Docker manual configuration container network example details
- 2020-05-24 06:33:46
- OfStack
Docker manually configures the container network
docker vessel network is the combination of net namespace and virtual equipment, container when start to create 1 for virtual interface veth pair, this one docking port on the local and container respectively, in the name of the local veth will be assigned a similar vethxxxx received a designated bridge and bridge on (the default is docker0), can be achieved by brctl show command to see bridge mounted on the interface, in the container veth will obtain an unused address from the bridge, The name of veth is changed to eth0 and the default route is configured to vethxxxx. docker allows different network types to be specified by the --net parameter when the container is started.
--net=bridge: the default value from which the bridge connects to the default bridge.
--net=host: the container network is not placed in the isolated namespace. At this point, docker will not containerize the network inside the container, so that the container is created using the local network and has full access to the localhost interface.
--net=contianer:name_or_id: network stack that USES an existing container to share network resources such as the ip address and port of the existing container.
--net=none: to place the new container in an isolated network stack without network configuration, we need to specify this item to configure the network for the container.
My environment: operating system --centos7, Docker version --1.7, base mirror -- centos-6-x86_64.tar.gz
1. Start the container
[black@test ~]$ docker run -it --rm --name=mynetwork --net=none centos:latest /bin/bash
Looking at the network Settings in the container, you can see that only the local loopback interface lo is present
[root@99abaecd79ab /]# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
2. Create the net namespace for the container
[black@test ~]$ PID=$(docker inspect -f '{{.State.Pid}}' mynetwork)
[black@test ~]$ sudo mkdir -p /var/run/netns
[black@test ~]$ sudo ln -s /proc/$PID/ns/net /var/run/netns/$PID
3. Create 1 pair of veth interfaces A and B and bind A to the custom bridge br0
[black@test ~]$ sudo ip link add A type veth peer name B
[black@test ~]$ sudo brctl addif br0 A
[black@test ~]$ sudo ip link set A up
4. Put B into the container, name it eth0, and start and configure ip with the default gateway
[black@test ~]$ sudo ip link set B netns $PID
[black@test ~]$ sudo ip netns exec $PID ip link set dev B name eth0
[black@test ~]$ sudo ip netns exec $PID ip link set eth0 up
[black@test ~]$ sudo ip netns exec $PID ip addr add 10.10.10.25/24 dev eth0 //ip with br0 In the same 1 In the network segment
[black@test ~]$ sudo ip netns exec $PID ip route add default via 10.10.10.10.1
View the container's network Settings in the container as follows
[root@affbcb8747eb /]# ifconfig
eth0 Link encap:Ethernet Wadded D2:27:3D:9F:E8:AA
inet addr:10.10.10.25 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::d027:3dff:fe9f:e8aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:648 (648.0 b) TX bytes:648 (648.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Thank you for reading, I hope to help you, thank you for your support of this site,