网桥是一个二层虚拟网络设备,把若干网络接口连接起来,各个网络之间的报文就可以相互转发了。
创建test1、test2二个容器
docker run -d --name test1 busybox /bin/sh -c "while true; do sleep 3600; done"
docker run -d --name test2 busybox /bin/sh -c "while true; do sleep 3600; done"
查看二个容器的ip
[root@gundy ~]# docker exec -it test1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@gundy ~]# docker exec -it test2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
test1为172.17.0.2; test2为172.17.0.3
这二个容器的网络是相通的
[root@gundy ~]# docker exec -it test1 sh
/ # ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.118 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.103 ms
64 bytes from 172.17.0.3: seq=2 ttl=64 time=0.092 ms
64 bytes from 172.17.0.3: seq=3 ttl=64 time=0.084 ms
64 bytes from 172.17.0.3: seq=4 ttl=64 time=0.087 ms
64 bytes from 172.17.0.3: seq=5 ttl=64 time=0.148 ms
64 bytes from 172.17.0.3: seq=6 ttl=64 time=0.088 ms
--- 172.17.0.3 ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max = 0.084/0.102/0.148 ms
docker网络类型
[root@gundy ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
5080e21f821a bridge bridge local
b869ad20472e host host local
a8de1708c8ee none null local
查看网络的详细信息 docker network inspect 5080e21f821a
查看网桥 首先安装brctl
yum install bridge-utils
brtcl show
[root@gundy ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242ce745ae0 no vetha0461e6
vethf7aa241
网桥的二个接口vetha0461e6, vethf7aa241
[root@gundy ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:16:3e:0c:20:db brd ff:ff:ff:ff:ff:ff
inet 172.16.191.57/20 brd 172.16.191.255 scope global dynamic noprefixroute eth0
valid_lft 276943540sec preferred_lft 276943540sec
inet6 fe80::216:3eff:fe0c:20db/64 scope link
valid_lft forever preferred_lft forever
5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ce:74:5a:e0 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:ceff:fe74:5ae0/64 scope link
valid_lft forever preferred_lft forever
7: vethf7aa241@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether e6:f6:df:ba:68:a8 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::e4f6:dfff:feba:68a8/64 scope link
valid_lft forever preferred_lft forever
11: vetha0461e6@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 1e:c3:d3:64:b4:e1 brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::1cc3:d3ff:fe64:b4e1/64 scope link
valid_lft forever preferred_lft forever
示意图如下,二个容器通过Veth设备对分别跟网桥docker0连接。
