理解docker0
宿主机的IP地址情况
[root@localhost dockerfile]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:71:6e:65 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.177/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::740c:b13c:7ae:d319/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:43:fe:4b:6c brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:43ff:fefe:4b6c/64 scope link
valid_lft forever preferred_lft forever启动一个centos01容器,外面的宿主机可以ping里面172.17.0.3.容器里面会生成一个eth0,和docker0在一个网段,docker0在宿主机上,启动了docker服务后自动生成。
[root@localhost dockerfile]# docker run -it --name centos01 centos /bin/bash
[root@025a7676b27f /]#
[root@025a7676b27f /]#
[root@025a7676b27f /]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
56: eth0@if57: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@025a7676b27f /]# whereis ip
ip: /usr/sbin/ip
[root@025a7676b27f /]# [root@localhost dockerfile]#
[root@localhost dockerfile]#
[root@localhost dockerfile]# ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.169 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.123 ms
^X^X64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.150 ms
64 bytes from 172.17.0.3: icmp_seq=4 ttl=64 time=0.133 ms
一旦启动一个容器,宿主机ip addr就会多一个虚拟设备接口
例如 下面的57: vethb4152fa@if56和容器里的56: eth0@if57:是一对。
这个evth-pair充当桥梁,连接各种虚拟网络
verse-pair。所以启动两个容器,相互之间也可以Ping通!
[root@localhost dockerfile]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:71:6e:65 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.177/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::740c:b13c:7ae:d319/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:43:fe:4b:6c brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:43ff:fefe:4b6c/64 scope link
valid_lft forever preferred_lft forever
55: veth19f366b@if54: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 86:b3:6d:11:56:6f brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::84b3:6dff:fe11:566f/64 scope link
valid_lft forever preferred_lft forever
57: vethb4152fa@if56: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 46:2a:45:40:64:e7 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::442a:45ff:fe40:64e7/64 scope link
valid_lft forever preferred_lft forever
