In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
1. In a pure Docker environment, Docker supports four types of network modes:
● host mode: using the host's IP and port
● container mode: share the network with existing containers
● none mode: no network configuration
● bridge mode: the default mode, which uses bridged networks, is used by Kubernetes.
2. Docker network model
Through the above figure, we can clearly show the network structure of the container, in which the network card eth0 in the container and the vethxxx device bound to the Docker0 bridge are a pair of veth devices. Because vethxxx is bound to the docker0 bridge, there is no IP address, and the eth0 in the container assigns the address of the same network segment as docker0, thus realizing the interconnection of containers.
3. View the host running the two containers:
# ip a1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6:: 1/128 scope host valid_lft forever preferred_lft forever2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:15:c2:12 brd ff:ff : ff:ff:ff:ff inet 192.168.20.17/24 brd 192.168.20.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe15:c212/64 scope link valid_lft forever preferred_lft forever3: docker0: mtu 1500 qdisc noqueue state UP link/ether 02:42:fa:6f:13:18 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 scope global docker0 Valid_lft forever preferred_lft forever inet6 fe80::42:faff:fe6f:1318/64 scope link valid_lft forever preferred_lft forever7: veth47e9040@if6: mtu 1500 qdisc noqueue master docker0 state UP link/ether f2:4e:50:a5:fb:b8 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::f04e:50ff:fea5:fbb8/64 scope link valid_lft forever preferred_lft forever19: veth46fb1f6@if18: mtu 1500 qdisc Noqueue master docker0 state UP link/ether 7a:96:bc:c7:03:d8 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::7896:bcff:fec7:3d8/64 scope link valid_lft forever preferred_lft forever
4. By viewing the information of the bridged Nic, you can verify that the two veth are bound to the docker0:
# brctl showbridge name bridge id STP enabled interfacesdocker0 8000.0242fa6f1318 no veth46fb1f6 veth47e9040
5. Check the network namespace of the container
# docker inspect 506a694d09fb | grep Pid "Pid": 2737, "PidMode": "", "PidsLimit": 0Magne # mkdir / var/run/netns# ln-s / proc/2737/ns/net / var/run/netns/506a694d09fb# ip netns list506a694d09fb (id: 0) 6d9742fb3c2d (id: 1)
Check the IP of the two containers:
# ip netns exec 506a694d09fb ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever6: eth0@if7: mtu 1500 qdisc noqueue state UP link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172. 17.0.2/16 scope global eth0 valid_lft forever preferred_lft foreve# ip netns exec 6d9742fb3c2d ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever18: eth0@if19: mtu 1500 qdisc noqueue state UP link/ether 02:42:ac:11:00: 03 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.3/16 scope global eth0 valid_lft forever preferred_lft forever
It can be found that the two containers belong to different network namespaces, but in the same network segment, through the veth device pair, bind docker0 interconnection.
The corresponding peer can be viewed through the ethtool-S veth-name, so it will not be demonstrated here. In fact, the interface information can also be found through the name of the veth (vethxxx@ifNO).
6. If an error is reported when executing the ip netns exec command, docker hides the network netns again. You can first enter the mount namespace of the docker daemon, and execute the following nsenter command after entering the corresponding network namespace.
[root@jumpserver] # nsenter-t 6807-m nsenter-- net=/var/run/docker/netns/a4fdba0d4cd4 ip add1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00 scope host valid_lft forever preferred_lft forever46: eth0@if47: mtu 1500 qdisc noqueue state UP link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.2/16 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::42:acff:fe11:2/64 scope link valid_lft forever preferred_lft forever
6807 is the docker main process pid, which can be obtained through the pstree-p command.
Reference article:
Https://blog.51cto.com/tryingstuff/2165805
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
