從零開始學習docker(五)網路的另外兩種型別host,none
阿新 • • 發佈:2019-06-30
前面我們已經介紹了bridge network,比較複雜。這一節介紹host和none這兩種簡單的network。
none Network
首先介紹none型別的Network。首先看一下我們的網路:
duandingyang@duandingyangdeMacBook-Pro ~/docker/ubuntu-16.04 docker network ls NETWORK ID NAME DRIVER SCOPE 6862ec731e70 bridge bridge local 27b794790b92 host host local c0ccd5a52bf1 none null local
建立一個none型別的容器:
docker run -it --name test1 --network none vincent/ubuntu-base /bin/bash
檢視none網路的詳細資訊:
docker network inspect none [ { "Name": "none", "Id": "c0ccd5a52bf1a09e45ca879e9a2dd32d6987b7d43bd01e0924af501510af4c26", "Created": "2019-06-29T08:14:06.043680652Z", "Scope": "local", "Driver": "null", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "9a7ce6d97102fb8d820d4a649a4d5844e6490e64416267da2dc255ebd4c7688c": { "Name": "test1", "EndpointID": "8914a0bd63984e018cc4ce9f629e964941030a63277df13fc78175954bededfc", "MacAddress": "", "IPv4Address": "", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
可以看到test1容器的ip為空。
進入到容器中檢視ifconfig:
root@9a7ce6d97102:/usr# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
我們發現只有一個lo網絡卡。沒有其他的網絡卡。意味著test1容器所在的namespace是一個孤立的Network namespace。除了使用docker exec -it test1 /bin/bash這種方式訪問容器外,沒有任何方式可以訪問容器了。
那麼這種容器存在的意義是什麼呢?
當安全性要求比較高的時候,儲存密碼等工具可以用這種方式實現。
host Network
將上面的test1容器停止,並刪除容器。
建立host Network容器:
docker run -it --name test1 --network host vincent/ubuntu-base /bin/bash
檢視host網路資訊:
docker network inspect host
[
{
"Name": "host",
"Id": "27b794790b9286a90285386b1ddd4d1703668e1b57b9e0dd47261c86de52452b",
"Created": "2019-06-29T08:14:06.08051536Z",
"Scope": "local",
"Driver": "host",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": []
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"c56f09a40a89293affb4120ac698c1add5796d871683c1ded162b44bd2f5a7ba": {
"Name": "test1",
"EndpointID": "969c508af1d2448c4b1028f80ee0b4aca2fa7856a2c3c92f4def251781bf6488",
"MacAddress": "",
"IPv4Address": "",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
可以看到test1同樣沒有ip地址和mac地址。
進入到容器中檢視ifconfig:
root@linuxkit-025000000001:/usr# ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:27:c4:e8:bd
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:27ff:fec4:e8bd/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:108020 errors:0 dropped:0 overruns:0 frame:0
TX packets:260692 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4347447 (4.3 MB) TX bytes:381499475 (381.4 MB)
eth0 Link encap:Ethernet HWaddr 02:50:00:00:00:01
inet addr:192.168.65.3 Bcast:192.168.65.255 Mask:255.255.255.0
inet6 addr: fe80::50:ff:fe00:1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:261768 errors:0 dropped:0 overruns:0 frame:0
TX packets:109131 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:381626776 (381.6 MB) TX bytes:5951813 (5.9 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:140 (140.0 B) TX bytes:140 (140.0 B)
發現他的網絡卡與我們的宿主機上是很相似的。
通過host方式建立的容器,沒有獨立的Network namespace,跟我們的主機的Network namespace共享。
使用這種方式會出現ip衝突和埠