Shulou(Shulou.com)06/01 Report--

This article focuses on "how to use host and none in docker". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Now let the editor take you to learn how to use host and none in docker.

None Network

First, the Network of type none is introduced.

The network mode is none, that is, no network environment is constructed for the Docker container. Once the Docker container adopts none network mode, only loopback network devices can be used inside the container, and there will be no other network resources. Docker Container's none network mode means that no network environment is created for the container, and the container can only use 127.0.0.1 native network.

First of all, take a look at our network:

Duandingyang@duandingyangdeMacBook-Pro  ~ / docker/ubuntu-16.04  docker network lsNETWORK ID NAME DRIVER SCOPE6862ec731e70 bridge bridge local27b794790b92 host host localc0ccd5a52bf1 none null local

Create a container of type none:

Docker run-it-name test1-network none vincent/ubuntu-base / bin/bash

View the details of the none network:

Docker network inspect none [{"Name": "none", "Id": "c0ccd5a52bf1a09e45ca879e9a2dd32d6987b7d43bd01e0924af501510af4c26", "Created": "2019-06-29T08:14:06.043680652Z", "Scope": "local", "Driver": "null", "EnableIPv6": false, "IPAM": {"Driver": "default", "Options": null "Config": []}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {"Network": "}," ConfigOnly ": false," Containers ": {" 9a7ce6d97102fb8d820d4a649a4d5844e6490e64416267da2dc255ebd4c7688c ": {" Name ":" test1 " "EndpointID": "8914a0bd63984e018cc4ce9f629e964941030a63277df13fc78175954bededfc", "MacAddress": "," IPv4Address ":", "IPv6Address": ""}}, "Options": {}, "Labels": {}}]

You can see that the ip of the test1 container is empty.

Go to the container and view ifconfig:

Root@9a7ce6d97102:/usr# ifconfiglo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0B) TX bytes:0 (0.0B)

We found only one lo network card. There are no other network cards. This means that the namespace where the test1 container is located is an isolated Network namespace. There is no way to access the container except by using docker exec-it test1 / bin/bash.

So what is the meaning of the existence of this container?

When security requirements are high, tools such as storing passwords can be implemented in this way.

Host Network

The Host pattern does not create an isolated network environment for the container. The reason why it is called host mode is that the Docker container in this mode will share the same network namespace with the host host, so Docker Container can use the host's eth0 to communicate with the outside world. In other words, the IP address of Docker Container is the IP address of the host eth0. Its features include:

Containers in this mode do not have isolated network namespace

The container's IP address is the same as the IP address of Docker host

It should be noted that the port number of the service in the container cannot conflict with the port number already used on the Docker host

Host mode can coexist with other modes

Stop the test1 container above and delete the container.

Create a host Network container:

Docker run-it-name test1-network host vincent/ubuntu-base / bin/bash

View host network information:

Docker network inspect host [{"Name": "host", "Id": "27b794790b9286a90285386b1ddd4d1703668e1b57b9e0dd47261c86de52452b", "Created": "2019-06-29T08:14:06.08051536Z", "Scope": "local", "Driver": "host", "EnableIPv6": false, "IPAM": {"Driver": "default", "Options": null "Config": []}, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": {"Network": "}," ConfigOnly ": false," Containers ": {" c56f09a40a89293affb4120ac698c1add5796d871683c1ded162b44bd2f5a7ba ": {" Name ":" test1 " "EndpointID": "969c508af1d2448c4b1028f80ee0b4aca2fa7856a2c3c92f4def251781bf6488", "MacAddress": "," IPv4Address ":", "IPv6Address": ""}}, "Options": {}, "Labels": {}}]

You can see that test1 also does not have an ip address or an mac address.

Go to the container and view ifconfig:

Root@linuxkit-025000000001:/usr# ifconfigdocker0 Link encap:Ethernet HWaddr 02:42:27:c4:e8:bd inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0 inet6 addr: fe80::42:27ff:fec4:e8bd/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:108020 errors:0 dropped:0 overruns:0 frame:0 TX packets : 260692 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4347447 (4. 3 MB) TX bytes:381499475 (381.4 MB) eth0 Link encap:Ethernet HWaddr 02 TX bytes:381499475 50 inet addr:192.168.65.3 Bcast:192.168.65.255 Mask:255.255.255.0 inet6 addr: fe80::50:ff:fe00:1/64 Scope Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:261768 errors:0 dropped:0 overruns:0 frame:0 TX packets:109131 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:381626776 (381.6 MB) TX bytes:5951813 (5.9MB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0. 0.0 inet6 addr: 1 inet6 addr 128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:2 errors:0 dropped:0 overruns:0 frame:0 TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:140 (140.0 B) TX bytes:140 (140.0 B)

It is found that his network card is very similar to our host computer.

Containers created through host do not have a separate Network namespace and are shared with the Network namespace of our host.

Using this method will lead to ip conflicts and port conflicts.

At this point, I believe you have a deeper understanding of "how to use host and none in docker". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.