【目录导览】
1.Docker入门：什么是Docker？如何安装Docker？
2.Docker入门：Docker命令
3.Docker实战：Docker部署Nginx
4.Docker实战：Docker部署Tomcat
5.Docker实战：Docker部署MySQL
6.Docker镜像：什么是Docker镜像？Docker镜像加载原理？
7.Docker容器：什么是Docker容器？
8.Docker数据卷：数据交互、数据卷、数据卷容器
9.Docker镜像制作：Commit和DockerFile
10.Docker入门学习回顾小结
11.Docker网络：基础原理&示例
12.Docker网络：容器互联之–link
13.Docker网络：容器互联之自定义网络
14.Docker网络：容器互联之不同网络间的容器互联

1.如何创建自定义网络

step.1 查看当前环境中的网卡信息

# 查看当前环境中的网卡信息
docker network ls
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
c5440000e49f        bridge              bridge              local
c115f00b8471        host                host                local
4fdfe488370c        none                null                local

其中bridge代表的网卡就是docker0

step.2 创建自定义网络

# 建议先清空一下当前Docker环境中的容器，确保在一个干净的网络环境下测试自定义网络
docker rm -f $(docker ps -aq)
# 可以先查看一下docker网络相关命令
docker network --help
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker network --help
Usage:    docker network COMMAND
Manage networks
Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
# 再看一下create的操作详情
docker network create --help
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker network create --help
Usage:    docker network create [OPTIONS] NETWORK
Create a network
Options:
      --attachable           Enable manual container attachment
      --aux-address map      Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
      --config-from string   The network from which copying the configuration
      --config-only          Create a configuration only network
  -d, --driver string        Driver to manage the Network (default "bridge")
      --gateway strings      IPv4 or IPv6 Gateway for the master subnet
      --ingress              Create swarm routing-mesh network
      --internal             Restrict external access to the network
      --ip-range strings     Allocate container ip from a sub-range
      --ipam-driver string   IP Address Management Driver (default "default")
      --ipam-opt map         Set IPAM driver specific options (default map[])
      --ipv6                 Enable IPv6 networking
      --label list           Set metadata on a network
  -o, --opt map              Set driver specific options (default map[])
      --scope string         Control the network’s scope
      --subnet strings       Subnet in CIDR format that represents a network segment
# 创建自定义网络
docker network create --driver bridge --subnet 192.168.0.0/24 --gateway 192.168.0.1  my_net
# 参数解释： 
# --driver bridge 网络模式设置为桥接模式 
# --subnet 192.168.0.0/24 子网划分
# --gateway 192.168.0.1 设置网关
# my_net 设置自定义网络的名字
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker network create --driver bridge --subnet 192.168.0.0/24 --gateway 192.168.0.1 my_net
d3f68c147eccd5cfd1b82de45258cd16b6fea5b7ec964903c770ce5abb3b7448
# 查看当前环境的网卡信息
docker network ls
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
c5440000e49f        bridge              bridge              local
c115f00b8471        host                host                local
d3f68c147ecc        my_net              bridge              local
4fdfe488370c        none                null                local

可以看到，多了一个my_net网卡信息。

step.3 使用自定义网络

# 先查看自定义网络详细信息
docker network inspect my_net
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker network inspect my_net
[
    { 
        "Name": "my_net",
        "Id": "d3f68c147eccd5cfd1b82de45258cd16b6fea5b7ec964903c770ce5abb3b7448",
        "Created": "2020-08-31T18:13:33.323655501+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": { 
            "Driver": "default",
            "Options": { },
            "Config": [
                { 
                    "Subnet": "192.168.0.0/24",
                    "Gateway": "192.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": { 
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": { },
        "Options": { },
        "Labels": { }
    }
]
# 启动两个tomcat容器，并使用--net指定使用my_net网络
docker run -d -P --name tomcat-1 --net my_net tomcat
docker run -d -P --name tomcat-2 --net my_net tomcat
# 测试两个容器的网络联通性
# tomcat-1 ping一下tomcat-2
docker exec -it tomcat-1 ping tomcat-2
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker exec -it tomcat-1 ping tomcat-2
PING tomcat-2 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-2.my_net (192.168.0.3): icmp_seq=1 ttl=64 time=0.061 ms
64 bytes from tomcat-2.my_net (192.168.0.3): icmp_seq=2 ttl=64 time=0.059 ms
# tomcat-2 ping一下tomcat-1
docker exec -it tomcat-2 ping tomcat-1
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker exec -it tomcat-2 ping tomcat-1
PING tomcat-1 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-1.my_net (192.168.0.2): icmp_seq=1 ttl=64 time=0.044 ms
64 bytes from tomcat-1.my_net (192.168.0.2): icmp_seq=2 ttl=64 time=0.064 ms

可以看到tomcat-1容器与tomcat-2容器之间是可以网络互通的

step.4 验证自定义网络是否支持ip变更后，仍能通过容器名通信

# 查看tomcat-2的网络信息
docker exec -it tomcat-2 ip addr
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker exec -it tomcat-2 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
13: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:c0:a8:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.0.3/24 brd 192.168.0.255 scope global eth0
       valid_lft forever preferred_lft forever
# 可以看到tomcat-2容器的ip自动分配的是192.168.0.2
# 查看容器信息
docker ps
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                     NAMES
dbeccb2f7468        tomcat              "catalina.sh run"   20 minutes ago      Up 20 minutes       0.0.0.0:32772->8080/tcp   tomcat-2
38a4932d7692        tomcat              "catalina.sh run"   20 minutes ago      Up 20 minutes       0.0.0.0:32771->8080/tcp   tomcat-1
# 清除tomcat-2容器
docker rm -f dbeccb2f7468
# 查看容器信息
docker ps
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                     NAMES
38a4932d7692        tomcat              "catalina.sh run"   21 minutes ago      Up 21 minutes       0.0.0.0:32771->8080/tcp   tomcat-1
# 启动一个tomcat-3容器
docker run -d -P --name tomcat-3 --net my_net tomcat
# 查看容器信息
docker ps
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                     NAMES
28aabfacad76        tomcat              "catalina.sh run"   11 seconds ago      Up 10 seconds       0.0.0.0:32773->8080/tcp   tomcat-3
38a4932d7692        tomcat              "catalina.sh run"   22 minutes ago      Up 22 minutes       0.0.0.0:32771->8080/tcp   tomcat-1
# 查看tomcat-3容器的网络信息
docker exec -it tomcat-3 ip addr
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker exec -it tomcat-3 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:c0:a8:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.0.3/24 brd 192.168.0.255 scope global eth0
       valid_lft forever preferred_lft forever
# 再重新启动tomcat-2容器
docker run -d -P --name tomcat-2 --net my_net tomcat
# 查看容器信息
docker ps
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                     NAMES
e6538d8bb4a0        tomcat              "catalina.sh run"   3 seconds ago       Up 2 seconds        0.0.0.0:32774->8080/tcp   tomcat-2
28aabfacad76        tomcat              "catalina.sh run"   3 minutes ago       Up 3 minutes        0.0.0.0:32773->8080/tcp   tomcat-3
38a4932d7692        tomcat              "catalina.sh run"   25 minutes ago      Up 25 minutes       0.0.0.0:32771->8080/tcp   tomcat-1
# 查看tomcat-2容器的网络信息
docker exec -it tomcat-2 ip addr
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker exec -it tomcat-2 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
17: eth0@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:c0:a8:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.0.4/24 brd 192.168.0.255 scope global eth0
       valid_lft forever preferred_lft forever
# 可以看到tomcat-2容器的ip已经变成192.168.0.4了
# 此时再用tomcat-1 ping一下tomcat-2
docker exec -it tomcat-1 ping tomcat-2
# 内容如下：
[root@iZ2zefjrz9szlt99tuu23fZ wy]# docker exec -it tomcat-1 ping tomcat-2
PING tomcat-2 (192.168.0.4) 56(84) bytes of data.
64 bytes from tomcat-2.my_net (192.168.0.4): icmp_seq=1 ttl=64 time=0.067 ms
64 bytes from tomcat-2.my_net (192.168.0.4): icmp_seq=2 ttl=64 time=0.060 ms

至此，可以验证，自定义网络是支持ip变化后，仍然可以通过容器名进行网络互通的。

2.自定义网络与–link的区别

区别点	自定义网络	–link
容器间通信方式	容器名、ip	容器名、ip
通信方向	双向	单向
是否支持ip动态变化	支持	不支持
是否具备网络隔离性	具备	不具备