomcat02 --net bridge tomcat:9.0

docker0网络不反对ping 容器名，只能ping ip

# 查看容器列表➜  ~ docker ps|grep tomcat# 尝试应用容器名ping，后果失败➜  ~ docker exec -it tomcat01 ping tomcat02ping: tomcat02: Name or service not known# 查看ip➜  ~ docker inspect tomcat02......                    "Gateway": "172.17.0.1",                    "IPAddress": "172.17.0.3",                    "IPPrefixLen": 16,                    "IPv6Gateway": "",                    "GlobalIPv6Address": "",                    "GlobalIPv6PrefixLen": 0,                    "MacAddress": "02:42:ac:11:00:03",                    "DriverOpts": null                }            }        }    }]# 能够失去以后容器的ip是172.17.0.3# 尝试ping ip地址 ➜  ~ docker exec -it tomcat01 ping 172.17.0.3PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.325 ms64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.088 ms64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.091 ms64 bytes from 172.17.0.3: icmp_seq=4 ttl=64 time=0.152 ms64 bytes from 172.17.0.3: icmp_seq=5 ttl=64 time=0.109 ms^C--- 172.17.0.3 ping statistics ---5 packets transmitted, 5 received, 0% packet loss, time 90msrtt min/avg/max/mdev = 0.088/0.153/0.325/0.088 ms#能够看到ping ip是OK的。

为了实现能够间接通过容器名称进行ping

形式一 --link

--link能够将A容器连贯到B容器，A ping B ok,B pingA 不行。因为其实现形式是批改了宿主机的hosts文件<linux中是>，进行映射。
这个形式很差，曾经淘汰。简略看一下例子即可

# 启动了容器tomcat03 并link到tomcat02➜  ~ docker run -d -it --name tomcat03 --link tomcat02 tomcat:9.024eb51eea7ec198497aa094698318a7f41b8fe3a146b4794fd6cfe9ac8d49514# 因为link存在，ping OK➜  ~ docker exec -it tomcat03 ping tomcat02                    PING tomcat02 (172.17.0.3) 56(84) bytes of data.64 bytes from tomcat02 (172.17.0.3): icmp_seq=1 ttl=64 time=0.197 ms64 bytes from tomcat02 (172.17.0.3): icmp_seq=2 ttl=64 time=0.079 ms^C--- tomcat02 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 22msrtt min/avg/max/mdev = 0.079/0.138/0.197/0.059 ms# 反过来ping就不行了➜  ~ docker exec -it tomcat02 ping tomcat03ping: tomcat03: Name or service not known

形式二 自定义网络

docker network create
通过自定义网络能够为容器--net指定网络

# 多应用--help查看文档➜  ~ docker network --helpUsage:  docker network COMMANDManage networksCommands:  connect     Connect a container to a network  create      Create a network  disconnect  Disconnect a container from a network  inspect     Display detailed information on one or more networks  ls          List networks  prune       Remove all unused networks  rm          Remove one or more networksRun 'docker network COMMAND --help' for more information on a command.# 创立一个自定义网络# --driver 指定网络模式 桥接# --subnet 子网掩码# --gateway 网关IP➜  ~ docker network create --driver bridge --subnet 192.167.0.0/16 --gateway 192.167.0.1 new_net808d9abd95e811b14ca5dac710aa8f81b0e4e75c98552c3fa2a1e78ba574a401#创立tomcat04 并指定网络new_net➜  ~ docker run -d -it --name tomcat04 --net new_net tomcat:9.00272ba2e3510a593fbcb4c4745954796c92e31207c3d49aaa69d9494897f9031#查看两者ip# 192.167.0.2➜  ~ docker inspect tomcat04# 192.167.0.3➜  ~ docker inspect tomcat05# 间接指定容器名ping➜  ~ docker exec -it tomcat04 ping tomcat05PING tomcat05 (192.167.0.3) 56(84) bytes of data.64 bytes from tomcat05.new_net (192.167.0.3): icmp_seq=1 ttl=64 time=0.270 ms64 bytes from tomcat05.new_net (192.167.0.3): icmp_seq=2 ttl=64 time=0.078 ms^C--- tomcat05 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 1msrtt min/avg/max/mdev = 0.078/0.174/0.270/0.096 ms➜  ~ docker exec -it tomcat05 ping tomcat04PING tomcat04 (192.167.0.2) 56(84) bytes of data.64 bytes from tomcat04.new_net (192.167.0.2): icmp_seq=1 ttl=64 time=0.066 ms64 bytes from tomcat04.new_net (192.167.0.2): icmp_seq=2 ttl=64 time=0.143 ms64 bytes from tomcat04.new_net (192.167.0.2): icmp_seq=3 ttl=64 time=0.114 ms^C--- tomcat04 ping statistics ---3 packets transmitted, 3 received, 0% packet loss, time 75msrtt min/avg/max/mdev = 0.066/0.107/0.143/0.033 ms# 论断：自定义网络之后同一个网络的是能够ping通的

基于以上的论断，请问docker0的tomcat01 能够ping通new_net网络的tomcat04吗？答案：不能够
学过计算机网络就明确，起因是不在一个局域网没法拜访。

➜  ~ docker exec -it tomcat01 ping tomcat04ping: tomcat04: Name or service not known

解决办法 docker network connect “Connect a container to a network”。将容器和网络互连互通。

# 将容器tomcat01和网络new_net连贯➜  ~ docker network connect new_net tomcat01# 再次尝试ping, ok!➜  ~ docker exec -it tomcat01 ping tomcat04 PING tomcat04 (192.167.0.2) 56(84) bytes of data.64 bytes from tomcat04.new_net (192.167.0.2): icmp_seq=1 ttl=64 time=0.157 ms64 bytes from tomcat04.new_net (192.167.0.2): icmp_seq=2 ttl=64 time=0.075 ms^C--- tomcat04 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 2msrtt min/avg/max/mdev = 0.075/0.116/0.157/0.041 ms# 相同的也能够ping ➜  ~ docker exec -it tomcat04 ping tomcat01PING tomcat01 (192.167.0.4) 56(84) bytes of data.64 bytes from tomcat01.new_net (192.167.0.4): icmp_seq=1 ttl=64 time=0.110 ms64 bytes from tomcat01.new_net (192.167.0.4): icmp_seq=2 ttl=64 time=0.084 ms^C--- tomcat01 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 2msrtt min/avg/max/mdev = 0.084/0.097/0.110/0.013 ms

下面的测试提现了互连互通