How to realize the Network configuration of Point-to-Point Container with docker 04/04 Update SLTechnology News&Howtos

How to realize the Network configuration of Point-to-Point Container with docker

2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

This article is about how docker implements the network configuration of point-to-point containers. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

First, build a network between containers

1. View the current network environment

[root@liuxin-test01] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00 scope host valid_lft forever preferred_lft forever2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ca:41:84 brd ff:ff : ff:ff:ff:ff inet 192.168.8.192/24 brd 192.168.8.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:feca:4184/64 scope link valid_lft forever preferred_lft forever3: eth2: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:0c:29:ca:41:8e brd ff:ff:ff:ff:ff:ff4: docker0: mtu 1500 qdisc noqueue state DOWN link/ether 02:42:a3:f4 : 2f:40 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:a3ff:fef4:2f40/64 scope link valid_lft forever preferred_lft forever

two。 Create two containers without a network

-- explain the parameters of rm:

When the Docker container exits, the file system inside the default container is still retained to facilitate debugging and retain user data.

However, for the foreground container, because it only runs for a short time during development and debugging, there is no need to retain its user data, so you can set the-rm option when the container is started, so that the file system inside the container can be automatically cleaned when the container exits.

-- net=none without network environment

-- the default parameter of net=bridge, which sets the network of the container through docker0. You can also specify the default bridge through the-b parameter of the DOCKER_OPTS option

-- net=host shared host network environment. This setting is not recommended.

-- net=container two containers share network resources such as IP address and port number

The following two containers are created in two terminals

[root@liuxin-test01 ~] # docker run-- rm-it-- net=none-- name='centos01' centos:7.4.1708 [root@f64cdc7ffff1 /] # [root@liuxin-test01 ~] # docker run-rm-it-net=none-name='centos02' centos:7.4.1708 [root@cd4df383b68e /] #

3. View the process ID of these two containers

[root@liuxin-test01 ~] # docker inspect-f'{{.State.Pid}} 'f6421682 [root@liuxin-test01 ~] # docker inspect-f' {{.State.Pid}} 'cd421832

4. Create a virtual cyberspace for these two containers

[root@liuxin-test01] # mkdir-p / var/run/netns [root@liuxin-test01 ~] # ln-s / proc/21682/ns/net / var/run/netns/21682 [root@liuxin-test01 ~] # ln-s / proc/21832/ns/net / var/run/netns/21832 [root@liuxin-test01 ~] #

5. Create a pair of veth, named An and B at both ends

Veth is a virtual Ethernet device, similar to a network card device. This is the introduction of linux container technology, which requires it to appear in pairs.

[root@liuxin-test01 ~] # ip link add A type veth peer name B [root@liuxin-test01 ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00 scope host valid_lft forever preferred_lft forever2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 Link/ether 00:0c:29:ca:41:84 brd ff:ff:ff:ff:ff:ff inet 192.168.8.192/24 brd 192.168.8.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:feca:4184/64 scope link valid_lft forever preferred_lft forever3: eth2: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:0c:29:ca:41:8e brd ff:ff:ff:ff:ff:ff4: docker0 : mtu 1500 qdisc noqueue state DOWN link/ether 02:42:a3:f4:2f:40 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1 ax 16 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:a3ff:fef4:2f40/64 scope link valid_lft forever preferred_lft forever157: Bagua: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether de:f7:3b:24:a5:0e brd ff:ff:ff:ff:ff:ff158 : mtu B: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 9a:65:96:de:04:90 brd ff:ff:ff:ff:ff:ff

6. Put both ends in two containers.

We can see that after adding to the container, we can no longer see these two devices when we execute ip an again.

[root@liuxin-test01 ~] # ip link set A netns 21682 [root@liuxin-test01 ~] # ip link set B netns 21832 [root@liuxin-test01 ~] # ip A1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 0000 scope host valid_lft forever preferred_lft forever2: eth0 : mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ca:41:84 brd ff:ff:ff:ff:ff:ff inet 192.168.8.192/24 brd 192.168.8.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:feca:4184/64 scope link valid_lft forever preferred_lft forever3: eth2: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:0c:29:ca:41:8e brd ff : ff:ff:ff:ff:ff4: docker0: mtu 1500 qdisc noqueue state DOWN link/ether 02:42:a3:f4:2f:40 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:a3ff:fef4:2f40/64 scope link valid_lft forever preferred_lft forever

7. Set the ip of two container network spaces

[root@liuxin-test01 ~] # ip netns exec 21682 ip addr add 192.168.99.1 ip addr add 32 dev A [root@liuxin-test01] # ip netns exec 21832 ip addr add 192.168.99.2 dev B

8. Start the network of two containers

[root@liuxin-test01 ~] # ip netns exec 21682 ip link set A up [root@liuxin-test01 ~] # ip netns exec 21832 ip link set B up

9. Set gateways for these two containers

[root@liuxin-test01 ~] # ip netns exec 21682 ip route add 192.168.99.2 dev A [root@liuxin-test01] # ip netns exec 21832 ip route add 192.168.99.1 dev B

10. test

[root@f64cdc7ffff1 /] # ping 192.168.99.2PING 192.168.99.2 (192.168.99.2) 56 (84) bytes of data.64 bytes from 192.168.99.2: icmp_seq=1 ttl=64 time=0.095 ms [root@cd4df383b68e /] # ping 192.168.99.1PING 192.168.99.1 (192.168.99.1) 56 (84) bytes of data.64 bytes from 192.168.99.1: icmp_seq=1 ttl=64 time=0.057 ms Thank you for reading! This is the end of the article on "how to realize the network configuration of point-to-point containers in docker". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.