Learn the other two types of host,none of docker network from scratch

Posted by ud2008 on Fri, 01 Nov 2019 20:35:36 +0100

We have already introduced the bridge network, which is more complex. This section introduces two simple networks: host and none.

none Network

First, we introduce the Network of type none. First look at our Network:

 duandingyang@duandingyangdeMacBook-Pro  ~/docker/ubuntu-16.04  docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
6862ec731e70        bridge              bridge              local
27b794790b92        host                host                local
c0ccd5a52bf1        none                null                local

Create a container of type none:

docker run -it  --name test1 --network none vincent/ubuntu-base /bin/bash

To view the details of the none network:

docker network inspect none
[
    {
        "Name": "none",
        "Id": "c0ccd5a52bf1a09e45ca879e9a2dd32d6987b7d43bd01e0924af501510af4c26",
        "Created": "2019-06-29T08:14:06.043680652Z",
        "Scope": "local",
        "Driver": "null",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "9a7ce6d97102fb8d820d4a649a4d5844e6490e64416267da2dc255ebd4c7688c": {
                "Name": "test1",
                "EndpointID": "8914a0bd63984e018cc4ce9f629e964941030a63277df13fc78175954bededfc",
                "MacAddress": "",
                "IPv4Address": "",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

You can see that the ip of test1 container is empty.

Enter the container to view ifconfig:

root@9a7ce6d97102:/usr# ifconfig
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

We found that there was only one lo network card. There are no other network cards. It means that the namespace of test1 container is an isolated Network namespace. There is no way to access the container other than using docker exec -it test1 /bin/bash.

So what is the meaning of the existence of this kind of container?

When the security requirements are high, tools such as storing passwords can be implemented in this way.

host Network

Stop the test1 container above and delete the container.

To create a host Network container:

docker run -it  --name test1 --network host vincent/ubuntu-base /bin/bash

To view host network information:

docker network inspect host
[
    {
        "Name": "host",
        "Id": "27b794790b9286a90285386b1ddd4d1703668e1b57b9e0dd47261c86de52452b",
        "Created": "2019-06-29T08:14:06.08051536Z",
        "Scope": "local",
        "Driver": "host",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": []
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "c56f09a40a89293affb4120ac698c1add5796d871683c1ded162b44bd2f5a7ba": {
                "Name": "test1",
                "EndpointID": "969c508af1d2448c4b1028f80ee0b4aca2fa7856a2c3c92f4def251781bf6488",
                "MacAddress": "",
                "IPv4Address": "",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]

It can be seen that test1 also has no ip address or mac address.

Enter the container to view ifconfig:

root@linuxkit-025000000001:/usr# ifconfig
docker0   Link encap:Ethernet  HWaddr 02:42:27:c4:e8:bd
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0
          inet6 addr: fe80::42:27ff:fec4:e8bd/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:108020 errors:0 dropped:0 overruns:0 frame:0
          TX packets:260692 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4347447 (4.3 MB)  TX bytes:381499475 (381.4 MB)

eth0      Link encap:Ethernet  HWaddr 02:50:00:00:00:01
          inet addr:192.168.65.3  Bcast:192.168.65.255  Mask:255.255.255.0
          inet6 addr: fe80::50:ff:fe00:1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:261768 errors:0 dropped:0 overruns:0 frame:0
          TX packets:109131 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:381626776 (381.6 MB)  TX bytes:5951813 (5.9 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:2 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:140 (140.0 B)  TX bytes:140 (140.0 B)

It is found that his network card is very similar to our host computer.

There is no independent Network namespace for the container created through host mode, which is shared with our host's Network namespace.

In this way, there will be ip conflicts and port conflicts.

Topics: Programming network Docker Ubuntu Mac

Hot Topics

©2024 Programmer Think