社区微信群开通啦,扫一扫抢先加入社区官方微信群
社区微信群
Docker网络管理:
- 端口映射
- 网络模式
Docker-网络管理-网络模式-host模式
host模式,容器使用宿主机的ip地址进行对外提供服务,本身没有ip地址。
docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which copying the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
命令格式
docker run --net=host -itd --name [容器名称] 镜像名称
docker network ls
NETWORK ID NAME DRIVER SCOPE
3f3e570c3cf8 bridge bridge local
2d515e0d7ecd bridge-test bridge local
0638f8a6598b bridge-test1 bridge local
59f27d5cdcbc host host local
26dd69b9aac8 none null local
docker network inspect host
[
{
"Name": "host",
"Id": "59f27d5cdcbc44091646924d588b79550b9985ee5b83abdda73237640c28ae1a",
"Created": "2020-04-10T23:52:03.291988376+08:00",
"Scope": "local",
"Driver": "host",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": []
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
host网络下的容器为空: “Containers”: {}
netstat -tnulp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 0.0.0.0:631 0.0.0.0:* -
udp 0 0 0.0.0.0:47803 0.0.0.0:* -
udp6 0 0 :::5353 :::* -
udp6 0 0 :::60995 :::* -
发现没有80端口
docker run --net=host -itd --name nginx-1 nginx && docker ps
6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6457839c78ba nginx "nginx -g 'daemon of…" Less than a second ago Up Less than a second nginx-1
a5142858cd2e nginx "nginx -g 'daemon of…" 32 minutes ago Up 32 minutes 80/tcp nginx-wyf-bridge-3
nginx-1没有端口映射
netstat -tnulp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
udp 0 0 0.0.0.0:5353 0.0.0.0:* -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 0.0.0.0:631 0.0.0.0:* -
udp 0 0 0.0.0.0:47803 0.0.0.0:* -
udp6 0 0 :::5353 :::* -
udp6 0 0 :::60995 :::* -
多出了80端口
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
docker network inspect host
[
{
"Name": "host",
"Id": "59f27d5cdcbc44091646924d588b79550b9985ee5b83abdda73237640c28ae1a",
"Created": "2020-04-10T23:52:03.291988376+08:00",
"Scope": "local",
"Driver": "host",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": []
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e": {
"Name": "nginx-1",
"EndpointID": "5df95c23241e2c1c2b23449854a492575e64bb38a0f6fcd97dec26944ba86f8a",
"MacAddress": "",
"IPv4Address": "",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
host网络下的容器信息:
"Containers": {
"6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e": {
"Name": "nginx-1",
"EndpointID": "5df95c23241e2c1c2b23449854a492575e64bb38a0f6fcd97dec26944ba86f8a",
"MacAddress": "",
"IPv4Address": "",
"IPv6Address": ""
}
},
docker inspect nginx-1
[
{
"Id": "6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e",
"Created": "2020-04-15T04:08:57.330395808Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 6449,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-04-15T04:08:57.945510846Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"ResolvConfPath": "/var/lib/docker/containers/6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e/hostname",
"HostsPath": "/var/lib/docker/containers/6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e/hosts",
"LogPath": "/var/lib/docker/containers/6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e/6457839c78ba5554c8638eea6422d595396c85efe0625a40a838f2d326dd985e-json.log",
"Name": "/nginx-1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "host",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/09df39a2d8cb9609d24994afa200958b7e1d408bab284884d074172985f564c0-init/diff:/var/lib/docker/overlay2/9426eaa48adadb9db8631c15552afd0bf8b5c11e5c8f7edafb1d69d039b649e4/diff:/var/lib/docker/overlay2/0899a3735095820f73d6e45850975cc9ffcbc0c3d7b364bf2b138fb71278e507/diff:/var/lib/docker/overlay2/886d6705a472b017f4a5eb68e6966b2303180d542f6955f4c2f4eee81092c095/diff",
"MergedDir": "/var/lib/docker/overlay2/09df39a2d8cb9609d24994afa200958b7e1d408bab284884d074172985f564c0/merged",
"UpperDir": "/var/lib/docker/overlay2/09df39a2d8cb9609d24994afa200958b7e1d408bab284884d074172985f564c0/diff",
"WorkDir": "/var/lib/docker/overlay2/09df39a2d8cb9609d24994afa200958b7e1d408bab284884d074172985f564c0/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "wyf-virtual-machine",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.9",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "160b983983d384ff6324361683d17e4100ce93fa3e6c3886c7fcba480d4c6fdd",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/default",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"host": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "59f27d5cdcbc44091646924d588b79550b9985ee5b83abdda73237640c28ae1a",
"EndpointID": "5df95c23241e2c1c2b23449854a492575e64bb38a0f6fcd97dec26944ba86f8a",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
nginx-1容器的网络信息:
"Networks": {
"host": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "59f27d5cdcbc44091646924d588b79550b9985ee5b83abdda73237640c28ae1a",
"EndpointID": "5df95c23241e2c1c2b23449854a492575e64bb38a0f6fcd97dec26944ba86f8a",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
nginx-1容器的网络信息为空【从而验证:容器本身没有ip地址。】
ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.66.1 netmask 255.255.255.0 broadcast 192.168.66.255
inet6 fe80::b027:76ff:fe31:d6f6 prefixlen 64 scopeid 0x20<link>
ether 6a:0d:81:17:10:d4 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 67 bytes 7845 (7.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-0638f8a6598b: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.66.0.1 netmask 255.255.0.0 broadcast 172.66.255.255
inet6 fe80::42:daff:fe3e:7e61 prefixlen 64 scopeid 0x20<link>
ether 02:42:da:3e:7e:61 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 6099 (6.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-2d515e0d7ecd: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::42:f4ff:fe77:11 prefixlen 64 scopeid 0x20<link>
ether 02:42:f4:77:00:11 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 45 bytes 5748 (5.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:33:1f:86:1f txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.234.62 netmask 255.255.255.0 broadcast 192.168.234.255
inet6 fe80::20c:29ff:fe1e:a361 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:a3:61 txqueuelen 1000 (Ethernet)
RX packets 9074 bytes 6396215 (6.3 MB)
RX errors 4 dropped 4 overruns 0 frame 0
TX packets 4267 bytes 563929 (563.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x2000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 508 bytes 42972 (42.9 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 508 bytes 42972 (42.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth86a5425: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::680d:81ff:fe17:10d4 prefixlen 64 scopeid 0x20<link>
ether 6a:0d:81:17:10:d4 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 40 bytes 4468 (4.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
浏览器地址栏输入:
http://192.168.234.62
测试完成后,执行关闭容器,以免影响后续测试
docekr kill 容器ID
容器本身并没有IP,但是却能借助宿主机的IP进行访问。【从而验证:host模式,容器使用宿主机的ip地址进行对外提供服务,本身没有ip地址。】
版权声明:本文来源CSDN,感谢博主原创文章,遵循 CC 4.0 by-sa 版权协议,转载请附上原文出处链接和本声明。
原文链接:https://blog.csdn.net/weixin_42366378/article/details/105568160
站方申明:本站部分内容来自社区用户分享,若涉及侵权,请联系站方删除。
如果觉得我的文章对您有用,请随意打赏。你的支持将鼓励我继续创作!
