Networking Containers

2023-11-04 02:59
文章标签 containers networking

本文主要是介绍Networking Containers,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

Networking containers

If you are working your way through the user guide, you just built and ran asimple application. You’ve also built in your own images. This section teachesyou how to network your containers.

Name a container

You’ve already seen that each container you create has an automaticallycreated name; indeed you’ve become familiar with our old friendnostalgic_morse during this guide. You can also name containersyourself. This naming provides two useful functions:

  • You can name containers that do specific functions in a waythat makes it easier for you to remember them, for example naming acontainer containing a web application web.

  • Names provide Docker with a reference point that allows it to refer to othercontainers. There are several commands that support this and you’ll use one in a exercise later.

You name your container by using the --name flag, for example launch a new container called web:

$ docker run -d -P --name web training/webapp python app.py

Use the docker ps command to see check the name:

$ docker ps -l
CONTAINER ID  IMAGE                  COMMAND        CREATED       STATUS       PORTS                    NAMES
aed84ee21bde  training/webapp:latest python app.py  12 hours ago  Up 2 seconds 0.0.0.0:49154->5000/tcp  web

You can also use docker inspect with the container’s name.

$ docker inspect web
[
{"Id": "3ce51710b34f5d6da95e0a340d32aa2e6cf64857fb8cdb2a6c38f7c56f448143","Created": "2015-10-25T22:44:17.854367116Z","Path": "python","Args": ["app.py"],"State": {"Status": "running","Running": true,"Paused": false,"Restarting": false,"OOMKilled": false,...

Container names must be unique. That means you can only call one containerweb. If you want to re-use a container name you must delete the old container(with docker rm) before you can reuse the name with a new container. Go ahead and stop and them remove your web container.

$ docker stop web
web
$ docker rm web
web

Launch a container on the default network

Docker includes support for networking containers through the use of networkdrivers. By default, Docker provides two network drivers for you, thebridge and the overlay driver. You can also write a network driver plugin sothat you can create your own drivers but that is an advanced task.

Every installation of the Docker Engine automatically includes three default networks. You can list them:

$ docker network ls
NETWORK ID          NAME                DRIVER
18a2866682b8        none                null                
c288470c46f6        host                host                
7b369448dccb        bridge              bridge  

The network named bridge is a special network. Unless you tell it otherwise, Docker always launches your containers in this network. Try this now:

$ docker run -itd --name=networktest ubuntu
74695c9cea6d9810718fddadc01a727a5dd3ce6a69d09752239736c030599741

Inspecting the network is an easy way to find out the container’s IP address.

[{"Name": "bridge","Id": "f7ab26d71dbd6f557852c7156ae0574bbf62c42f539b50c8ebde0f728a253b6f","Scope": "local","Driver": "bridge","IPAM": {"Driver": "default","Config": [{"Subnet": "172.17.0.1/16","Gateway": "172.17.0.1"}]},"Containers": {"3386a527aa08b37ea9232cbcace2d2458d49f44bb05a6b775fba7ddd40d8f92c": {"EndpointID": "647c12443e91faf0fd508b6edfe59c30b642abb60dfab890b4bdccee38750bc1","MacAddress": "02:42:ac:11:00:02","IPv4Address": "172.17.0.2/16","IPv6Address": ""},"94447ca479852d29aeddca75c28f7104df3c3196d7b6d83061879e339946805c": {"EndpointID": "b047d090f446ac49747d3c37d63e4307be745876db7f0ceef7b311cbba615f48","MacAddress": "02:42:ac:11:00:03","IPv4Address": "172.17.0.3/16","IPv6Address": ""}},"Options": {"com.docker.network.bridge.default_bridge": "true","com.docker.network.bridge.enable_icc": "true","com.docker.network.bridge.enable_ip_masquerade": "true","com.docker.network.bridge.host_binding_ipv4": "0.0.0.0","com.docker.network.bridge.name": "docker0","com.docker.network.driver.mtu": "9001"}}
]

You can remove a container from a network by disconnecting the container. To do this, you supply both the network name and the container name. You can also use the container id. In this example, though, the name is faster.

$ docker network disconnect bridge networktest

While you can disconnect a container from a network, you cannot remove the builtin bridge network named bridge. Networks are natural ways to isolate containers from other containers or other networks. So, as you get more experienced with Docker, you’ll want to create your own networks.

Create your own bridge network

Docker Engine natively supports both bridge networks and overlay networks. A bridge network is limited to a single host running Docker Engine. An overlay network can include multiple hosts and is a more advanced topic. For this example, you’ll create a bridge network:

$ docker network create -d bridge my-bridge-network

The -d flag tells Docker to use the bridge driver for the new network. You could have left this flag off as bridge is the default value for this flag. Go ahead and list the networks on your machine:

$ docker network ls
NETWORK ID          NAME                DRIVER
7b369448dccb        bridge              bridge              
615d565d498c        my-bridge-network   bridge              
18a2866682b8        none                null                
c288470c46f6        host                host

If you inspect the network, you’ll find that it has nothing in it.

$ docker network inspect my-bridge-network
[{"Name": "my-bridge-network","Id": "5a8afc6364bccb199540e133e63adb76a557906dd9ff82b94183fc48c40857ac","Scope": "local","Driver": "bridge","IPAM": {"Driver": "default","Config": [{}]},"Containers": {},"Options": {}}
]

Add containers to a network

To build web applications that act in concert but do so securely, create anetwork. Networks, by definition, provide complete isolation for containers. Youcan add containers to a network when you first run a container.

Launch a container running a PostgreSQL database and pass it the --net=my-bridge-network flag to connect it to your new network:

$ docker run -d --net=my-bridge-network --name db training/postgres

If you inspect your my-bridge-network you’ll see it has a container attached.You can also inspect your container to see where it is connected:

$ docker inspect --format='{{json .NetworkSettings.Networks}}'  db
{"bridge":{"EndpointID":"508b170d56b2ac9e4ef86694b0a76a22dd3df1983404f7321da5649645bf7043","Gateway":"172.17.0.1","IPAddress":"172.17.0.3","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}

Now, go ahead and start your by now familiar web application. This time leave off the -P flag and also don’t specify a network.

$ docker run -d --name web training/webapp python app.py

Which network is your web application running under? Inspect the application and you’ll find it is running in the default bridge network.

$ docker inspect --format='{{json .NetworkSettings.Networks}}'  web
{"bridge":{"EndpointID":"508b170d56b2ac9e4ef86694b0a76a22dd3df1983404f7321da5649645bf7043","Gateway":"172.17.0.1","IPAddress":"172.17.0.3","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}

Then, get the IP address of your web

$ docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' web
172.17.0.2

Now, open a shell to your running db container:

$ docker exec -it db bash
root@a205f0dd33b2:/# ping 172.17.0.2
ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
^C
--- 172.17.0.2 ping statistics ---
44 packets transmitted, 0 received, 100% packet loss, time 43185ms

After a bit, use CTRL-C to end the ping and you’ll find the ping failed. That is because the two container are running on different networks. You can fix that. Then, use CTRL-C to exit the container.

Docker networking allows you to attach a container to as many networks as you like. You can also attach an already running container. Go ahead and attach your running web app to the my-bridge-network.

$ docker network connect my-bridge-network web

Open a shell into the db application again and try the ping command. This time just use the container name web rather than the IP Address.

$ docker exec -it db bash
root@a205f0dd33b2:/# ping web
PING web (172.19.0.3) 56(84) bytes of data.
64 bytes from web (172.19.0.3): icmp_seq=1 ttl=64 time=0.095 ms
64 bytes from web (172.19.0.3): icmp_seq=2 ttl=64 time=0.060 ms
64 bytes from web (172.19.0.3): icmp_seq=3 ttl=64 time=0.066 ms
^C
--- web ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.060/0.073/0.095/0.018 ms

The ping shows it is contacting a different IP address, the address on the my-bridge-network which is different from its address on the bridge network.

Next steps

Now that you know how to network containers, see how to manage data in containers.

On this page:
  • Networking containers
    • Name a container
    • Launch a container on the default network
    • Create your own bridge network
    • Add containers to a network
    • Next steps

这篇关于Networking Containers的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!



http://www.chinasem.cn/article/342750

相关文章

poj 1287 Networking(prim or kruscal最小生成树)

题意给你点与点间距离,求最小生成树。 注意点是,两点之间可能有不同的路,输入的时候选择最小的,和之前有道最短路WA的题目类似。 prim代码: #include<stdio.h>const int MaxN = 51;const int INF = 0x3f3f3f3f;int g[MaxN][MaxN];int P;int prim(){bool vis[MaxN];

【PyTorch】使用容器(Containers)进行网络层管理(Module)

文章目录 前言一、Sequential二、ModuleList三、ModuleDict四、ParameterList & ParameterDict总结 前言 当深度学习模型逐渐变得复杂,在编写代码时便会遇到诸多麻烦,此时便需要Containers的帮助。Containers的作用是将一部分网络层模块化,从而更方便地管理和调用。本文介绍PyTorch库常用的nn.Sequen

《Cloud Native Data Center Networking》(云原生数据中心网络设计)读书笔记 -- 10数据中心中的BGP

本章解答以下问题: ASN,团体(community),属性(attribute),最佳路径这些BGP术语是什么疑似?在数据中心中应该使用eBGP还是iBGP?在数据中心使用BGP时,应采用什么ASN编号方案?在数据中心使用BGP时,应如何修改BGP的计时器? BGP 基本概念 BGP协议概述 BGP 是一种路径矢量路由协议。“矢量”是一个数组或列表。因此,路径矢量路由协议是一种构建并分发

《Cloud Native Data Center Networking》(云原生数据中心网络设计)读书笔记 -- 09部署OSPF

本章的目的是帮助网络工程师确定网络的理想 OSPF 配置。本章将回答以下问题 应何时在数据中使用OSPF ?配置 OSPF 的关键设计原则是什么?OSPFv2 和 OSPFv3 之间有什么区别,应如何使用?如何在路由协议栈中配置 OSPF ?如何在服务器上配置 OSPF,例如为容器提供路由环境?如何使用 OSPF 来协助升级路由器软件? OSPF是最流行的IGP 目前针对IPv4协议使用

Illustrated Guide to Monitoring and Tuning the Linux Networking Stack: Receiving Data

太长不读(TL; DR) 这篇文章用一系列图表扩展了以前的博客文章Monitoring and Tuning the Linux Networking Stack: Receiving Data,旨在帮助读者形成一个更清晰的视野来了解Linux网络协议栈是如何工作的 在监控或调优 Linux 网络协议栈试没有捷径可走。如果你希望调整或优化每个组件及其相互作用,你就必须努力充分了解它们。也就是说

《Cloud Native Data Center Networking》(云原生数据中心网络设计)读书笔记 -- 08网络自动化

云原生数据中心和老一代数据中心不同之处在于其核心概念是聚焦于高效运营。网络自动化就是达到此目标的关键因素。 要达到此目的,本章要解决诸如下述的一些问题: 什么是网络自动化以及为什么我们在乎它?为了学习网络自动化,我需要学习编程吗?网络自动化为什么很难?如何逐步探索自动化的好处?哪些网络自动化工具适合我?如何确保自动化程序能正常工作? 什么是网络自动化? 在网络管理语境下,自动化指的是允

POJ 1287 Networking

Kruskal建图更加方便,不管三七二十一全部扔进去排序,然后并查集会自动帮助我们去重的。建图之后裸最小生成树 /************************************************ Author: fisty* Created Time: 2015/2/28 13:03:03* File Name : B.cpp*******************

《Cloud Native Data Center Networking》(云原生数据中心网络设计)读书笔记 -- 06容器网络

本章将回答以下问题 Linux上可用的容器网络组件有哪此?各种选择的限制和性能特征是什么? 命令空间 命名空间是一个 Linux 内核虚拟化组件。该组件类似 Linux 内核提供的网络和服务器虚拟化的组件。命名空间对内核管理的特定的资源进行虚拟化,允许一个虚拟资源有多个隔离实例。一个进程与该资源的一个虚拟实例相关联。多个进程可以属于该资源的一个共有的虚拟实例。从进程的角度看,进程似乎完全

《计算机英语》 Unit 5 Networking 网络

Section A Networking 网络 The need to share information and resources among different computers has led to linked computer systems, called networks, in which computers are connected so that data c

k8s学习(二十六) K8s 解决/var/lib/docker/containers下日志多的问题

问题: K8s部署的服务会不断生成日志,最终导致/var/lib/docker/containers下生成很多日志,导致磁盘存满 解决: 1、自己清理 编写cleanlog.sh #!/bin/sh# drift echo "========= start clean /var/lib/docker/containers/ logs ============"logs=$(find /va