要创建一个完整的 Web 应用程序,可能需要运行多个容器。例如,提供数据库服务的容器,提供Web服务的容器,等等。
默认情况下,容器的运行是彼此隔离的,一个容器不知道在同一个机器上的其他进程或容器。容器组网 (container networking) 能够把多个容器连接在一起并进行通信。
创建网络
docker network create topeid-network
可以通过 docker network ls 查看已经创建的网络。
4d8b056ae7ac bridge bridge local
871601d4ec64 host host local
385a5fb00f2f none null local
54aeb37c4f31 topeid-network bridge local
可以通过 docker network inspect topeid-network 命令,查看创建的网络的详细信息。
[
{
"Name": "topeid-network",
"Id": "54aeb37c4f31dc08da373c8237df3b7e4bf3194f3cb296dc050319459c53adb6",
"Created": "2022-10-13T10:53:52.6993315Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
},
"Options": {},
"Labels": {}
}
]
连接网络
在第一次运行一个容器的时候,可以将容器添加到网络中。
docker run -d --network topeid-network --name topeid-mysql8 mysql:8.0.33
再次运行查看网络的命令 docker network inspect topeid-network,会发现 Containers 属性中,已经包含了刚刚运行的容器。
[
{
"Name": "topeid-network",
"Id": "54aeb37c4f31dc08da373c8237df3b7e4bf3194f3cb296dc050319459c53adb6",
"Created": "2022-10-13T10:53:52.6993315Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"a309ae447cd913df44aa514ab49f7beb76f9c6b9343f535e552b99512fdea6b2": {
"Name": "topeid-mysql8",
"EndpointID": "5f66eca82094423e7cfb1bbb65a798734f60a77b2aa7ba8c95f213aa1b29b4bb",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
我们也可以把正在运行的容器添加到一个网络中。例如,我们先运行一个 Tomcat8 的容器。
docker run -d --name tomcat8 -p 8080:8080 tomcat:8-jdk8
查看容器所在的网络,从 "NetworkID":"4d8b056ae7acb03ce55fdf7ae333d07602085082f30f079c2760d767b5a44106" 的值可以看出,容器默认是连接到 bridge 网络上的。
docker inspect --format='{{json .NetworkSettings.Networks}}' tomcat8
{
"bridge":
{
"IPAMConfig":null,
"Links":null,
"Aliases":null,
"NetworkID":"4d8b056ae7acb03ce55fdf7ae333d07602085082f30f079c2760d767b5a44106",
"EndpointID":"a9d392d165504a27d9fa3fc718da54581e47934dbf8b44e5f85ad8267d51e94d",
"Gateway":"172.17.0.1",
"IPAddress":"172.17.0.3",
"IPPrefixLen":16,
"IPv6Gateway":"",
"GlobalIPv6Address":"",
"GlobalIPv6PrefixLen":0,
"MacAddress":"02:42:ac:11:00:03",
"DriverOpts":null
}
}
接着,我们把 tomcat8 容器连接到 topeid-network 上。
docker network connect topeid-network tomcat8
再次查看容器所在的网络。
docker inspect --format='{{json .NetworkSettings.Networks}}' tomcat8
可以看出,"NetworkID":"54aeb37c4f31dc08da373c8237df3b7e4bf3194f3cb296dc050319459c53adb6" 表明 tomcat8 容器连接到了 topeid-network 网络上。同时,也能够知道,一个容器可以连接到多个网络。
{
"bridge":{
"IPAMConfig":null,
"Links":null,
"Aliases":null,
"NetworkID":"4d8b056ae7acb03ce55fdf7ae333d07602085082f30f079c2760d767b5a44106",
"EndpointID":"a9d392d165504a27d9fa3fc718da54581e47934dbf8b44e5f85ad8267d51e94d",
"Gateway":"172.17.0.1",
"IPAddress":"172.17.0.3",
"IPPrefixLen":16,
"IPv6Gateway":"",
"GlobalIPv6Address":"",
"GlobalIPv6PrefixLen":0,
"MacAddress":"02:42:ac:11:00:03",
"DriverOpts":null
},
"topeid-network":{
"IPAMConfig":{},
"Links":null,
"Aliases":["0ba391a40d6b"],
"NetworkID":"54aeb37c4f31dc08da373c8237df3b7e4bf3194f3cb296dc050319459c53adb6",
"EndpointID":"9962b507ebc89079da6e51a14dd71d287a461b1748ffbd94c38da00bc2962034",
"Gateway":"172.18.0.1",
"IPAddress":"172.18.0.5",
"IPPrefixLen":16,
"IPv6Gateway":"","GlobalIPv6Address":"",
"GlobalIPv6PrefixLen":0,
"MacAddress":"02:42:ac:12:00:05",
"DriverOpts":{}
}
}
