安装docker之前查看网卡:
[root@hostname-B docker]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 00:16:3e:2b:42:a2 brd ff:ff:ff:ff:ff:ff
安装docker后查看网卡:
[root@hostname-B docker]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 00:16:3e:2b:42:a2 brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:f9:9f:04:f3 brd ff:ff:ff:ff:ff:ff
lo是本地网卡,eth0是与外界通信的网卡,
网卡信息的配置文件
[root@hostname-B network-scripts]# cd /etc/sysconfig/network-scripts/
[root@hostname-B network-scripts]# ls
ifcfg-eth0 ifdown-eth ifdown-post ifdown-Team ifup-aliases ifup-ipv6 ifup-post ifup-Team init.ipv6-global
ifcfg-lo ifdown-ippp ifdown-ppp ifdown-TeamPort ifup-bnep ifup-isdn ifup-ppp ifup-TeamPort network-functions
ifdown ifdown-ipv6 ifdown-routes ifdown-tunnel ifup-eth ifup-plip ifup-routes ifup-tunnel network-functions-ipv6
ifdown-bnep ifdown-isdn ifdown-sit ifup ifup-ippp ifup-plusb ifup-sit ifup-wireless
修改网卡的内容,比如:vim ifcfg-eth0
文件内容如下:
BOOTPROTO=dhcp
DEVICE=eth0
ONBOOT=yes
STARTMODE=auto
TYPE=Ethernet
USERCTL=no
创建network namespace
ip netns add ns1
查看该namespace的网卡信息
ip netns exec ns1 ip a
启动ns1上的lo网卡
ip netns exec ns1 ifup lo
再查看网卡信息:
[root@hostname-B network-scripts]# ip netns exec ns1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
同理再次创建ns2
这时候ns1中的网卡和ns2中的网卡是不连通的,这时候需要借助一个技术:veth pair
一个Tomcat镜像,通过 docker run 运行出两个容器,
创建两个运行时容器,这两个容器都有自己独立的namespace,
进入两个容器查看IP,发现两个容器中的IP是可以相互ping通的。
[root@hostname-B docker]# docker run -d --name my_tomcat1 -p 8081:8080 tomcat
4cc812ae0ada5e7ebfb7e781c54b8e80afe50c1b4d370e2a570fc5153007f5ee
[root@hostname-B docker]# docker run -d --name my_tomcat2 -p 8082:8080 tomcat
990d64e788b5c9033aa83684c98a0f5b03eab93801a3ac2dca992a49e2926f0a
[root@hostname-B docker]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:16:3e:2b:42:a2 brd ff:ff:ff:ff:ff:ff
inet 172.18.245.85/20 brd 172.18.255.255 scope global dynamic eth0
valid_lft 315351702sec preferred_lft 315351702sec
inet6 fe80::216:3eff:fe2b:42a2/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:f9:9f:04:f3 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:f9ff:fe9f:4f3/64 scope link
valid_lft forever preferred_lft forever
15: vethc47c5b1@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 36:3d:93:d8:dd:d9 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::343d:93ff:fed8:ddd9/64 scope link
valid_lft forever preferred_lft forever
17: vethfc241fb@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether fe:53:e6:e6:d9:67 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::fc53:e6ff:fee6:d967/64 scope link
valid_lft forever preferred_lft forever
多出来了 vethc47c5b1@if14 和 vethfc241fb@if16
所有创建的容器都会连接到docker0网关中。每个容器都有自己的namespace,这个namespace是跟docker0是通过veth pair 进行连通的。
查看docker中的网络模式有三种,其实veth pair对就是基于桥接模式。
[root@hostname-B docker]# docker network ls
NETWORK ID NAME DRIVER SCOPE
16bb2158267b bridge bridge local
8e0d17678dbb host host local
5ad46ae4730c none null local
