BenjaminYang In solitude, where we are least alone

(四)容器互联

 一、基于Volume的互联

/var/lib/docker/graph 存放本地Image里的分层信息

/var/lib/docker/devicemapper/devicemapper/data 存储了Image与Container的二进制数据文件

/var/lib/docker/devicemapper/devicemapper/metadata 存储了相关元数据

Aufs driver是Docker最早支持的driver,但是aufs只是Linux内核的一 个补丁集

Device mapper是Linux 2.6内核中提供的一种从逻辑设备到物理设备 的映射框架机制,是LVM2的核心,支持块级别的copy on write特性

目前,除少数版本如Ubuntu,Docker基本运行在Devicemapper基础上 VFS虚拟文件系统的最大缺陷是不支持copy on write特性,每层都是 一个单独的目录,如果新增一个child层,则需要将父级层镜像文件 一并复制到新目录

btrfs 非常快,采用btrfs的文件系统级的快照能力来实现layer分层功 能,缺点是仍然在进化中,还不够成熟,特别是大量写操作的压力下

 理解Docker Volume

  1. 为什么需要Volume

 

2.将容器中的目录 挂载到 本地

[root@docker ~]# docker run --rm=true -it -v /benjamin java /bin/bash
root@57d4fc851a7e:/# ls
benjamin  boot  etc   lib    media  opt   root  sbin  sys  usr
bin       dev   home  lib64  mnt    proc  run   srv   tmp  var

[root@docker ~]# docker run -it -v /benjamin java /bin/bash     

[root@docker ~]# mkdir  /var/lib/docker/volumes/ba4ac693e5fb704afd3cafda8011787c1a2782ef4ad8f13bbb6fcda6960fbfe9/_data/whatfuck
[root@docker ~]# docker attach 513edb95ae40

  root@513edb95ae40:/# ls benjamin/
  whatfuck

3.docker目录映射到本地指定目录

[root@docker ~]# docker run --rm=true -it -v /share:/benjamin java /bin/bash    
root@db2a0a5a61c3:/# mkdir /benjamin/haha
root@db2a0a5a61c3:/# ls /benjamin/
haha
root@db2a0a5a61c3:/# exit
exit
[root@docker ~]# ls /share/
haha

基于Volume的互联,也可以解决跨主机的共享问题

 

 

4.基于数据容器的单主机互联

#通过共享513edb95ae40容器 生成一个新的容器 4d9dba636c58 并共享容器之间的数据。

[root@docker ~]# docker run --rm=true --privileged=true --volumes-from=513edb95ae40 -it java /bin/bash
root@4d9dba636c58:/#

root@4d9dba636c58:/# ls /benjamin/
whatfuck
root@4d9dba636c58:/# mkdir /benjamin/haha
root@4d9dba636c58:/# exit

[root@docker ~]# docker start 513edb95ae40
513edb95ae40

#通过attach进入容器,退出容器后容器会被停掉,使用exec不会。
[root@docker ~]# docker exec -it 513edb95ae40 /bin/bash
root@513edb95ae40:/# ls
benjamin boot etc lib media opt root sbin sys usr
bin dev home lib64 mnt proc run srv tmp var
root@513edb95ae40:/# ls /benjamin/
haha whatfuck

5.基于link的互联

docker run --rm=true --name=mysqlserver -e MYSQL_ROOT_PASSWORD=123456 mysql

root@696e6dbfaf4a:/# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 696e6dbfaf4a

[root@docker ~]# docker run --rm=true -it java curl 172.17.0.3:3306
8.0.13XV1b

docker默认是允许container互通,通过-icc=false关闭 互通。一旦关闭了互通,只能通过-link name:alias命令 连接指定container.

 -- link redis:db的别名,会在/etc/hosts中生成对应的ip映射

[root@docker ~]# docker run --name=myjavaserver -it java /bin/bash
root@fec44060d559:/# exit
exit

[root@docker ~]# docker run --rm=true --link=mysqlserver:server01 -it java /bin/bash

root@87735ef6ef88:/# ping server01
PING server01 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: icmp_seq=0 ttl=64 time=0.197 ms
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.079 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.082 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.073 ms
^C--- server01 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.073/0.108/0.197/0.052 ms
root@87735ef6ef88:/# ping mysqlserver
PING server01 (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: icmp_seq=0 ttl=64 time=0.126 ms
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.083 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.085 ms
^C--- server01 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.083/0.098/0.126/0.000 ms

6.最简单常用的互联方式:端口映射

docker run  --name=mysqlserver01 -p 8806:3306 -e  MYSQL_ROOT_PASSWORD=123456 mysql
[root@docker ~]# netstat -lntup|grep 8806
tcp6       0      0 :::8806                 :::*                    LISTEN      83061/docker-proxy

 

7.直接使用宿主机网络

[root@docker ~]# docker run --rm=true --net=host --name=mysqlserver -e MYSQL_ROOT_PASSWORD=123456 mysql
docker: Error response from daemon: Conflict. The container name "/mysqlserver" is already in use by container "696e6dbfaf4a34726f9bd0fd5ef5158927cacec2c13c325805e19268d359e93f". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.
[root@docker ~]# docker stop 696e6dbfaf4a3
696e6dbfaf4a3
[root@docker ~]# docker run --rm=true --net=host --name=mysqlserver -e MYSQL_ROOT_PASSWORD=123456 mysql

[root@docker ~]# netstat -lntup|grep mysqld
tcp6 0 0 :::33060 :::* LISTEN 83922/mysqld
tcp6 0 0 :::3306 :::* LISTEN 83922/mysqld

[root@docker ~]# docker run --rm=true --net=host --name=myjava java ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e6:b7:0f brd ff:ff:ff:ff:ff:ff
inet 10.0.0.7/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::2ab1:ab73:868a:33b0/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:a8:b6:33:18 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:a8ff:feb6:3318/64 scope link
valid_lft forever preferred_lft forever
109: veth977925d@if108: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 0e:77:0b:28:63:31 brd ff:ff:ff:ff:ff:ff
inet6 fe80::c77:bff:fe28:6331/64 scope link
valid_lft forever preferred_lft forever

 

8.容器共用一个ip网络

清空所有 镜像

[root@docker ~]# docker rm -f $(docker ps -a -q)
37df6f1b989d
14eb01992dd1
3df099467d50
fec44060d559

 

[root@docker ~]# docker run --rm=true --name=mysqlserver -e MYSQL_ROOT_PASSWORD=123456 mysql

[root@docker ~]# docker run --rm=true --net=container:mysqlserver java ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
120: eth0@if121: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever

[root@docker ~]# docker exec -it mysqlserver ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
120: eth0@if121: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever

 

posted @ 2018-05-25 16:48  benjamin杨  阅读(650)  评论(0编辑  收藏  举报