docker0 가 브릿지
root@template:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
4e58507f187f bridge bridge local
b036b136d435 host host local
9281c2aadc78 none null local
none : 네트워크 연결 안함
rmac -> docker ps -a
--network host : 네트워크 타입 지정.
host타입은 물리적 컴퓨터의 네트웍을 그대로 사용하겠다.
별도의 네임스페이스를 만들지 않겠다.
host 타입은 프롬프트 변화가 거의 없다.
root@template:~# docker run -it --name net2 --network host centos
[root@template /]#
[root@template /]# hostname
template
[root@template /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:43:a3:1d brd ff:ff:ff:ff:ff:ff
inet 192.168.11.10/24 brd 192.168.11.255 scope global ens32
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe43:a31d/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:14:4c:81:2b brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:14ff:fe4c:812b/64 scope link
valid_lft forever preferred_lft forever
[root@template /]#
속도가 중요하고, 설정이 중요할때...사용
none타입은 NIC가 없다.
root@template:~#
root@template:~# docker run -it --name net3 --network none centos
[root@620729e1917b /]# hostname
620729e1917b
[root@620729e1917b /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
[root@620729e1917b /]#
사용자 정의 네트워크 만들기
컨테이너별로 별도의 네트워크를 만들때..
root@template:~# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
root@template:~# docker network create webdb
a88ad25606a744af2e70bca85732e3aace2a49f33d24165a8785ab81ff96aee7
root@template:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
4e58507f187f bridge bridge local
b036b136d435 host host local
9281c2aadc78 none null local
a88ad25606a7 webdb bridge local
root@template:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:43:a3:1d brd ff:ff:ff:ff:ff:ff
inet 192.168.11.10/24 brd 192.168.11.255 scope global ens32
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe43:a31d/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:14:4c:81:2b brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:14ff:fe4c:812b/64 scope link
valid_lft forever preferred_lft forever
8: br-a88ad25606a7: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:b3:ab:58:53 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-a88ad25606a7
valid_lft forever preferred_lft forever
root@template:~#root@template:~# brctl show
bridge name bridge id STP enabled interfaces
br-a88ad25606a7 8000.0242b3ab5853 no
docker0 8000.0242144c812b no
root@template:~#
root@template:~#
root@template:~# docker inspect webdb
[
{
"Name": "webdb",
"Id": "a88ad25606a744af2e70bca85732e3aace2a49f33d24165a8785ab81ff96aee7",
"Created": "2022-07-30T02:34:06.045269808Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
root@template:~#
root@template:~# docker run -it --name www3 --network webdb centos
[root@d2aaed8068e0 /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@d2aaed8068e0 /]#
별도 네트워크 활용하기
root@template:~#
root@template:~# docker run -it --name www3 --network webdb centos
[root@d2aaed8068e0 /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@d2aaed8068e0 /]#
Ctrl + p, Ctrl + q
root@template:~# iptables -nL -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.18.0.0/16 0.0.0.0/0
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
root@template:~#
'Infra > Docker_K8S' 카테고리의 다른 글
docker login (0) | 2022.07.30 |
---|---|
Docker 테스트 1 (0) | 2022.07.30 |
HP교육센터-도커 네트워크 개념 이해 (0) | 2022.07.30 |
nginx tomcat 연동하기 (0) | 2022.04.01 |
Docker 설치하기 (0) | 2021.12.07 |
댓글