docker默认有以下几个虚拟网络
docker network ls
NETWORK ID NAME DRIVER SCOPE
cb791e055eb0 bridge bridge local
0a482ea44ff9 host host local
fe968a1db3f8 none null local
可以看到运行一个容器时,是可以指定网络的,而默认的网络就是bridge
docker run --help|grep net
--network network Connect a container to a network
查看bridge的信息,可看到它的子网信息
docker inspect bridge
[
{
"Name": "bridge",
"Id": "cb791e055eb0a9490abfdbefdd9f219306be970ccbb931f043294756cf498fca",
"Created": "2020-04-10T20:38:58.305563598+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
网络参数
网络映射
与另一个容器共享网络
这时候,名称空间(文件系统)是隔离的,但网络是共享的。A上面监听了80端口,B上面就无法再监听
host网络
这样起一个nginx,就是共享宿主机的名称空间,直接使用宿主机的ip和端口
docker run -d --name web5 --network host nginx:stable
bridge的子网段,可以自定义,
daemon.json里添加bip参数,指定桥自身的ip。
默认的dns是桥地址,也可以改成自定义的
使用tcp端口,可以在其他主机上连接本机docker服务端
创建网络
[root@docker1 ~]# docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which copying the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
docker network create --subnet "10.0.1.0/24" --gateway "10.0.1.1" bridge1