Se crearán dos contenedores los cuales se anexarán a una user-defined bridge network (alpine-net).
Un tercer contenedor se creará y se anexará a la red bridge.
Un cuarto contenedor se creará y se anexará a las dos redes anteriores.
1.-
bext@bext-VPCF13WFX:~$ docker network create --driver bridge alpine-net
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces br-5494f35d026f 8000.02423c850ac2 no docker0 8000.02420d8c0eaf no docker_gwbridge 8000.0242cc559550 no veth48cf954
bext@bext-VPCF13WFX:~$ docker network inspect alpine-net [ { "Name": "alpine-net", "Id": "92c47c8eb7306e637e46be3fca4fd8a8335d0e18bae77a7bf5f41e5cc2e7b584", "Created": "2019-07-02T19:48:55.674976433-05:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "172.19.0.0/16", "Gateway": "172.19.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": {}, "Labels": {} } ]
bext@bext-VPCF13WFX:~$ docker network inspect bridge [ { "Name": "bridge", "Id": "e8262aa1b738876a43ec7ce5269f1389b32a8026113d96377ea2f66376e3ff20", "Created": "2019-07-07T14:26:22.746305106-05:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500" }, "Labels": {} } ]
Podemos ver que los gateways tienen diferentes IPs.
Creamos los cuatro contenedores y los anexamos a las redes.
bext@bext-VPCF13WFX:~$ docker run -dit --name alpine1 --network alpine-net alpine ash 2c1d9ca3da9fee0ce52237944944ef5fc1d9f0e898dddca69cc3f0637e9909a9
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces br-5494f35d026f 8000.02423c850ac2 no veth5286c0c docker0 8000.02420d8c0eaf no docker_gwbridge 8000.0242cc559550 no veth48cf954
bext@bext-VPCF13WFX:~$ sudo iptables -t nat -L [sudo] password for bext: Chain PREROUTING (policy ACCEPT) target prot opt source destination DOCKER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DOCKER all -- anywhere !localhost/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 172.19.0.0/16 anywhere MASQUERADE all -- 172.17.0.0/16 anywhere MASQUERADE all -- 172.18.0.0/16 anywhere Chain DOCKER (2 references) target prot opt source destination RETURN all -- anywhere anywhere RETURN all -- anywhere anywhere RETURN all -- anywhere anywhere
bext@bext-VPCF13WFX:~$ docker run -dit --name alpine2 --network alpine-net alpine ash c93e086df83d6e5c5eb4375b4af2316c0b5f4604c64178b2c57c900e071041f3
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces br-5494f35d026f 8000.02423c850ac2 no veth44062ed veth5286c0c docker0 8000.02420d8c0eaf no docker_gwbridge 8000.0242cc559550 no veth48cf954
bext@bext-VPCF13WFX:~$ ifconfig br-5494f35d026f br-5494f35d026f: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.19.0.1 netmask 255.255.0.0 broadcast 172.19.255.255 inet6 fe80::42:3cff:fe85:ac2 prefixlen 64 scopeid 0x20<link> ether 02:42:3c:85:0a:c2 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 43 bytes 6503 (6.5 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 bext@bext-VPCF13WFX:~$ ifconfig docker0 docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::42:dff:fe8c:eaf prefixlen 64 scopeid 0x20<link> ether 02:42:0d:8c:0e:af txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 49 bytes 7080 (7.0 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
bext@bext-VPCF13WFX:~$ docker run -dit --name alpine3 alpine ash ab4e75ab6e56300af54411d924f0bf40e26453ee9403f72adf0217fa9492cc32
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces br-5494f35d026f 8000.02423c850ac2 no veth44062ed veth5286c0c docker0 8000.02420d8c0eaf no vethf08392c docker_gwbridge 8000.0242cc559550 no veth48cf954
bext@bext-VPCF13WFX:~$ docker run -dit --name alpine4 --network alpine-net alpine ash aab6f85c6c37cf2283c29494b3e4154f65fb0ec08f5164da54d3aa9b51f5f4e7
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces br-5494f35d026f 8000.02423c850ac2 no veth44062ed veth5286c0c veth88b3ec2 docker0 8000.02420d8c0eaf no vethf08392c docker_gwbridge 8000.0242cc559550 no veth48cf954
bext@bext-VPCF13WFX:~$ docker network connect bridge alpine4
bext@bext-VPCF13WFX:~$ brctl show bridge name bridge id STP enabled interfaces br-5494f35d026f 8000.02423c850ac2 no veth44062ed veth5286c0c veth88b3ec2 docker0 8000.02420d8c0eaf no veth2346f97 vethf08392c docker_gwbridge 8000.0242cc559550 no veth48cf954
Verificamos los contenedores corriendo
bext@bext-VPCF13WFX:~$ docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES aab6f85c6c37 alpine "ash" 2 minutes ago Up 2 minutes alpine4 ab4e75ab6e56 alpine "ash" 5 minutes ago Up 5 minutes alpine3 c93e086df83d alpine "ash" 6 minutes ago Up 6 minutes alpine2 2c1d9ca3da9f alpine "ash" 6 minutes ago Up 6 minutes alpine1
Y las redes las inspeccionamos
bext@bext-VPCF13WFX:~$ docker network inspect bridge [ { "Name": "bridge", "Id": "e8262aa1b738876a43ec7ce5269f1389b32a8026113d96377ea2f66376e3ff20", "Created": "2019-07-07T14:26:22.746305106-05:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "aab6f85c6c37cf2283c29494b3e4154f65fb0ec08f5164da54d3aa9b51f5f4e7": { "Name": "alpine4", "EndpointID": "9dd61db7fefa2e1f242d4192734d0ea33f0273635e6ac03f76a4bfc6266fdb98", "MacAddress": "02:42:ac:11:00:03", "IPv4Address": "172.17.0.3/16", "IPv6Address": "" }, "ab4e75ab6e56300af54411d924f0bf40e26453ee9403f72adf0217fa9492cc32": { "Name": "alpine3", "EndpointID": "54b3830d168dee32d24f3c5e7bbd18540755345f8582cb130c024ebe5615dd24", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", "IPv6Address": "" } }, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500" }, "Labels": {} } ] bext@bext-VPCF13WFX:~$ docker network inspect alpine-net [ { "Name": "alpine-net", "Id": "92c47c8eb7306e637e46be3fca4fd8a8335d0e18bae77a7bf5f41e5cc2e7b584", "Created": "2019-07-02T19:48:55.674976433-05:00", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "172.19.0.0/16", "Gateway": "172.19.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "2c1d9ca3da9fee0ce52237944944ef5fc1d9f0e898dddca69cc3f0637e9909a9": { "Name": "alpine1", "EndpointID": "0f5c70fe16ea125af40dde340559afd10f82a0ad7435b9cfd6a7ad53d727f981", "MacAddress": "02:42:ac:13:00:02", "IPv4Address": "172.19.0.2/16", "IPv6Address": "" }, "aab6f85c6c37cf2283c29494b3e4154f65fb0ec08f5164da54d3aa9b51f5f4e7": { "Name": "alpine4", "EndpointID": "eae6aecaea670dfc6cafa1a94d5bad64c1b71087104653801fb44f62c40d60de", "MacAddress": "02:42:ac:13:00:04", "IPv4Address": "172.19.0.4/16", "IPv6Address": "" }, "c93e086df83d6e5c5eb4375b4af2316c0b5f4604c64178b2c57c900e071041f3": { "Name": "alpine2", "EndpointID": "e003c53e7bac44bc22d9ce5541272dc9937c27d202ca5d5345fcd2fd2b3ca8b3", "MacAddress": "02:42:ac:13:00:03", "IPv4Address": "172.19.0.3/16", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ]
Los contenedores en la red user-defined bridge pueden comunicarse entre ellos por direcciones IP y por nombre, esto es por automatic service discovery , vamos a conectarnos a alpine1 y hacer pruebas de conexión hacia los otros contenedores.
bext@bext-VPCF13WFX:~$ docker container attach alpine1 / # ping -c 2 alpine2 PING alpine2 (172.19.0.3): 56 data bytes 64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.210 ms 64 bytes from 172.19.0.3: seq=1 ttl=64 time=0.147 ms --- alpine2 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.147/0.178/0.210 ms / # ping -c 2 172.19.0.3 PING 172.19.0.3 (172.19.0.3): 56 data bytes 64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.179 ms 64 bytes from 172.19.0.3: seq=1 ttl=64 time=0.149 ms --- 172.19.0.3 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.149/0.164/0.179 ms / # ping -c 2 alpine4 PING alpine4 (172.19.0.4): 56 data bytes 64 bytes from 172.19.0.4: seq=0 ttl=64 time=0.202 ms 64 bytes from 172.19.0.4: seq=1 ttl=64 time=0.148 ms --- alpine4 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.148/0.175/0.202 ms / # ping -c 2 alpine1 PING alpine1 (172.19.0.2): 56 data bytes 64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.110 ms 64 bytes from 172.19.0.2: seq=1 ttl=64 time=0.125 ms --- alpine1 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.110/0.117/0.125 ms / # ping -c 2 alpine3 ping: bad address 'alpine3' / # ping -c 2 172.17.0.2 PING 172.17.0.2 (172.17.0.2): 56 data bytes --- 172.17.0.2 ping statistics --- 2 packets transmitted, 0 packets received, 100% packet loss
Solo no se pudo conectar al contenedor alpine3 que esta en otra red.
El contenedor alpine4 esta conectado a todos los contenedores, ya que esta anexada a las dos redes. Por lo tanto podrá ver todos los contenedores, solo no podrá ver alpine3 por nombre pero si por dirección IP.
bext@bext-VPCF13WFX:~$ docker container attach alpine4 / # ping -c 1 alpine1 PING alpine1 (172.19.0.2): 56 data bytes 64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.195 ms --- alpine1 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max = 0.195/0.195/0.195 ms / # ping -c 1 alpine4 PING alpine4 (172.19.0.4): 56 data bytes 64 bytes from 172.19.0.4: seq=0 ttl=64 time=0.084 ms --- alpine4 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max = 0.084/0.084/0.084 ms / # ping -c 1 alpine2 PING alpine2 (172.19.0.3): 56 data bytes 64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.236 ms --- alpine2 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max = 0.236/0.236/0.236 ms / # ping -c 1 alpine3 ping: bad address 'alpine3' / # ping -c 1 172.17.0.2 PING 172.17.0.2 (172.17.0.2): 56 data bytes 64 bytes from 172.17.0.2: seq=0 ttl=64 time=0.280 ms --- 172.17.0.2 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max = 0.280/0.280/0.280 ms
bext@bext-VPCF13WFX:~$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp4s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000 link/ether 78:84:3c:cc:07:0c brd ff:ff:ff:ff:ff:ff 3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 4c:0f:6e:f8:ba:40 brd ff:ff:ff:ff:ff:ff inet 10.143.113.239/8 brd 10.255.255.255 scope global dynamic noprefixroute wlp2s0 valid_lft 76404sec preferred_lft 76404sec inet6 fe80::3a39:6a32:bcd9:1489/64 scope link noprefixroute valid_lft forever preferred_lft forever 4: docker_gwbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:cc:55:95:50 brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global docker_gwbridge valid_lft forever preferred_lft forever inet6 fe80::42:ccff:fe55:9550/64 scope link valid_lft forever preferred_lft forever 5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:0d:8c:0e:af brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:dff:fe8c:eaf/64 scope link valid_lft forever preferred_lft forever 17: veth48cf954@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether 62:2e:12:d9:8e:89 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::602e:12ff:fed9:8e89/64 scope link valid_lft forever preferred_lft forever 22: br-5494f35d026f: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:3c:85:0a:c2 brd ff:ff:ff:ff:ff:ff inet 172.19.0.1/16 brd 172.19.255.255 scope global br-5494f35d026f valid_lft forever preferred_lft forever inet6 fe80::42:3cff:fe85:ac2/64 scope link valid_lft forever preferred_lft forever 26: veth5286c0c@if25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-5494f35d026f state UP group default link/ether ca:de:64:1e:ec:f9 brd ff:ff:ff:ff:ff:ff link-netnsid 2 inet6 fe80::c8de:64ff:fe1e:ecf9/64 scope link valid_lft forever preferred_lft forever 30: veth44062ed@if29: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-5494f35d026f state UP group default link/ether ba:d3:8f:4c:2d:4a brd ff:ff:ff:ff:ff:ff link-netnsid 3 inet6 fe80::b8d3:8fff:fe4c:2d4a/64 scope link valid_lft forever preferred_lft forever 32: vethf08392c@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 6e:5e:46:11:4f:2b brd ff:ff:ff:ff:ff:ff link-netnsid 4 inet6 fe80::6c5e:46ff:fe11:4f2b/64 scope link valid_lft forever preferred_lft forever 34: veth88b3ec2@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-5494f35d026f state UP group default link/ether d2:f9:ef:22:56:04 brd ff:ff:ff:ff:ff:ff link-netnsid 5 inet6 fe80::d0f9:efff:fe22:5604/64 scope link valid_lft forever preferred_lft forever 36: veth2346f97@if35: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether b6:9c:d0:2c:cc:38 brd ff:ff:ff:ff:ff:ff link-netnsid 5 inet6 fe80::b49c:d0ff:fe2c:cc38/64 scope link valid_lft forever preferred_lft forever
Ahora detenemos y eliminamos todos los contenedores y la red alpine-net
bext@bext-VPCF13WFX:~$ docker container stop alpine1 alpine2 alpine3 alpine4 alpine1 alpine2 alpine3 alpine4 bext@bext-VPCF13WFX:~$ docker container rm alpine1 alpine2 alpine3 alpine4 alpine1 alpine2 alpine3 alpine4 bext@bext-VPCF13WFX:~$ docker network rm alpine-net alpine-net
eot
No hay comentarios:
Publicar un comentario