Docker 自修

Docker 自修笔记(五)—— 示例学习

2017-07-21  本文已影响0人  心甘情愿_Root

本博客为JDGan自修Docker的笔记,如有粗鄙之处,还请见谅~

阅读本博客前,请确定了解了以前的blog:
Docker 自修笔记(一)
Docker 自修笔记 附 —— 分享docker镜像
Docker 自修笔记(二)
Docker 自修笔记(三)
Docker 自修笔记(四)

容器的网络部署

通过默认网络驱动器部署容器

Docker 可以通过使用网络驱动器(network drivers)来进行网络部署,Docker引擎自动启动了几个网络,可以通过ls打印出来:

$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
a2d429ecaf49        bridge              bridge              local
ce0f138b6685        docker_gwbridge     bridge              local
699a0339616b        host                host                local
20791422dd99        none                null                local

Docker 默认是使用bridge来启动网络容器,通过inspect来检查该网络的信息。

$ docker run -itd --name=networktest ubuntu
......
......
$ docker network inspect bridge

[
    {
        "Name": "bridge",
        "Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.17.0.1/16",
                    "Gateway": "172.17.0.1"
                }
            ]
        },
        "Internal": false,
        "Containers": {
            "3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c": {
                "Name": "networktest",
                "EndpointID": "647c12443e91faf0fd508b6edfe59c30b642abb60dfab890b4bdccee38750bc1",
                "MacAddress": "02:42:ac:11:00:02",
                "IPv4Address": "172.17.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge": "true",
            "com.docker.network.bridge.enable_icc": "true",
            "com.docker.network.bridge.enable_ip_masquerade": "true",
            "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
            "com.docker.network.bridge.name": "docker0",
            "com.docker.network.driver.mtu": "9001"
        },
        "Labels": {}
    }
]

如果需要断开容器的网络,可以通过disconnect命令来执行:

$ docker network disconnect bridge networktest

创建自定义bridge网络

Docker官方支持的网络驱动器为:bridgeoverlay两种:bridge是仅支持单个主机的网络,而overlay支持多个主机。

举个栗子,首先创建一个bridge网络:

$ docker network create -d bridge my_bridge
$ docker inspect my_bridge
[
    {
        "Name": "my_bridge",
        "Id": "b76785001c95aa6a59a68362afa31c6980f23fcbbf6e99c31e32299f815dd188",
        "Created": "2017-07-19T08:04:48.72271711Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

将容器添加到网络

通过使用--net=my_bridge运行容器,来使用上面创建的网络里。
首先获取一个PostgreSQL数据库,并连接到网络。

$ docker run -d --net=my_bridge --name db training/postgres

完成后可以检查docker网络:

$ docker inspect --format='{{json .NetworkSettings.Networks}}'  db

{"my_bridge":{"IPAMConfig":null,"Links":null,"Aliases":["2ba194069046"],"NetworkID":"b76785001c95aa6a59a68362afa31c6980f23fcbbf6e99c31e32299f815dd188","EndpointID":"65c9a19a51451eec25bd81a78c156d26aa466df037043f8a2e552f8236c713bd","Gateway":"172.18.0.1","IPAddress":"172.18.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:12:00:02","DriverOpts":null}}

数据库启动并连接成功啦, 接下来我们启动一个web服务:

$ docker run -d --name web training/webapp python app.py

启动成功的结构图。


完成后的host结构图

检查启动结果:

$ docker inspect --format='{{json .NetworkSettings.Networks}}'  web

{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"cdd6f0ecda824d95469b6105085b96574e1fa96bdccaa726f42a2ba89e30c863","EndpointID":"5aef9b86a310d42b9ee22a52098f000793b9f0b90b934a47dfe8257c42920e7c","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02","DriverOpts":null}}

$ docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' web

172.17.0.2

然后,在db容器上启动shell:

$ docker exec -it db bash
root@2ba194069046:/# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
^C
--- 172.17.0.2 ping statistics ---
12 packets transmitted, 0 received, 100% packet loss, time 11416ms

两个容器在不同的网络上运行,所以无法连接。Docker 允许容器连接多个网络,并且也可以在容器运行时修改连接的网络。那么:

$ docker network connect my_bridge web

修改后启动成功的结构图。


完成后的host结构图

再次打开db的shell,尝试ping

$ docker exec -it db bash
root@2ba194069046:/# ping web
PING web (172.18.0.3) 56(84) bytes of data.
64 bytes from web.my_bridge (172.18.0.3): icmp_seq=1 ttl=64 time=0.094 ms
64 bytes from web.my_bridge (172.18.0.3): icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from web.my_bridge (172.18.0.3): icmp_seq=3 ttl=64 time=0.076 ms
64 bytes from web.my_bridge (172.18.0.3): icmp_seq=4 ttl=64 time=0.070 ms
64 bytes from web.my_bridge (172.18.0.3): icmp_seq=5 ttl=64 time=0.076 ms
^C
--- web ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4130ms
rtt min/avg/max/mdev = 0.070/0.077/0.094/0.010 ms

这样,我们就完成了我们的web和db的网络部署。


上一篇下一篇

猜你喜欢

热点阅读