Details of the working principle of Docker network
- 2020-05-27 07:39:54
How the Docker network works
When Docker server namely docker daemon starts, automatically creates a name is docker0 bridge, whenever docker create a Container, one would have created on the host name is veth * ethernet port, and to bring the eth * to join docker0 bridge, automatically creates a name is in the container eth0 ethernet port, the eth0 and veth * can form a similar pipes for, 11.
How docker allocates the hostname and DNS configurations for each container can be seen from the mount command in contain:
mount ... /dev/disk/by-uuid/5f3d0920-98a8-434a-9c02-8163dccf6c62 on /etc/resolv.conf type ext4 (rw,relatime,errors=remount-ro,data=ordered) /dev/disk/by-uuid/5f3d0920-98a8-434a-9c02-8163dccf6c62 on /etc/hostname type ext4 (rw,relatime,errors=remount-ro,data=ordered) /dev/disk/by-uuid/5f3d0920-98a8-434a-9c02-8163dccf6c62 on /etc/hosts type ext4 (rw,relatime,errors=remount-ro,data=ordered) ...
docker run -h can be configured to container hostname by -h HOSTNAME or --hostname=HOSTNAME. docker writes HOSTNAME to /etc/hostname
xiaogang@Ubuntu:~/shadowsocks$ sudo docker run -t -i --hostname ubuu --rm ubuntu:14.04 /bin/bash
root@ubuu:/# cat /etc/hostname
--link=CONNTAINER_NAMEorID:ALIAS, this option will add an ALIAS in /etc/hosts, pointing to CONTAINER_NAMEorID, without knowing the specific IP address, you can directly use ALIAS instead.
--dns=IP_ADDRESS, and one IP_ADDRESS is added to the server tag of /etc/ resolv.conf
-- dns-search =DOMAIN, one DOMAIN will be added to the search tag of /etc/ resolv.conf. If one example.com is added to the search tag, host.example.com will also be searched when container needs to find one host IP.
container /etc/ resolv.conf is copied from the host /etc/ resolv.conf, only to filter out the host local nameserver. If there is no nameserver after filtering,docker will add google public nameserver, 126.96.36.199 and 188.8.131.52 to namerserver. container will be notified when the host's resolv.conf is modified
Communication between container and between container and the outside
1. System parameters of ip_forward must be set to 1
$ sysctl net.ipv4.conf.all.forwarding net.ipv4.conf.all.forwarding = 0 $ sysctl net.ipv4.conf.all.forwarding=1 $ sysctl net.ipv4.conf.all.forwarding net.ipv4.conf.all.forwarding = 1
2. iptables needs to be set to allow communication between them
Thank you for reading, I hope to help you, thank you for your support of this site!