我试图查看Docker桥接网络中容器之间的名称解析情况
这篇文章已经转移到了个人博客上。
確定动作确认环境的定义
首先,我们要定义一个docker-compose.yml文件,用于在同一个桥接网络中启动容器。
由于没有特殊的服务需要运行,因此定义会比较简单粗糙。
$ cat docker-compose.yml
version: '2'
services:
centos1:
image: centos
container_name: centos1
command: tail -f /dev/null
networks:
- centos
centos2:
image: centos
container_name: centos2
command: tail -f /dev/null
networks:
- centos
networks:
centos:
driver: bridge
创建容器网络/启动容器
根据上述的docker-compose.yml文件,创建桥接网络并启动容器。
$ docker-compose up -d
Creating network "test_centos" with driver "bridge"
Creating centos2
Creating centos1
确认容器网络
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
42165a96d808 bridge bridge local
3762bcd6bffb host host local
f21c4ff0a40e none null local
888673525ef8 test_centos bridge local
测试_centos建立了一个桥接网络。
使用docker-compose时,似乎会将docker-compose.yml所在的目录名称作为名称前缀。
确认集装箱
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee82b4459dd3 centos "tail -f /dev/null" 28 minutes ago Up 28 minutes centos1
33be8d105125 centos "tail -f /dev/null" 28 minutes ago Up 28 minutes centos2
我认为在docker-compose.yml文件中指定的container_name设置的容器正在运行中。
请查看桥接网络的详细信息。
$ docker network inspect test_centos
[
{
"Name": "test_centos",
"Id": "888673525ef867e345d725fc931cd101d47a2175349bcd6af18615bc0c54b99d",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.19.0.0/16",
"Gateway": "172.19.0.1/16"
}
]
},
"Internal": false,
"Containers": {
"33be8d105125bc2eddb314e947cc8a6f43941d98959766320dd6e8f39457c450": {
"Name": "centos2",
"EndpointID": "1be71737dcc84729d0200f895ee1ec350efa66cdf46f41577294e01eaa658775",
"MacAddress": "02:42:ac:13:00:02",
"IPv4Address": "172.19.0.2/16",
"IPv6Address": ""
},
"ee82b4459dd3d7034ecd0ef3f0c1d41e3288ae7045b38ebaabb9f519f1de6eef": {
"Name": "centos1",
"EndpointID": "7f912cb4bb22c11739ab88ada9c71d2ecbd32c9e0e0b0aeafb08368ed04d38e0",
"MacAddress": "02:42:ac:13:00:03",
"IPv4Address": "172.19.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
centos1被分配了172.19.0.3/16,centos2被分配了172.19.0.2/16。
登录到容器
我想要在容器之间进行名称解析,所以我会进入其中一个容器。
$ docker exec -it centos1 bash
确认联系或验证连通状态。
我将尝试确认未登录用户是否可以与容器进行通信。
[root@ee82b4459dd3 /]# ping centos2 -c 4
PING centos2 (172.19.0.2) 56(84) bytes of data.
64 bytes from centos2.test_centos (172.19.0.2): icmp_seq=1 ttl=64 time=0.597 ms
64 bytes from centos2.test_centos (172.19.0.2): icmp_seq=2 ttl=64 time=0.141 ms
64 bytes from centos2.test_centos (172.19.0.2): icmp_seq=3 ttl=64 time=0.150 ms
64 bytes from centos2.test_centos (172.19.0.2): icmp_seq=4 ttl=64 time=0.099 ms
--- centos2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3017ms
rtt min/avg/max/mdev = 0.099/0.246/0.597/0.204 ms
网络连接正常。
目标地址与之前确认的地址相同。
确认姓名的解决
主持人的确认
首先,我们来检查一下hosts文件。
[root@ee82b4459dd3 /]# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.19.0.3 ee82b4459dd3
似乎这里没有人。
尝试查询DNS。
我想使用dig命令来进行DNS查询,因此需要安装bind-utils。
[root@ee82b4459dd3 /]# yum install -y bind-utils
省略...
我会帮你解决名字的问题。
[root@ee82b4459dd3 /]# dig centos2
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3 <<>> centos2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51306
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;centos2. IN A
;; ANSWER SECTION:
centos2. 600 IN A 172.19.0.2
;; Query time: 5 msec
;; SERVER: 127.0.0.11#53(127.0.0.11)
;; WHEN: Mon Dec 12 11:14:23 UTC 2016
;; MSG SIZE rcvd: 48
DNS服务器设置为: 127.0.0.11#53(127.0.0.11)。
[root@ee82b4459dd3 /]# cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
当我确认后发现,它已在resolv.conf中定义。
我确认了Docker引擎在容器内部运行的DNS服务器,并且其IP地址是127.0.0.11。这个信息确实如此,正如这里所记录的一样。
整理残局
$ docker-compose stop
Stopping centos1 ... done
Stopping centos2 ... done
$ docker-compose rm
Going to remove centos1, centos2
Are you sure? [yN] y
Removing centos1 ... done
Removing centos2 ... done
$ docker network rm test_centos
test_centos