Default bridge Network
no recomendado para ambientes productivos.
1.- Vemos que redes tenemos
2.- Ponemos dos contenedores en marcha con linux alpine
3.- Inspeccionamos que contenedores estan en la bridge network
4.- Nos conectamos al comando de linea de alpine1. # nos indica que estamos como root.
5.- Verificamos la ip de alpine1. podemos verificar que corresponde a lo que nos reportó la red.
6.- Verificamos que nos conectemos a internet
7.- Ahora verificamos que podamos pingear al otro contenedor en la red por su ip, Pero si nos queremos conectar por su nombre no podremos.
8.- Sin detener el contenedor nos desconectamos de él (ctrl + p + q ) y hacemos lo mismo pero para el otro contenedor.
9.- Paramos y removemos ambos contenedores.
1.- Vemos que redes tenemos
bext@bext-VPCF13WFX:~$ docker network ls NETWORK ID NAME DRIVER SCOPE 92c47c8eb730 alpine-net bridge local e8262aa1b738 bridge bridge local a7c5da586361 docker_gwbridge bridge local wsoehjcw93eh getstartedlab_webnet overlay swarm 9eb00fc4aeea host host local 1k8awhwg5so4 ingress overlay swarm 721ee2b37deb mac_net macvlan local 8dbfa01ec529 none null local
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces docker0 8000.02420d8c0eaf no docker_gwbridge 8000.0242cc559550 no veth48cf954
bext@bext-VPCF13WFX:~$ ifconfig docker0 docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:0d:8c:0e:af txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.- Ponemos dos contenedores en marcha con linux alpine
bext@bext-VPCF13WFX:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bext@bext-VPCF13WFX:~$ docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bext@bext-VPCF13WFX:~$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4440af5e01c8 alpine "ash" 17 hours ago Exited (137) 17 hours ago alpine2 84fbb1980885 alpine "ash" 17 hours ago Exited (137) 17 hours ago alpine1 433850f05380 nginx "nginx -g 'daemon of…" 4 days ago Exited (0) 4 days ago compassionate_tharp 484f6d9ffd22 2da45b639455 "python app.py" 6 days ago Exited (0) 6 days ago inspiring_wright 84b3cbf422c8 redis "docker-entrypoint.s…" 6 days ago Created redisSwarm 79ca47ee7958 portainer/portainer "/portainer" 7 days ago Exited (2) 7 days ago silly_beaver
Podemos arrancar los contenedores con alpine con el comando (detached, interactive, terminal)
bext@bext-VPCF13WFX:~$ docker run -dit --name alpine1 alpine ash docker: Error response from daemon: Conflict. The container name "/alpine1" is already in use by container "84fbb1980885258380dc83949e116479cd47168d14598bd6d1272126b335efbe". You have to remove (or rename) that container to be able to reuse that name. See 'docker run --help'.
Previamente ya habiamos arrancado contenedor con alpine y mismo nombre, aque que tendremos que solo rearrancarlo.
bext@bext-VPCF13WFX:~$ docker container start alpine1 alpine1
bext@bext-VPCF13WFX:~$ brctl show docker0 bridge name bridge id STP enabled interfaces docker0 8000.02420d8c0eaf no veth1cb5779
bext@bext-VPCF13WFX:~$ ethtool -S veth1cb5779 NIC statistics: peer_ifindex: 18
bext@bext-VPCF13WFX:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 84fbb1980885 alpine "ash" 17 hours ago Up 6 seconds alpine1
bext@bext-VPCF13WFX:~$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4440af5e01c8 alpine "ash" 17 hours ago Exited (137) 17 hours ago alpine2 84fbb1980885 alpine "ash" 17 hours ago Up 15 seconds alpine1 433850f05380 nginx "nginx -g 'daemon of…" 4 days ago Exited (0) 4 days ago compassionate_tharp 484f6d9ffd22 2da45b639455 "python app.py" 6 days ago Exited (0) 6 days ago inspiring_wright 84b3cbf422c8 redis "docker-entrypoint.s…" 6 days ago Created redisSwarm 79ca47ee7958 portainer/portainer "/portainer" 7 days ago Exited (2) 7 days ago silly_beaver
3.- Inspeccionamos que contenedores estan en la bridge network, tenemos que tener a los dos contenedores alpine1 y alpine2.
bext@bext-VPCF13WFX:~$ docker network inspect bridge | more [ { "Name": "bridge", "Id": "e8262aa1b738876a43ec7ce5269f1389b32a8026113d96377ea2f66376e3ff20" , "Created": "2019-07-07T14:26:22.746305106-05:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "84fbb1980885258380dc83949e116479cd47168d14598bd6d1272126b335efbe": { "Name": "alpine1", "EndpointID": "2e8448d8ba27fb58dd0b025fcab2b4a5924f66b7fb12d8936 633dee4af1ebe5a", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", "IPv6Address": "" } }, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500" }, "Labels": {} } ]
bext@bext-VPCF13WFX:~$ docker container start alpine2 alpine2
bext@bext-VPCF13WFX:~$ brctl show docker0 bridge name bridge id STP enabled interfaces docker0 8000.02420d8c0eaf no veth1cb5779 vethee25390
bext@bext-VPCF13WFX:~$ ethtool -S vethee25390 NIC statistics: peer_ifindex: 20
bext@bext-VPCF13WFX:~$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "e8262aa1b738876a43ec7ce5269f1389b32a8026113d96377ea2f66376e3ff20",
"Created": "2019-07-07T14:26:22.746305106-05:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"4440af5e01c87558fedd30422dc29db3d419c1dbd1fb7fba57ab97d8e54d5dd8": {
"Name": "alpine2",
"EndpointID": "fc9bb7a3058cb737d68ece3a49d4da0527445f616ec79ff2f5413dd5d9eac663",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"84fbb1980885258380dc83949e116479cd47168d14598bd6d1272126b335efbe": {
"Name": "alpine1",
"EndpointID": "2e8448d8ba27fb58dd0b025fcab2b4a5924f66b7fb12d8936633dee4af1ebe5a",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
Vemos que alpine2 tiene 172.17.0.3 y alpine1 172.17.0.2
4.- Nos conectamos al comando de linea de alpine1. # nos indica que estamos como root.
bext@bext-VPCF13WFX:~$ docker attach alpine1
5.- Verificamos la ip de alpine1. podemos verificar que corresponde a lo que nos reportó la red.
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:82 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9520 (9.2 KiB) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
bext@bext-VPCF13WFX:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 78:84:3c:cc:07:0c brd ff:ff:ff:ff:ff:ff 3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 4c:0f:6e:f8:ba:40 brd ff:ff:ff:ff:ff:ff inet 10.143.113.239/8 brd 10.255.255.255 scope global dynamic noprefixroute wlp2s0 valid_lft 80975sec preferred_lft 80975sec inet6 fe80::3a39:6a32:bcd9:1489/64 scope link noprefixroute valid_lft forever preferred_lft forever 4: docker_gwbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:cc:55:95:50 brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global docker_gwbridge valid_lft forever preferred_lft forever inet6 fe80::42:ccff:fe55:9550/64 scope link valid_lft forever preferred_lft forever 5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:0d:8c:0e:af brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:dff:fe8c:eaf/64 scope link valid_lft forever preferred_lft forever 17: veth48cf954@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether 62:2e:12:d9:8e:89 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::602e:12ff:fed9:8e89/64 scope link valid_lft forever preferred_lft forever 19: veth1cb5779@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 3e:f4:03:64:d5:97 brd ff:ff:ff:ff:ff:ff link-netnsid 2 inet6 fe80::3cf4:3ff:fe64:d597/64 scope link valid_lft forever preferred_lft forever 21: vethee25390@if20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 52:1b:8c:bf:aa:75 brd ff:ff:ff:ff:ff:ff link-netnsid 3 inet6 fe80::501b:8cff:febf:aa75/64 scope link valid_lft forever preferred_lft forever
bext@bext-VPCF13WFX:~$ docker attach alpine1 / # ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 18: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever / #
6.- Verificamos que nos conectemos a internet
/ # ping -c 2 google.com
PING google.com (172.217.9.14): 56 data bytes
64 bytes from 172.217.9.14: seq=0 ttl=50 time=54.625 ms
64 bytes from 172.217.9.14: seq=1 ttl=50 time=55.780 ms
--- google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 54.625/55.202/55.780 ms
7.- Ahora verificamos que podamos pingear al otro contenedor en la red por su ip, Pero si nos queremos conectar por su nombre no podremos.
/ # ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.240 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.138 ms
64 bytes from 172.17.0.3: seq=2 ttl=64 time=0.126 ms
64 bytes from 172.17.0.3: seq=3 ttl=64 time=0.128 ms
^C
--- 172.17.0.3 ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max = 0.126/0.143/0.240 ms
/ #
/ # ping alpine2
ping: bad address 'alpine2'
8.- Sin detener el contenedor nos desconectamos de él (ctrl + p + q ) y hacemos lo mismo pero para el otro contenedor.
/ # read escape sequence bext@bext-VPCF13WFX:~$ docker attach alpine2 / # ping -c 2 google.com PING google.com (172.217.9.14): 56 data bytes 64 bytes from 172.217.9.14: seq=0 ttl=50 time=62.638 ms 64 bytes from 172.217.9.14: seq=1 ttl=50 time=56.912 ms --- google.com ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 56.912/59.775/62.638 ms / # ping -c 2 172.17.0.2 PING 172.17.0.2 (172.17.0.2): 56 data bytes 64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.143 ms 64 bytes from 172.17.0.2: seq=1 ttl=64 time=0.129 ms --- 172.17.0.2 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.129/0.136/0.143 ms / # ping -c 2 alpine1 ping: bad address 'alpine1' / # read escape sequence
9.- Paramos y removemos ambos contenedores.
bext@bext-VPCF13WFX:~$ docker container stop alpine1 alpine2 alpine1 alpine2 bext@bext-VPCF13WFX:~$ docker container rm alpine1 alpine2 alpine1 alpine2
eot
No hay comentarios:
Publicar un comentario