九、docker网络
一、查看环境
1、docker rm 容器id 和 docker rmi 镜像id
[root@Jin /]# docker ps
[root@Jin /]# docker rm -f $(docker ps -aq)
[root@Jin /]# docker images
[root@Jin /]# docker rmi -f $(docker images -aq)
2、ip add
[root@Jin /]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:08:2d:ef brd ff:ff:ff:ff:ff:ff
inet 172.27.165.156/20 brd 172.27.175.255 scope global dynamic eth0
valid_lft 314923953sec preferred_lft 314923953sec
inet6 fe80::216:3eff:fe08:2def/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:95:19:a0:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:95ff:fe19:a004/64 scope link
valid_lft forever preferred_lft forever
3、evth-pair技术(成对)
1、tomcat01容器
[root@Jin /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:08:2d:ef brd ff:ff:ff:ff:ff:ff
inet 172.27.165.156/20 brd 172.27.175.255 scope global dynamic eth0
valid_lft 314860480sec preferred_lft 314860480sec
inet6 fe80::216:3eff:fe08:2def/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:95:19:a0:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:95ff:fe19:a004/64 scope link
valid_lft forever preferred_lft forever
[root@Jin /]# docker run -d -P --name tomcat01 tomcat
Unable to find image 'tomcat:latest' locally
latest: Pulling from library/tomcat
0e29546d541c: Pull complete
9b829c73b52b: Pull complete
cb5b7ae36172: Pull complete
6494e4811622: Pull complete
668f6fcc5fa5: Pull complete
dc120c3e0290: Pull complete
8f7c0eebb7b1: Pull complete
77b694f83996: Pull complete
0f611256ec3a: Pull complete
4f25def12f23: Pull complete
Digest: sha256:9dee185c3b161cdfede1f5e35e8b56ebc9de88ed3a79526939701f3537a52324
Status: Downloaded newer image for tomcat:latest
b460f2bfd0dd68520f37d11d9040b2ec461fd6d4e712a7f6e86683343536eb66
[root@Jin /]# docker exec -it tomcat01 /bin/bash
root@b460f2bfd0dd:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:2 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:4 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 6min 10s (23.0 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 52s (26.8 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@b460f2bfd0dd:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 1s (64.8 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@b460f2bfd0dd:/usr/local/tomcat# exit
exit
[root@Jin /]# docker inspect --format='{
{.NetworkSettings.IPAddress}}' tomcat01
172.17.0.2
[root@Jin /]# docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
120: eth0@if121: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@Jin /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.070 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.071 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.076 ms
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.070/0.072/0.076/0.007 ms
[root@Jin /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:08:2d:ef brd ff:ff:ff:ff:ff:ff
inet 172.27.165.156/20 brd 172.27.175.255 scope global dynamic eth0
valid_lft 314859927sec preferred_lft 314859927sec
inet6 fe80::216:3eff:fe08:2def/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:95:19:a0:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:95ff:fe19:a004/64 scope link
valid_lft forever preferred_lft forever
121: vethbbf19fb@if120: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 76:fa:34:93:13:f7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::74fa:34ff:fe93:13f7/64 scope link
valid_lft forever preferred_lft forever
2、tomcat02容器
[root@Jin /]# docker run -d -P --name tomcat02 tomcat
17d7f71aee3417d11f9eddc75f0e25fa76deeb4b45526fde041f3a7558cb6b4f
[root@Jin /]# docker exec -it tomcat02 /bin/bash
root@17d7f71aee34:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:3 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:4 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 5min 57s (23.8 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 51s (27.2 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@17d7f71aee34:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 1s (75.6 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@17d7f71aee34:/usr/local/tomcat# exit
exit
[root@Jin /]# docker inspect --format='{
{.NetworkSettings.IPAddress}}' tomcat02
172.17.0.3
[root@Jin /]# docker exec -it tomcat02 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
122: eth0@if123: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@Jin /]# ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.105 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.085 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.074 ms
^C
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.074/0.088/0.105/0.012 ms
[root@Jin /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:08:2d:ef brd ff:ff:ff:ff:ff:ff
inet 172.27.165.156/20 brd 172.27.175.255 scope global dynamic eth0
valid_lft 314859187sec preferred_lft 314859187sec
inet6 fe80::216:3eff:fe08:2def/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:95:19:a0:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:95ff:fe19:a004/64 scope link
valid_lft forever preferred_lft forever
121: vethbbf19fb@if120: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 76:fa:34:93:13:f7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::74fa:34ff:fe93:13f7/64 scope link
valid_lft forever preferred_lft forever
123: vethac1497f@if122: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 2a:88:a0:0d:5b:32 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::2888:a0ff:fe0d:5b32/64 scope link
valid_lft forever preferred_lft forever
3、tomcat01 ping tomcat02
[root@Jin /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
17d7f71aee34 tomcat "catalina.sh run" 13 minutes ago Up 13 minutes 0.0.0.0:49177->8080/tcp, :::49177->8080/tcp tomcat02
b460f2bfd0dd tomcat "catalina.sh run" 25 minutes ago Up 25 minutes 0.0.0.0:49176->8080/tcp, :::49176->8080/tcp tomcat01
[root@Jin /]# docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
120: eth0@if121: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@Jin /]# docker exec -it tomcat02 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
122: eth0@if123: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@Jin /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:08:2d:ef brd ff:ff:ff:ff:ff:ff
inet 172.27.165.156/20 brd 172.27.175.255 scope global dynamic eth0
valid_lft 314858842sec preferred_lft 314858842sec
inet6 fe80::216:3eff:fe08:2def/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:95:19:a0:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:95ff:fe19:a004/64 scope link
valid_lft forever preferred_lft forever
121: vethbbf19fb@if120: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 76:fa:34:93:13:f7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::74fa:34ff:fe93:13f7/64 scope link
valid_lft forever preferred_lft forever
123: vethac1497f@if122: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 2a:88:a0:0d:5b:32 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::2888:a0ff:fe0d:5b32/64 scope link
valid_lft forever preferred_lft forever
[root@Jin /]# docker exec -it tomcat01 ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.150 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.097 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.159 ms
^C
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.097/0.135/0.159/0.027 ms
4、原理
#我们没启动一个docker容器, docker就会给docker容器分配一个ip, 我们只要安装了docker,就会有一个网卡 docker0桥接模式,使用的技术是veth-pair技术!
5、小结
# veth-pair 就是一对的虚拟设备接口,他们都是成对出现的,一端连着协议,一端彼此相连
# 正因为有这个特性,veth-pair充当一个桥梁, 连接各种虚拟网络设备
# OpenStac, Docker容器之间的链接,OVS的链接, 都是使用veth-pair技术
#结论:容器与容器之间是可以相互ping通的!
二、容器互联(–link)
1、tomcat01和tomcat02 ping不同
[root@Jin /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
17d7f71aee34 tomcat "catalina.sh run" 2 hours ago Up 2 hours 0.0.0.0:49177->8080/tcp, :::49177->8080/tcp tomcat02
b460f2bfd0dd tomcat "catalina.sh run" 2 hours ago Up 2 hours 0.0.0.0:49176->8080/tcp, :::49176->8080/tcp tomcat01
[root@Jin /]# docker exec -it tomcat01 ping tomcat02
ping: tomcat02: Name or service not known
2、解决
[root@Jin /]# docker run -d -P --name tomcat03 --link tomcat02 tomcat
b00eb0a0cf295d0a61c95f3c84c1216512854bc2c621609a8aae24a7754f6f12
[root@Jin /]# docker exec -it tomcat03 /bin/bash
root@b00eb0a0cf29:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:3 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:4 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 2min 51s (49.8 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 54s (25.8 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@b00eb0a0cf29:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 1s (35.8 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@b00eb0a0cf29:/usr/local/tomcat# exit
exit
[root@Jin /]# docker inspect --format='{
{.NetworkSettings.IPAddress}}' tomcat03
172.17.0.4
[root@Jin /]# docker exec -it tomcat03 ping tomcat02
PING tomcat02 (172.17.0.3) 56(84) bytes of data.
64 bytes from tomcat02 (172.17.0.3): icmp_seq=1 ttl=64 time=0.140 ms
64 bytes from tomcat02 (172.17.0.3): icmp_seq=2 ttl=64 time=0.142 ms
64 bytes from tomcat02 (172.17.0.3): icmp_seq=3 ttl=64 time=0.090 ms
^C
--- tomcat02 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.090/0.124/0.142/0.024 ms
[root@Jin /]# docker exec -it tomcat02 ping tomcat03
ping: tomcat03: Name or service not known
[root@Jin /]# docker exec -it tomcat03 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 tomcat02 17d7f71aee34
172.17.0.4 b00eb0a0cf29
[root@Jin /]# docker exec -it tomcat02 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 17d7f71aee34
3、小结
本质探究:--link 就是我们在hosts配置中增加了一个172.17.0.3 tomcat02 f22ed47ed1be
我们现在玩Docker已经不建议使用--link了!
自定义网络!不使用Docker0!
Docker0的问题:它不支持容器名链接访问!
三、容器互联(自定义网络)
1、查看所有的docker网络
[root@Jin /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7b8a815e7cd1 bridge bridge local
93b2b5e1ea8e host host local
8a26d6aee240 none null local
网络模式
bridge: 桥接模式,桥接 docker 默认,自己创建的也是用brdge模式
none: 不配置网络
host: 和宿主机共享网络
container:容器网络连通!(用的少, 局限很大)
2、创建自己的网卡mynet
# --driver bridge 默认的桥接
# --subnet 192.168.0.0/16 子网地址
# --gateway 192.168.0.1 网关(路由器地址)
[root@Jin /]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
d1b52d0177f853bd7bf0de4bd7c00b2f676ca1de44c597ac6b0efcfcf6bf97c7
[root@Jin /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7b8a815e7cd1 bridge bridge local
93b2b5e1ea8e host host local
d1b52d0177f8 mynet bridge local
8a26d6aee240 none null local
3、查看查看mynet的详细信息
[root@Jin /]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "d1b52d0177f853bd7bf0de4bd7c00b2f676ca1de44c597ac6b0efcfcf6bf97c7",
"Created": "2022-01-27T14:02:57.374120882+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
},
"Options": {
},
"Labels": {
}
}
]
4、测试ping通
[root@Jin /]# docker run -d -P --name tomcat-net-01 --net mynet tomcat
078333ccde89b3b219ed96a3badc4a382ccea184e14154d819b65993b52180e0
[root@Jin /]# docker exec -it tomcat-net-01 /bin/bash
root@078333ccde89:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:2 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:3 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:4 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 6min 22s (22.2 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 57s (24.6 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@078333ccde89:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 1s (89.6 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@078333ccde89:/usr/local/tomcat# exit
exit
[root@Jin /]# docker run -d -P --name tomcat-net-02 --net mynet tomcat
6a938d3efdb8313b08a421de6307f6ddd73662ba0a664644907f50b7fcc55458
[root@Jin /]# docker exec -it tomcat-net-02 /bin/bash
root@6a938d3efdb8:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:4 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 2min 59s (47.4 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 52s (26.9 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@6a938d3efdb8:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 2s (21.1 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@6a938d3efdb8:/usr/local/tomcat# exit
exit
[root@Jin /]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "d1b52d0177f853bd7bf0de4bd7c00b2f676ca1de44c597ac6b0efcfcf6bf97c7",
"Created": "2022-01-27T14:02:57.374120882+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"078333ccde89b3b219ed96a3badc4a382ccea184e14154d819b65993b52180e0": {
"Name": "tomcat-net-01",
"EndpointID": "84baf79779ec2469294c78d9e3ad67059679ae3acfb3586e6c383c2f693aa440",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"6a938d3efdb8313b08a421de6307f6ddd73662ba0a664644907f50b7fcc55458": {
"Name": "tomcat-net-02",
"EndpointID": "08a3a8d6f75d68f800a3190cdeb2fcbe14d8a3af9cbb13be051053a630c0f5ce",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {
},
"Labels": {
}
}
]
[root@Jin /]# docker exec -it tomcat-net-01 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.132 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.174 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=64 time=0.114 ms
^C
--- 192.168.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.114/0.140/0.174/0.025 ms
[root@Jin /]# docker exec -it tomcat-net-01 ping tomcat-net-02
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.087 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.118 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.134 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=4 ttl=64 time=0.148 ms
^C
--- tomcat-net-02 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.087/0.121/0.148/0.022 ms
5、小结
我们自定义的网络docker都已经帮我们维护好了对应的关系,推荐我们平时这样使用网络
好处:
redis - 不同的集群使用不同的网络,保证集群时安全和健康的
mysql - 不同的集群使用不同的网络,保证集群时安全和健康的
四、网络连通
1、tomcat01和tomcat02容器
[root@Jin /]# docker run -d -P --name tomcat01 tomcat
e36f2327af5dfefdd8de2371a6e099ed590742807ad0e34378913d8f98ee3f44
[root@Jin /]# docker exec -it tomcat01 /bin/bash
root@e36f2327af5d:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:3 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:4 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 7min 3s (20.1 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 1min 2s (22.4 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@e36f2327af5d:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 1s (84.1 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@e36f2327af5d:/usr/local/tomcat# exit
exit
[root@Jin /]# docker run -d -P --name tomcat02 tomcat
720684384ffd83855de3ec935322b955adbe04be40c730b8e00b28e7642109a8
[root@Jin /]# docker exec -it tomcat02 /bin/bash
root@720684384ffd:/usr/local/tomcat# apt update && apt install -y iproute2
Get:1 http://deb.debian.org/debian bullseye InRelease [116 kB]
Get:2 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [39.4 kB]
Get:4 http://security.debian.org/debian-security bullseye-security/main amd64 Packages [114 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 Packages [8183 kB]
Get:6 http://deb.debian.org/debian bullseye-updates/main amd64 Packages [2596 B]
Fetched 8499 kB in 2min 17s (62.0 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
7 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
Suggested packages:
iproute2-doc
The following NEW packages will be installed:
iproute2 libatm1 libbpf0 libcap2 libcap2-bin libelf1 libmnl0 libpam-cap libxtables12
0 upgraded, 9 newly installed, 0 to remove and 7 not upgraded.
Need to get 1394 kB of archives.
After this operation, 4686 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 libelf1 amd64 0.183-1 [165 kB]
Get:2 http://deb.debian.org/debian bullseye/main amd64 libbpf0 amd64 1:0.3-2 [98.3 kB]
Get:3 http://deb.debian.org/debian bullseye/main amd64 libcap2 amd64 1:2.44-1 [23.6 kB]
Get:4 http://deb.debian.org/debian bullseye/main amd64 libmnl0 amd64 1.0.4-3 [12.5 kB]
Get:5 http://deb.debian.org/debian bullseye/main amd64 libxtables12 amd64 1.8.7-1 [45.1 kB]
Get:6 http://deb.debian.org/debian bullseye/main amd64 libcap2-bin amd64 1:2.44-1 [32.6 kB]
Get:7 http://deb.debian.org/debian bullseye/main amd64 iproute2 amd64 5.10.0-4 [930 kB]
Get:8 http://deb.debian.org/debian bullseye/main amd64 libatm1 amd64 1:2.5.1-4 [71.3 kB]
Get:9 http://deb.debian.org/debian bullseye/main amd64 libpam-cap amd64 1:2.44-1 [15.4 kB]
Fetched 1394 kB in 50s (27.9 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libelf1:amd64.
(Reading database ... 12672 files and directories currently installed.)
Preparing to unpack .../0-libelf1_0.183-1_amd64.deb ...
Unpacking libelf1:amd64 (0.183-1) ...
Selecting previously unselected package libbpf0:amd64.
Preparing to unpack .../1-libbpf0_1%3a0.3-2_amd64.deb ...
Unpacking libbpf0:amd64 (1:0.3-2) ...
Selecting previously unselected package libcap2:amd64.
Preparing to unpack .../2-libcap2_1%3a2.44-1_amd64.deb ...
Unpacking libcap2:amd64 (1:2.44-1) ...
Selecting previously unselected package libmnl0:amd64.
Preparing to unpack .../3-libmnl0_1.0.4-3_amd64.deb ...
Unpacking libmnl0:amd64 (1.0.4-3) ...
Selecting previously unselected package libxtables12:amd64.
Preparing to unpack .../4-libxtables12_1.8.7-1_amd64.deb ...
Unpacking libxtables12:amd64 (1.8.7-1) ...
Selecting previously unselected package libcap2-bin.
Preparing to unpack .../5-libcap2-bin_1%3a2.44-1_amd64.deb ...
Unpacking libcap2-bin (1:2.44-1) ...
Selecting previously unselected package iproute2.
Preparing to unpack .../6-iproute2_5.10.0-4_amd64.deb ...
Unpacking iproute2 (5.10.0-4) ...
Selecting previously unselected package libatm1:amd64.
Preparing to unpack .../7-libatm1_1%3a2.5.1-4_amd64.deb ...
Unpacking libatm1:amd64 (1:2.5.1-4) ...
Selecting previously unselected package libpam-cap:amd64.
Preparing to unpack .../8-libpam-cap_1%3a2.44-1_amd64.deb ...
Unpacking libpam-cap:amd64 (1:2.44-1) ...
Setting up libatm1:amd64 (1:2.5.1-4) ...
Setting up libcap2:amd64 (1:2.44-1) ...
Setting up libcap2-bin (1:2.44-1) ...
Setting up libmnl0:amd64 (1.0.4-3) ...
Setting up libxtables12:amd64 (1.8.7-1) ...
Setting up libelf1:amd64 (0.183-1) ...
Setting up libpam-cap:amd64 (1:2.44-1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libbpf0:amd64 (1:0.3-2) ...
Setting up iproute2 (5.10.0-4) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Processing triggers for libc-bin (2.31-13+deb11u2) ...
root@720684384ffd:/usr/local/tomcat# apt install iputils-ping
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
iputils-ping
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 49.8 kB of archives.
After this operation, 116 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 iputils-ping amd64 3:20210202-1 [49.8 kB]
Fetched 49.8 kB in 2s (22.7 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package iputils-ping.
(Reading database ... 12909 files and directories currently installed.)
Preparing to unpack .../iputils-ping_3%3a20210202-1_amd64.deb ...
Unpacking iputils-ping (3:20210202-1) ...
Setting up iputils-ping (3:20210202-1) ...
root@720684384ffd:/usr/local/tomcat# exit
exit
2、tomcat01与tomcat-net-01连通
[root@Jin /]# docker exec -it tomcat01 ping tomcat-net-01
ping: tomcat-net-01: Name or service not known
[root@Jin /]# docker network connect mynet tomcat01
[root@Jin /]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "d1b52d0177f853bd7bf0de4bd7c00b2f676ca1de44c597ac6b0efcfcf6bf97c7",
"Created": "2022-01-27T14:02:57.374120882+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"078333ccde89b3b219ed96a3badc4a382ccea184e14154d819b65993b52180e0": {
"Name": "tomcat-net-01",
"EndpointID": "84baf79779ec2469294c78d9e3ad67059679ae3acfb3586e6c383c2f693aa440",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"6a938d3efdb8313b08a421de6307f6ddd73662ba0a664644907f50b7fcc55458": {
"Name": "tomcat-net-02",
"EndpointID": "08a3a8d6f75d68f800a3190cdeb2fcbe14d8a3af9cbb13be051053a630c0f5ce",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"e36f2327af5dfefdd8de2371a6e099ed590742807ad0e34378913d8f98ee3f44": {
"Name": "tomcat01",
"EndpointID": "70ac4a4b51d3bb894dcad114fbdeb6fd9026edf81f8f9e6aa0d329950742957f",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
}
},
"Options": {
},
"Labels": {
}
}
]
[root@Jin /]# docker exec -it tomcat01 ping tomcat-net-01
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.129 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.128 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.110 ms
^C
--- tomcat-net-01 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.110/0.122/0.129/0.008 ms
[root@Jin /]# docker exec -it tomcat02 ping tomcat-net-01
ping: tomcat-net-01: Name or service not known
五、Redis集群部署
1、创建redis网卡
[root@Jin /]# docker network create redis --subnet 172.38.0.0/16
a41b6d6945f1af826d5d43f9f6c8e28dd3f2d75568b58f4a16657f2dab34c2e9
[root@Jin /]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7b8a815e7cd1 bridge bridge local
93b2b5e1ea8e host host local
d1b52d0177f8 mynet bridge local
8a26d6aee240 none null local
a41b6d6945f1 redis bridge local
[root@Jin /]# docker network inspect redis
[
{
"Name": "redis",
"Id": "a41b6d6945f1af826d5d43f9f6c8e28dd3f2d75568b58f4a16657f2dab34c2e9",
"Created": "2022-01-27T15:27:02.254214016+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "172.38.0.0/16"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
},
"Options": {
},
"Labels": {
}
}
]
2、使用脚本创建redis的配置文件(6个)
[root@Jin /]# for port in $(seq 1 6); \
> do \
> mkdir -p /mydata/redis/node-${port}/conf
> touch /mydata/redis/node-${port}/conf/redis.conf
> cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
> port 6379
> bind 0.0.0.0
> cluster-enabled yes
> cluster-config-file nodes.conf
> cluster-node-timeout 5000
> cluster-announce-ip 172.38.0.1${port}
> cluster-announce-port 6379
> cluster-announce-bus-port 16379
> appendonly yes
> EOF
> done
[root@Jin /]# cd /mydata
[root@Jin mydata]# ls
redis
[root@Jin mydata]# cd redis/
[root@Jin redis]# ls
node-1 node-2 node-3 node-4 node-5 node-6
[root@Jin redis]# cd node-1
[root@Jin node-1]# ls
conf
[root@Jin node-1]# cd conf/
[root@Jin conf]# ls
redis.conf
[root@Jin conf]# cat redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 172.38.0.11
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
3、创建节点
[root@Jin conf]# docker run -p 39001:6379 -p 16371:16379 --name redis-1 \
> -v /mydata/redis/node-1/data:/data \
> -v /mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf \
> -d --net redis --ip 172.38.0.11 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
Unable to find image 'redis:5.0.9-alpine3.11' locally
5.0.9-alpine3.11: Pulling from library/redis
cbdbe7a5bc2a: Pull complete
dc0373118a0d: Pull complete
cfd369fe6256: Pull complete
3e45770272d9: Pull complete
558de8ea3153: Pull complete
a2c652551612: Pull complete
Digest: sha256:83a3af36d5e57f2901b4783c313720e5fa3ecf0424ba86ad9775e06a9a5e35d0
Status: Downloaded newer image for redis:5.0.9-alpine3.11
3484d4fa55e9d4cc705be19a4d5aa4d207aefeb19869e22a444d4e216912a308
[root@Jin conf]# docker run -p 39002:6379 -p 16372:16379 --name redis-2 \
> -v /mydata/redis/node-2/data:/data \
> -v /mydata/redis/node-2/conf/redis.conf:/etc/redis/redis.conf \
> -d --net redis --ip 172.38.0.12 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
f5d2014b9b0a22ee45d5530ff61c85b1ab4365f0711361a0095034f59fde8c21
[root@Jin conf]# docker run -p 39003:6379 -p 16373:16379 --name redis-3 \
> -v /mydata/redis/node-3/data:/data \
> -v /mydata/redis/node-3/conf/redis.conf:/etc/redis/redis.conf \
> -d --net redis --ip 172.38.0.13 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
d3cf4125d4b840a2e9b8710d3a372a3cf524fc2b1c3a52c1d4aaec81d57e321d
[root@Jin conf]# docker run -p 39004:6379 -p 16374:16379 --name redis-4 \
> -v /mydata/redis/node-4/data:/data \
> -v /mydata/redis/node-4/conf/redis.conf:/etc/redis/redis.conf \
> -d --net redis --ip 172.38.0.14 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
8e8e397fba205b103939dfdcc98cb485db5e322b62299ff4623e26270bb7d988
[root@Jin conf]# docker run -p 39005:6379 -p 16375:16379 --name redis-5 \
> -v /mydata/redis/node-5/data:/data \
> -v /mydata/redis/node-5/conf/redis.conf:/etc/redis/redis.conf \
> -d --net redis --ip 172.38.0.15 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
f812e8cc4de1924881be2b895ceffbfc365745395049b0f28b9a0f2ecbc332aa
[root@Jin conf]# docker run -p 39006:6379 -p 16376:16379 --name redis-6 \
> -v /mydata/redis/node-6/data:/data \
> -v /mydata/redis/node-6/conf/redis.conf:/etc/redis/redis.conf \
> -d --net redis --ip 172.38.0.16 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
9aa3c35dbf9ac5e2bd50ba83240e4e72d85409eb45293a3f6fd7f2d714eeb2f4
[root@Jin conf]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9aa3c35dbf9a redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 37 seconds ago Up 37 seconds 0.0.0.0:39006->6379/tcp, :::39006->6379/tcp, 0.0.0.0:16376->16379/tcp, :::16376->16379/tcp redis-6
f812e8cc4de1 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 46 seconds ago Up 45 seconds 0.0.0.0:39005->6379/tcp, :::39005->6379/tcp, 0.0.0.0:16375->16379/tcp, :::16375->16379/tcp redis-5
8e8e397fba20 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 55 seconds ago Up 55 seconds 0.0.0.0:39004->6379/tcp, :::39004->6379/tcp, 0.0.0.0:16374->16379/tcp, :::16374->16379/tcp redis-4
d3cf4125d4b8 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" About a minute ago Up About a minute 0.0.0.0:39003->6379/tcp, :::39003->6379/tcp, 0.0.0.0:16373->16379/tcp, :::16373->16379/tcp redis-3
f5d2014b9b0a redis:5.0.9-alpine3.11 "docker-entrypoint.s…" About a minute ago Up About a minute 0.0.0.0:39002->6379/tcp, :::39002->6379/tcp, 0.0.0.0:16372->16379/tcp, :::16372->16379/tcp redis-2
3484d4fa55e9 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" About a minute ago Up About a minute 0.0.0.0:39001->6379/tcp, :::39001->6379/tcp, 0.0.0.0:16371->16379/tcp, :::16371->16379/tcp redis-1
4、创建集群
[root@Jin conf]# docker exec -it redis-1 /bin/bash
OCI runtime exec failed: exec failed: container_linux.go:380: starting container process caused: exec: "/bin/bash": stat /bin/bash: no such file or directory: unknown
[root@Jin conf]# docker exec -it redis-1 /bin/sh
/data # ls
appendonly.aof nodes.conf
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --clu
ster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.38.0.15:6379 to 172.38.0.11:6379
Adding replica 172.38.0.16:6379 to 172.38.0.12:6379
Adding replica 172.38.0.14:6379 to 172.38.0.13:6379
M: d6e289c5de173902c142229724a523fb6ba4336a 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
M: aa4def00f305f1054f328b6a0cf01c06aa2b73ed 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
M: 28329389f52f89cfc2e5db796db612f45fb6ce38 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 34805a52d4e78ad63dd93eeb83d8047cd303ef7c 172.38.0.14:6379
replicates 28329389f52f89cfc2e5db796db612f45fb6ce38
S: d21eceef07052113109502e45f38305e14f14cbb 172.38.0.15:6379
replicates d6e289c5de173902c142229724a523fb6ba4336a
S: c66895c8d97ac00105a8d5994f90c86eb1298293 172.38.0.16:6379
replicates aa4def00f305f1054f328b6a0cf01c06aa2b73ed
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
...
>>> Performing Cluster Check (using node 172.38.0.11:6379)
M: d6e289c5de173902c142229724a523fb6ba4336a 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 34805a52d4e78ad63dd93eeb83d8047cd303ef7c 172.38.0.14:6379
slots: (0 slots) slave
replicates 28329389f52f89cfc2e5db796db612f45fb6ce38
M: 28329389f52f89cfc2e5db796db612f45fb6ce38 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: c66895c8d97ac00105a8d5994f90c86eb1298293 172.38.0.16:6379
slots: (0 slots) slave
replicates aa4def00f305f1054f328b6a0cf01c06aa2b73ed
M: aa4def00f305f1054f328b6a0cf01c06aa2b73ed 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
S: d21eceef07052113109502e45f38305e14f14cbb 172.38.0.15:6379
slots: (0 slots) slave
replicates d6e289c5de173902c142229724a523fb6ba4336a
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
5、连接集群测试(实现高可用)
1、【端口1】连接集群
/data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:342
cluster_stats_messages_pong_sent:326
cluster_stats_messages_sent:668
cluster_stats_messages_ping_received:321
cluster_stats_messages_pong_received:342
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:668
127.0.0.1:6379> cluster nodes
34805a52d4e78ad63dd93eeb83d8047cd303ef7c 172.38.0.14:6379@16379 slave 28329389f52f89cfc2e5db796db612f45fb6ce38 0 1643269825109 4 connected
28329389f52f89cfc2e5db796db612f45fb6ce38 172.38.0.13:6379@16379 master - 0 1643269823604 3 connected 10923-16383
d6e289c5de173902c142229724a523fb6ba4336a 172.38.0.11:6379@16379 myself,master - 0 1643269822000 1 connected 0-5460
c66895c8d97ac00105a8d5994f90c86eb1298293 172.38.0.16:6379@16379 slave aa4def00f305f1054f328b6a0cf01c06aa2b73ed 0 1643269825000 6 connected
aa4def00f305f1054f328b6a0cf01c06aa2b73ed 172.38.0.12:6379@16379 master - 0 1643269824000 2 connected 5461-10922
d21eceef07052113109502e45f38305e14f14cbb 172.38.0.15:6379@16379 slave d6e289c5de173902c142229724a523fb6ba4336a 0 1643269823103 5 connected
127.0.0.1:6379> set a b
-> Redirected to slot [15495] located at 172.38.0.13:6379
OK
2、【端口2】stop存放键值对的redis
[root@Jin conf]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9aa3c35dbf9a redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 15 minutes ago Up 15 minutes 0.0.0.0:39006->6379/tcp, :::39006->6379/tcp, 0.0.0.0:16376->16379/tcp, :::16376->16379/tcp redis-6
f812e8cc4de1 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 15 minutes ago Up 15 minutes 0.0.0.0:39005->6379/tcp, :::39005->6379/tcp, 0.0.0.0:16375->16379/tcp, :::16375->16379/tcp redis-5
8e8e397fba20 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 15 minutes ago Up 15 minutes 0.0.0.0:39004->6379/tcp, :::39004->6379/tcp, 0.0.0.0:16374->16379/tcp, :::16374->16379/tcp redis-4
d3cf4125d4b8 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 15 minutes ago Up 15 minutes 0.0.0.0:39003->6379/tcp, :::39003->6379/tcp, 0.0.0.0:16373->16379/tcp, :::16373->16379/tcp redis-3
f5d2014b9b0a redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 15 minutes ago Up 15 minutes 0.0.0.0:39002->6379/tcp, :::39002->6379/tcp, 0.0.0.0:16372->16379/tcp, :::16372->16379/tcp redis-2
3484d4fa55e9 redis:5.0.9-alpine3.11 "docker-entrypoint.s…" 16 minutes ago Up 16 minutes 0.0.0.0:39001->6379/tcp, :::39001->6379/tcp, 0.0.0.0:16371->16379/tcp, :::16371->16379/tcp redis-1
[root@Jin conf]# docker stop redis-3
redis-3
3、【端口1】获取键值对
172.38.0.13:6379> get a
Error: Operation timed out
/data # redis-cli -c
127.0.0.1:6379> get a
-> Redirected to slot [15495] located at 172.38.0.14:6379
"b"
172.38.0.14:6379> cluster nodes
aa4def00f305f1054f328b6a0cf01c06aa2b73ed 172.38.0.12:6379@16379 master - 0 1643270181866 2 connected 5461-10922
d6e289c5de173902c142229724a523fb6ba4336a 172.38.0.11:6379@16379 master - 0 1643270182566 1 connected 0-5460
28329389f52f89cfc2e5db796db612f45fb6ce38 172.38.0.13:6379@16379 master,fail - 1643270050784 1643270050480 3 connected
d21eceef07052113109502e45f38305e14f14cbb 172.38.0.15:6379@16379 slave d6e289c5de173902c142229724a523fb6ba4336a 0 1643270181000 5 connected
34805a52d4e78ad63dd93eeb83d8047cd303ef7c 172.38.0.14:6379@16379 myself,master - 0 1643270181000 7 connected 10923-16383
c66895c8d97ac00105a8d5994f90c86eb1298293 172.38.0.16:6379@16379 slave aa4def00f305f1054f328b6a0cf01c06aa2b73ed 0 1643270182000 6 connected
【端口1】
【端口2】
十、Springboot打包Docker
一、创建一个Springboot项目
二、测试helloworld
1、编写一个controller层,编写测试类
2、网页测试
三、打包应用
1、打开maven,package打包
2、打包后在target生成一个jar包
3、文件目录下查找jar包
4、运行此jar包
四、编写dockerfile
1、下载docker插件
2、编写dockerfile
FROM java:8
COPY *.jar /app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java","-jar","/app.jar"]
五、构建镜像和发布运行
1、在/home目录下创建一个idea文件存放.jar包和Dockerfile文件
[root@Jin /]# ls
--add-repo boot etc install.sh lib64 media mydata patch root sbin sys usr www
bin dev home lib lost+found mnt opt proc run srv tmp var
[root@Jin /]# cd home
[root@Jin home]# ls
docker dockerfile docker-test-volume Jin JinTest mysql nginx redis www
[root@Jin home]# mkdir idea
[root@Jin home]# ls
docker dockerfile docker-test-volume idea Jin JinTest mysql nginx redis www
[root@Jin home]# cd idea
[root@Jin idea]#
2、将文件上传到/home/idea文件目录下
3、构建镜像和发布运行
[root@Jin /]# ls
--add-repo boot etc install.sh lib64 media mydata patch root sbin sys usr www
bin dev home lib lost+found mnt opt proc run srv tmp var
[root@Jin /]# cd home
[root@Jin home]# ls
docker dockerfile docker-test-volume Jin JinTest mysql nginx redis www
[root@Jin home]# mkdir idea
[root@Jin home]# ls
docker dockerfile docker-test-volume idea Jin JinTest mysql nginx redis www
[root@Jin home]# cd idea
[root@Jin idea]# ls
Dockerfile springboot-docker-0.0.1-SNAPSHOT.jar
[root@Jin idea]# docker build -t springboot-docker .
Sending build context to Docker daemon 17.56MB
Step 1/5 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:8
---> d23bdf5b1b1b
Step 2/5 : COPY *.jar /app.jar
---> cce222f24961
Step 3/5 : CMD ["--server.port=8080"]
---> Running in ba1b82554cd0
Removing intermediate container ba1b82554cd0
---> e8092a85b831
Step 4/5 : EXPOSE 8080
---> Running in cd49711e88b8
Removing intermediate container cd49711e88b8
---> 57a1fd7c8408
Step 5/5 : ENTRYPOINT ["java","-jar","/app.jar"]
---> Running in f82602540437
Removing intermediate container f82602540437
---> 2ba5c13e253a
Successfully built 2ba5c13e253a
Successfully tagged springboot-docker:latest
[root@Jin idea]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
springboot-docker latest 2ba5c13e253a 34 seconds ago 661MB
tomcat latest fb5657adc892 6 weeks ago 680MB
redis 5.0.9-alpine3.11 3661c84ee9d0 21 months ago 29.8MB
java 8 d23bdf5b1b1b 5 years ago 643MB
[root@Jin idea]# docker run -d -P --name jin-springboot-docker springboot-docker
5c6a6eacfb5e3dc93e1b773ce72ed1e1d26f65d5a16e0f9248c150c5ec22af25
[root@Jin idea]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5c6a6eacfb5e springboot-docker "java -jar /app.jar …" 5 seconds ago Up 4 seconds 0.0.0.0:49189->8080/tcp, :::49189->8080/tcp jin-springboot-docker
[root@Jin idea]# curl localhost:49189
{
"timestamp":"2022-02-07T02:49:22.815+00:00","status":404,"error":"Not Found","path":"/"}[root@Jin idea]# curl localhost:49189/hello
hello,Jin![root@Jin idea]#
十一、Docker Compose(单机)
一、官方文档
Compose是Docker官方的开源项目,需要安装。
=Dockerfile=让程序在任何地方运行。web服务,reids、mysql、nginx...多个容器。
# docker-compose.yml文件
version: "3.9" # optional since v1.27.0
services:
web:
build: .
ports:
- "5000:5000"
volumes:
- .:/code
- logvolume01:/var/log
links:
- redis
redis:
image: redis
volumes:
logvolume01: {
}
Compose重要概念
- 服务services:容器、应用。(web、redis、mysql…)
- 项目project:一组关联的容器。比如博客(web、mysql==》wq开源博客)
二、安装Docker Compose
==官方文档:==https://docs.docker.com/compose/
1、下载docker-compose
#官网下载
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
#建议下载
[root@Jin /]# curl -L "https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" > /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 423 100 423 0 0 149 0 0:00:02 0:00:02 --:--:-- 149
100 12.1M 100 12.1M 0 0 3554k 0 0:00:03 0:00:03 --:--:-- 40.0M
[root@Jin /]# cd /usr/local/bin
[root@Jin bin]# ll
total 13404
-rwxr-xr-x 1 root root 964 Sep 14 2020 chardetect
-rwxr-xr-x 1 root root 972 Sep 14 2020 cloud-id
-rwxr-xr-x 1 root root 976 Sep 14 2020 cloud-init
-rwxr-xr-x 1 root root 2108 Sep 14 2020 cloud-init-per
-rw-r--r-- 1 root root 12737304 Feb 7 14:08 docker-compose
-rwxr-xr-x 1 root root 980 Sep 14 2020 easy_install
-rwxr-xr-x 1 root root 234 Sep 14 2020 easy_install-3.6
-rwxr-xr-x 1 root root 988 Sep 14 2020 easy_install-3.8
-rwxr-xr-x 1 root root 1758 Jan 12 09:38 jemalloc-config
-rwxr-xr-x 1 root root 145 Jan 12 09:38 jemalloc.sh
-rwxr-xr-x 1 root root 179069 Jan 12 09:38 jeprof
-rwxr-xr-x 1 root root 1003 Sep 14 2020 jsondiff
-rwxr-xr-x 1 root root 3661 Sep 14 2020 jsonpatch
-rwxr-xr-x 1 root root 1837 Sep 14 2020 jsonpointer
-rwxr-xr-x 1 root root 973 Sep 14 2020 jsonschema
-rwxr-xr-x 1 root root 1461 Jan 12 09:36 libmcrypt-config
lrwxrwxrwx 1 root root 12 Jan 12 09:39 luajit -> luajit-2.0.4
-rwxr-xr-x 1 root root 449296 Jan 12 09:39 luajit-2.0.4
-rwxr-xr-x 1 root root 297392 Jan 12 09:36 mcrypt
lrwxrwxrwx 1 root root 6 Jan 12 09:36 mdecrypt -> mcrypt
[root@Jin bin]#
2、授权
[root@Jin bin]# sudo chmod +x /usr/local/bin/docker-compose
[root@Jin bin]# docker-compose version
docker-compose version 1.29.2, build 5becea4c
docker-py version: 5.0.0
CPython version: 3.7.10
OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019
[root@Jin bin]#
三、测试
==入门测试:==https://docs.docker.com/compose/gettingstarted/
1、应用 app.py
2、Dockerfile 应用打包为镜像
3、Docker-compose yaml文件(定义整个服务,需要的环境。web、redis)
4、启动compose项目(docker-compose up)
#流程:
1、创建网络
2、执行Docker-compose.yaml
3、启动compose项目Docker-compose yaml
1、【端口1】docker-compose up
1、创建 composetest 文件夹
mkdir composetest
cd composetest
2、# app.py文件
vim app.py
3、# requirements.txt文件
vim requirements.txt
4、# Dockerfile文件
vim Dockerfile
5、# docker-compose.yml文件
vim docker-compose.yml
6、#docker-compose up
2、【端口2】
[root@Jin home]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
76f6ebbebaca redis:alpine "docker-entrypoint.s…" About a minute ago Up About a minute 6379/tcp composetest_redis_1
4826c4330f1d composetest_web "flask run" About a minute ago Up About a minute 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp composetest_web_1
[root@Jin home]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
composetest_web latest 7cbefe1c4c2a 2 minutes ago 185MB
redis alpine 3900abf41552 2 months ago 32.4MB
python 3.7-alpine a1034fd13493 2 months ago 41.8MB
[root@Jin home]# curl localhost:5000
Hello World! I have been seen 1 times.
[root@Jin home]# curl localhost:5000
Hello World! I have been seen 2 times.
[root@Jin home]# curl localhost:5000
Hello World! I have been seen 3 times.
[root@Jin home]#
[root@Jin home]# docker service ls
Error response from daemon: This node is not a swarm manager. Use "docker swarm init" or "docker swarm join" to connect this node to swarm and try again.
[root@Jin home]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7b8a815e7cd1 bridge bridge local
eec5792226f8 composetest_default bridge local
93b2b5e1ea8e host host local
d1b52d0177f8 mynet bridge local
8a26d6aee240 none null local
a41b6d6945f1 redis bridge local
[root@Jin home]# docker network inspect composetest_default
[
{
"Name": "composetest_default",
"Id": "eec5792226f8d3a235543b432afa7aa5c0bf0b8e14e2acaef05c2b67ce28474a",
"Created": "2022-02-07T15:01:24.50033619+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"4826c4330f1d93bcff8e8aa28b56d62c108ba4a1c9351855b6b21cd326b7ec68": {
"Name": "composetest_web_1",
"EndpointID": "c915f22a8ed60282f49ac71124700fbd18909c65b066873dc8ec468a018eb152",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"76f6ebbebacaf094749388fd6d16b2fd5977d8cd53215f89e550a4c5314abedc": {
"Name": "composetest_redis_1",
"EndpointID": "53e587d6313a5e96d9b688b694f3884de70ccfbb7ab10a19c0073f2b9e9a267c",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
}
},
"Options": {
},
"Labels": {
"com.docker.compose.network": "default",
"com.docker.compose.project": "composetest",
"com.docker.compose.version": "1.29.2"
}
}
]
3、常用命令
#后台运行
docker-compose up -d
#停止运行
docker-compose down
四、yaml规则
==官方文档地址:==https://docs.docker.com/compose/compose-file/compose-file-v3/
# docker-compose.yaml核心(3层)
# 1、版本
version: ''
# 2、服务
services:
服务1:web
# 服务配置
images
build
network
......
服务2:redis
......
服务3:nginx
......
# 3、其他配置 网络/卷、全局规则
volumes:
networks:
configs:
五、部署WP博客
1、官方文档
==官方文档地址:==https://docs.docker.com/samples/wordpress/
2、创建my_wordpress文件夹
[root@Jin home]# mkdir my_wordpress
[root@Jin home]# cd my_wordpress/
3、编写docker-compose.yml文件
# docker-compose.yml文件
vim docker-compose.yml
4、启动docker-compose up
【端口1】
[root@Jin home]# mkdir my_wordpress
[root@Jin home]# cd my_wordpress/
[root@Jin my_wordpress]# vim docker-compose.yml
[root@Jin my_wordpress]# docker-compose up
【端口2】
[root@Jin my_wordpress]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
74e02b9cb3af wordpress:latest "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:8000->80/tcp, :::8000->80/tcp my_wordpress_wordpress_1
78cbc557c4c0 mysql:5.7 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 3306/tcp, 33060/tcp my_wordpress_db_1
[root@Jin my_wordpress]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
composetest_web latest 7cbefe1c4c2a 54 minutes ago 185MB
wordpress latest c3c92cc3dcb1 6 weeks ago 616MB
mysql 5.7 c20987f18b13 6 weeks ago 448MB
redis alpine 3900abf41552 2 months ago 32.4MB
python 3.7-alpine a1034fd13493 2 months ago 41.8MB
5、访问测试
用户名:rootd
密码:lm99IS)1Vs1p7L)8F%
六、实战计数器
1、创建springboot-docker-compose项目
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-3jW6wJ8J-1679563135258)(C:\Users\Admin\AppData\Roaming\Typora\typora-user-images\1644227341432.png)]
2、编写
HelloController
package com.jin.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class HelloController {
@Autowired
StringRedisTemplate stringRedisTemplate;
@RequestMapping(value = "/hello")
public String hello(){
Long views = stringRedisTemplate.opsForValue().increment("views");
return "hello,Jin's vuews"+views;
}
}
application.properties
server.port=8080
spring.redis.host=redis
Dockerfile
FROM java:8
COPY *.jar /app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java","-jar","/app.jar"]
docker-compose.yml
version: '3.9'
services:
jinapp:
build:
dockerfile: Dockerfile
image: jinapp
depends_on:
- redis
ports:
- "8080:8080"
redis:
image: "redis:alpine3.9"
3、打包到服务器运行
idea里打包生成.jar包
Xfttp上传到创建的jinapp目录下
Xshell【端口1】
[root@Jin docker-compose]# ls
composetest my_wordpress
[root@Jin docker-compose]# mkdir Jinapp
[root@Jin docker-compose]# ls
composetest Jinapp my_wordpress
[root@Jin docker-compose]# cd Jinapp
[root@Jin Jinapp]# ls
docker-compose.yml Dockerfile springboot-docker-compose-0.0.1-SNAPSHOT.jar
[root@Jin Jinapp]# docker-compose up
jinapp_redis_1 is up-to-date
Starting jinapp_jinapp_1 ... done
Attaching to jinapp_redis_1, jinapp_jinapp_1
redis_1 | 1:C 08 Feb 2022 02:01:13.220 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
redis_1 | 1:C 08 Feb 2022 02:01:13.220 # Redis version=5.0.5, bits=64, commit=00000000, modified=0, pid=1, just started
redis_1 | 1:C 08 Feb 2022 02:01:13.220 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
redis_1 | 1:M 08 Feb 2022 02:01:13.222 * Running mode=standalone, port=6379.
redis_1 | 1:M 08 Feb 2022 02:01:13.222 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
redis_1 | 1:M 08 Feb 2022 02:01:13.222 # Server initialized
redis_1 | 1:M 08 Feb 2022 02:01:13.222 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
redis_1 | 1:M 08 Feb 2022 02:01:13.222 * Ready to accept connections
jinapp_1 |
jinapp_1 | . ____ _ __ _ _
jinapp_1 | /\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
jinapp_1 | ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
jinapp_1 | \\/ ___)| |_)| | | | | || (_| | ) ) ) )
jinapp_1 | ' |____| .__|_| |_|_| |_\__, | / / / /
jinapp_1 | =========|_|==============|___/=/_/_/_/
jinapp_1 | :: Spring Boot :: (v2.6.3)
jinapp_1 |
jinapp_1 | 2022-02-08 02:11:20.449 INFO 1 --- [ main] c.j.SpringbootDockerComposeApplication : Starting SpringbootDockerComposeApplication v0.0.1-SNAPSHOT using Java 1.8.0_111 on 0b2d4befcf94 with PID 1 (/app.jar started by root in /)
jinapp_1 | 2022-02-08 02:11:20.458 INFO 1 --- [ main] c.j.SpringbootDockerComposeApplication : No active profile set, falling back to default profiles: default
jinapp_1 | 2022-02-08 02:11:22.484 INFO 1 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode!
jinapp_1 | 2022-02-08 02:11:22.487 INFO 1 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data Redis repositories in DEFAULT mode.
jinapp_1 | 2022-02-08 02:11:22.548 INFO 1 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 20 ms. Found 0 Redis repository interfaces.
jinapp_1 | 2022-02-08 02:11:24.253 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
jinapp_1 | 2022-02-08 02:11:24.303 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
jinapp_1 | 2022-02-08 02:11:24.303 INFO 1 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.56]
jinapp_1 | 2022-02-08 02:11:24.486 INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
jinapp_1 | 2022-02-08 02:11:24.486 INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 3848 ms
jinapp_1 | 2022-02-08 02:11:27.771 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
jinapp_1 | 2022-02-08 02:11:27.809 INFO 1 --- [ main] c.j.SpringbootDockerComposeApplication : Started SpringbootDockerComposeApplication in 8.674 seconds (JVM running for 10.504)
Xshell【端口2】
[root@Jin docker-compose]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b2d4befcf94 jinapp "java -jar /app.jar …" 14 minutes ago Up 4 minutes 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp jinapp_jinapp_1
11a4a04e70d2 redis:alpine3.9 "docker-entrypoint.s…" 14 minutes ago Up 14 minutes 6379/tcp jinapp_redis_1
[root@Jin docker-compose]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jinapp latest 8065a6505057 17 minutes ago 671MB
composetest_web latest 7cbefe1c4c2a 18 hours ago 185MB
wordpress latest c3c92cc3dcb1 6 weeks ago 616MB
mysql 5.7 c20987f18b13 6 weeks ago 448MB
redis alpine 3900abf41552 2 months ago 32.4MB
python 3.7-alpine a1034fd13493 2 months ago 41.8MB
redis alpine3.9 72e76053ebb7 2 years ago 50.9MB
java 8 d23bdf5b1b1b 5 years ago 643MB
[root@Jin docker-compose]# curl localhost:8080
{
"timestamp":"2022-02-08T02:16:25.605+00:00","status":404,"error":"Not Found","path":"/"}[root@Jin docker-compose]# curl localhost:8080/hello
[root@Jin docker-compose]#
十二、Docker Swarm(集群)
十三、Docker Stack
# 单机
docker-compose up -d wordpress.yaml
# 集群
docker stack deploy wordpress.yaml
[root@Jin /]# docker stack --help
Usage: docker stack [OPTIONS] COMMAND
Manage Docker stacks
Options:
--orchestrator string Orchestrator to use (swarm|kubernetes|all)
Commands:
deploy Deploy a new stack or update an existing stack
ls List stacks
ps List the tasks in the stack
rm Remove one or more stacks
services List the services in the stack
Run 'docker stack COMMAND --help' for more information on a command.
十四、Docker Secret
安全、配置密码、证书。
[root@Jin /]# docker secret --help
Usage: docker secret COMMAND
Manage Docker secrets
Commands:
create Create a secret from a file or STDIN as content
inspect Display detailed information on one or more secrets
ls List secrets
rm Remove one or more secrets
Run 'docker secret COMMAND --help' for more information on a command.
十五、DockerConfig
[root@Jin /]# docker config --help
Usage: docker config COMMAND
Manage Docker configs
Commands:
create Create a config from a file or STDIN
inspect Display detailed information on one or more configs
ls List configs
rm Remove one or more configs
Run 'docker config COMMAND --help' for more information on a command.
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-EDWWJl4x-1679563135261)(C:\Users\Admin\AppData\Roaming\Typora\typora-user-images\1644297133694.png)]
十六、其他
一、端口占用
# 查询端口被占用的id(Pid)
netstat -ntpl |grep id(Pid)
# 杀掉该id(Pid)
kill -9 id
# 若进程还是重启,查看其父进程
cat /proc/id(Pid)/status
# 先杀死父进程PPid
kill -9 PPid
# 再杀死子进程
kill -9 Pid
二、防火墙操作
1、firewalld的基本使用
# 1、启动:
systemctl start firewalld
# 2、关闭:
systemctl stop firewalld
# 3、查看状态:
systemctl status firewalld
# 4、开机禁用 :
systemctl disable firewalld
# 5、开机启用 :
systemctl enable firewalld
2、systemctl是CentOS的服务管理工具中主要的工具,它融合之前service和chkconfig的功能于一体
# 1、查看防火墙状态:
firewall-cmd --state
systemctl status firewalld.service
# 2、开启防火墙:
systemctl start firewalld.service
# 3、关闭防火墙:
systemctl stop firewalld.service
# 4、重启防火墙:
systemctl restart firewalld.service
# 5、设置开机自启:
systemctl enable firewalld.service
# 6、设置开机禁用:
systemctl disable firewalld.service
# 7、查看防火墙设置开机自启是否成功:
systemctl is-enabled firewalld.service
# 8、查看已启动的服务列表:
systemctl list-unit-files|grep enabled
# 9、查看启动失败的服务列表:
systemctl --failed
# 10、开端口命令:
打开单个端口:firewall-cmd --zone=public --add-port=80/tcp --permanent
打开多个端口:firewall-cmd --zone=public --add-port=20000-29999/tcp --permanent
--permanent 为永久生效,不加为单次有效(重启失效)
# 11、查看开启端口:
netstat -ntlp 或:firewall-cmd --list-ports
# 12、关闭端口命令:
firewall-cmd --zone=public --remove-port=80/tcp --permanent
# 13、查看端口是否打开
firewall-cmd --zone=public --query-port=80/tcp
# 14、启动监听
lsnrctl start
3、配置firewalld-cmd
# 1、查看版本:
firewall-cmd --version
# 2、查看帮助:
firewall-cmd --help
# 3、显示状态:
firewall-cmd --state
# 4、查看所有打开的端口:
firewall-cmd --zone=public --list-ports
# 5、更新防火墙规则:
firewall-cmd --reload
# 6、查看区域信息:
firewall-cmd --get-active-zones
# 7、查看指定接口所属区域:
firewall-cmd --get-zone-of-interface=eth0
# 8、拒绝所有包:
firewall-cmd --panic-on
# 9、取消拒绝状态:
firewall-cmd --panic-off
# 10、查看是否拒绝:
firewall-cmd --query-panic
4、 开启一个端口
# 1、添加
firewall-cmd --zone=public --add-port=80/tcp --permanent (--permanent永久生效,没有此参数重启后失效)
# 2、重新载入
firewall-cmd --reload
# 3、查看
firewall-cmd --zone= public --query-port=80/tcp
# 4、删除
firewall-cmd --zone= public --remove-port=80/tcp --permanent
# 5、调整默认策略(默认拒绝所有访问,改成允许所有访问):
firewall-cmd --permanent --zone=public --set-target=ACCEPT
firewall-cmd --reload