In this tutorial we are going to understand Docker Networking Concept.
This is must to know to perform basic administration of networking such as connect/disconnect container to the network,list available networks, remove network etc...
Docker has default command line option to do networking operations.
To list all available network, run :
[root@siddhesh ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
005a608caf51 bridge bridge local
49c341ee02f5 host host local
6adeb6986dd0 none null local
[root@siddhesh ~]#Lets try to understand different type of network driver available in docker :
1. Bridge : This is default network driver gets created and assigned to the container when you start your container. A bridge network is a Link Layer device which forwards traffic between network segments.
2. Host : It remove network isolation between the container and the Docker host, and use the host’s networking directly.
3. None : If you want to completely disable the networking stack on a container, you can use the none driver.
4. Overlay : This driver creates a distributed network among multiple Docker daemon hosts. This network sits on top of the host-specific networks, allowing containers connected to it from different network segment.
5. MacVlan : macvlan driver requires Linux Kernel 3.9 or greater. You can check your kernel version with uname -r. This driver can be used to assign a MAC address to each container’s virtual network interface, making it appear to be a physical network interface directly connected to the physical network.
To get further details on networks, run:
[root@siddhesh ~]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "005a608caf517bf9e6e49934ac9904049e296e23cfb4c5a81731522d440bba5a",
"Created": "2020-04-05T22:41:30.548103709+05:30",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Containers": {},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@siddhesh ~]#Create another Bridge interface and attache to container.
[root@siddhesh ~]# docker network create -d bridge siddhesh-net
docker network create -d bridge siddhesh-net
6e0c72dead4ff315237bcdfbf2194cea0d310edea59398ca142715afbcc817f3
[root@siddhesh ~]#Verify newly created interface using docker network.
[root@siddhesh ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
90d57756b07c bridge bridge local
d0e010909698 host host local
f9a97fa21d1b none null local
6e0c72dead4f siddhesh-net bridge local
[root@siddhesh ~]#Same can be verified using ifconfig linux command as follow.
[root@siddhesh ~]# ifconfig br-6e0c72dead4f
br-6e0c72dead4f Link encap:Ethernet HWaddr 02:42:9A:79:3D:03
inet addr:172.19.0.1 Bcast:172.19.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[root@siddhesh ~]#Now lets try to run container using newly created bridge interface.
[root@siddhesh ~]# docker run --network=siddhesh-net -i -t centos
[root@siddhesh ~]#Create macvlan interface using docker network and attach to container.
[root@siddhesh ~]# docker network create -d macvlan --subnet=10.0.0.0/24 --gateway=10.0.0.1 -o parent=eth0 siddhesh-macvlan
[root@siddhesh ~]#[root@siddhesh ~]# docker run --network=siddhesh-macvlan -i -t centos
[root@96296b77a4cc /]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
4: eth0@if43179: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN groupdefault
link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
[root@96296b77a4cc /]#You can inspect/verify newly create network interface properties using docker network inspect.
[root@siddhesh ~]# docker network inspect siddhesh-macvlan
[
{
"Name": "siddhesh-macvlan",
"Id": "8fdc29a2f665d951ec2f46a3798acaf42bf3a921c90385b59ee2154cf2e2b92e",
"Created": "2020-04-06T17:07:46.223236645Z",
"Scope": "local",
"Driver": "macvlan",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"parent": "eth0"
},
"Labels": {}
}
]
[root@siddhesh ~]#To remove existing network interface, run :
[root@siddhesh ~]# docker network rm siddhesh-macvlan
siddhesh-macvlan
[root@siddhesh ~]#
コメント