Vue 框架學習(五) 雙向繫結的使用和原理
阿新 • • 發佈:2020-08-15
理解docker0
[root@localhost ~]# ip addr # 本機迴環地址 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:e5:08:5c brd ff:ff:ff:ff:ff:ff inet 192.168.129.128/24 brd 192.168.129.255 scope global noprefixroute dynamic ens33 valid_lft 1357sec preferred_lft 1357sec inet6 fe80::7e5d:39f7:3d7a:13b3/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: bridge0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 02:78:77:86:6c:99 brd ff:ff:ff:ff:ff:ff 4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:5e:88:8b brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:5e:88:8b brd ff:ff:ff:ff:ff:ff # docker0 地址 6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:53:7b:70:02 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever
問題: docker 是如何處理容器網路訪問的?
分別有兩個容器:tomcat容器和mysql容器 tomcat裡的專案如何訪問mysql服務的?
# 測試 # 啟動tomcat 容器 [root@localhost ~]# docker run -d -P --name tomcat01 tomcat # 檢視容器內部網路地址 docker exec -it 容器id/容器名 ip addr [root@localhost ~]# docker exec -it tomcat01 ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever # 發現docker啟動一個容器的時候會得到一個 eth0@if8 ip地址 ,這個地址是docker分配的! # linux ping 一下這個容器ip 發現可以 ping 通 docker 容器內部 [root@localhost ~]# ping 172.17.0.2 PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data. 64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.082 ms 64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.042 ms 64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.041 ms
原理
- 我們只要安裝了docker,就會有一個網絡卡docker0;每啟動一個docker容器, docker就會給docker容器分配一個ip
# 再次測試 ip addr [root@localhost ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:e5:08:5c brd ff:ff:ff:ff:ff:ff inet 192.168.129.128/24 brd 192.168.129.255 scope global noprefixroute dynamic ens33 valid_lft 1355sec preferred_lft 1355sec inet6 fe80::7e5d:39f7:3d7a:13b3/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: bridge0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 02:78:77:86:6c:99 brd ff:ff:ff:ff:ff:ff 4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:5e:88:8b brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:5e:88:8b brd ff:ff:ff:ff:ff:ff 6: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:53:7b:70:02 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:53ff:fe7b:7002/64 scope link valid_lft forever preferred_lft forever 8: veth8ee6b7e@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether e6:9b:b2:a0:27:ae brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::e49b:b2ff:fea0:27ae/64 scope link valid_lft forever preferred_lft forever # 發現 多出來一個 ip--》8: veth8ee6b7e@if7 ,這個ip 與 docker給tomcat容器分配的ip--》7: eth0@if8 及其相似 # 我們再次啟動一個容器 [root@localhost ~]# docker run -d -P --name tomcat02 tomcat 7ffaff397ae1ad5ea86265b28796eadacc8814dae08de0c297b844df32dafb0f # 檢視 tomcat02 容器ip [root@localhost ~]# docker exec -it tomcat02 ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 9: eth0@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0 valid_lft forever preferred_lft forever # 再次檢視 linux 中 ip [root@localhost ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:e5:08:5c brd ff:ff:ff:ff:ff:ff inet 192.168.129.128/24 brd 192.168.129.255 scope global noprefixroute dynamic ens33 valid_lft 1732sec preferred_lft 1732sec inet6 fe80::7e5d:39f7:3d7a:13b3/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: bridge0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 02:78:77:86:6c:99 brd ff:ff:ff:ff:ff:ff 4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:5e:88:8b brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:5e:88:8b brd ff:ff:ff:ff:ff:ff 6: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:53:7b:70:02 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:53ff:fe7b:7002/64 scope link valid_lft forever preferred_lft forever 8: veth8ee6b7e@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether e6:9b:b2:a0:27:ae brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::e49b:b2ff:fea0:27ae/64 scope link valid_lft forever preferred_lft forever 10: veth913a4fc@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 7a:6d:fa:f4:5a:31 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::786d:faff:fef4:5a31/64 scope link valid_lft forever preferred_lft forever # 再次測試 發現又多了一對網絡卡!
我們發現這個容器帶來的網絡卡都是一對一對的
evth-pair 就是 一對的虛擬裝置介面,他們都是成對出現的, 一段連著協議,一段彼此相連
正因為有這個特性,evth-pair 充當一個橋樑 連線各種虛擬網路裝置的
OpenStac Docker 容器直接的連線 , ovs的連線 都是用的 evth-pair 技術
測試下tomcat02 和 comcat01 是否可以ping通!
[root@localhost ~]# docker exec -it tomcat02 ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.193 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.156 ms
# 結論: 容器直接是可以互相ping通的
# docker 中所以的網路介面都是虛擬的 虛擬的轉發效率高!
# 容器一旦停止 對應的網橋就沒有了
--link
思考一個場景:我們編寫了一個微服務,在專案不重啟的情況下 ip換掉了,我們怎麼處理這個問題!可以通過名字訪問服務--->實現高可用
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7ffaff397ae1 tomcat "catalina.sh run" About an hour ago Up About an hour 0.0.0.0:32769->8080/tcp tomcat02
17465fe4ff5f tomcat "catalina.sh run" About an hour ago Up 9 seconds 0.0.0.0:32770->8080/tcp tomcat01
# tomcat02 ping tomcat01 發現 ping 不通
[root@localhost ~]# docker exec -it tomcat02 ping tomcat01
ping: tomcat01: Temporary failure in name resolution
# 如何解決?
# 再次啟動一個tomcat03 使用--link 指定tomcat02
[root@localhost ~]# docker run -d -P --name tomcat03 --link tomcat02 tomcat
b8302b88ece2db2d116ef48f066495dfac2249e024f82e5262551dc75beadafd
# 發現 tomcat03 可以 ping 通 tomcat02
[root@localhost ~]# docker exec -it tomcat03 ping tomcat02
PING tomcat02 (172.17.0.3) 56(84) bytes of data.
64 bytes from tomcat02 (172.17.0.3): icmp_seq=1 ttl=64 time=0.140 ms
64 bytes from tomcat02 (172.17.0.3): icmp_seq=2 ttl=64 time=0.156 ms
64 bytes from tomcat02 (172.17.0.3): icmp_seq=3 ttl=64 time=0.061 ms
# 但是 tomcat02 不可以 ping 通 tomcat03
[root@localhost ~]# docker exec -it tomcat02 ping tomcat03
ping: tomcat03: Temporary failure in name resolution
################################ 探究 ##############################################
# 檢視tomcat03的 /etc/hosts 檔案, 發現了 tomcat02 的對映
[root@localhost ~]# docker exec -it tomcat03 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 tomcat02 7ffaff397ae1
172.17.0.4 b8302b88ece2
# tomcat02 的 /etc/hosts 檔案中 沒有tomcat03的對映
[root@localhost ~]# docker exec -it tomcat02 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 7ffaff397ae1
現在使用docker 不推薦使用--link的方式了
使用自定義網路,不使用docker0!
docker0問題:它不支援容器名連線
自定義網路
[root@localhost ~]# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
# 檢視docker網路
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
4dfeab10f9bd bridge bridge local
3544ab1c8265 host host local
ba0aafb19089 none null local
網路模式
bridge: 橋接 docker(預設)
none: 不配置網路
host: 和宿主機共享網路
container: 容器網路連通(用的少!侷限性很大)
測試
# 我們直接啟動的命令 docker run -d -P --name tomcat01 tomcat 預設加了--net bridge,而這個--net bridge就是我們的docker0
docker run -d -P --name tomcat01 tomcat
docker run -d -P --name tomcat01 --net bridge tomcat
# docker0 特點:是預設的;域名不能訪問的 --link可以打通連線
# 我們自定義一個網路
--driver bridge 橋接
--subnet 192.168.0.0/16 子網地址
--gateway 192.168.0.1 閘道器
[root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
b82de0e455b464239dd2cd70c0c409aee43cc3b6c5015b00d77e9ab2c4ce708e
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
4dfeab10f9bd bridge bridge local
3544ab1c8265 host host local
b82de0e455b4 mynet bridge local
ba0aafb19089 none null local
# 檢視我們的自定義網路資訊
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "b82de0e455b464239dd2cd70c0c409aee43cc3b6c5015b00d77e9ab2c4ce708e",
"Created": "2020-08-16T13:54:31.417280908+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
# 啟動tomcat容器 走我們自定義的網路
[root@localhost ~]# docker run -d -P --name tomcat-net-01 --net mynet tomcat
b98cc4bf86e029feb61fbc1f73bb48760635d26238c79a50bb817a65689742a6
[root@localhost ~]# docker run -d -P --name tomcat-net-02 --net mynet tomcat
8536a22077f7f4676ff63ff7f6b60dbe86eac1fd51051725612a448de3886b84
[root@localhost ~]# docker exec -it tomcat-net-01 ping tomcat-net-02
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.064 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.161 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.055 ms
# 發現 tomcat-net-01 和 tomcat-net-02 容器 網路是互通的
# 再次檢視 我們的自定義網路 mynet, 發現 Containers 裡已經有了兩個容器
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "b82de0e455b464239dd2cd70c0c409aee43cc3b6c5015b00d77e9ab2c4ce708e",
"Created": "2020-08-16T13:54:31.417280908+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"8536a22077f7f4676ff63ff7f6b60dbe86eac1fd51051725612a448de3886b84": {
"Name": "tomcat-net-02",
"EndpointID": "59b045316d51b615e31c6ef2473c4cbd85da8da4a42619b25a14ddb431d20fd7",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"b98cc4bf86e029feb61fbc1f73bb48760635d26238c79a50bb817a65689742a6": {
"Name": "tomcat-net-01",
"EndpointID": "1778ebe20410bcedc65414b8b991624fe835843e378b2e19ada8a2394ba5eb47",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
我們自定義的網路docker已經幫我們維護好了對應關係,推薦我們平時自定義網路使用!
好處:
1. redis--->不同的叢集使用不同的網路,保證叢集是安全和健康的
網路連通
我們自定義的網路,各個網路直接是不通的
tomcat映象啟動使用的是net01網路,mysql映象使用的是net02網路,這兩個容器直接的網路是不通的,如何打通呢?
# 檢視network的幫助命令
[root@localhost ~]# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network # 連線一個容器到一個網路
create Create a network # 建立一個網路
disconnect Disconnect a container from a network # 斷開一個容器到一個網路
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
# 檢視network connect的幫助命令
[root@localhost ~]# docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
# 測試
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5a5a058908c tomcat "catalina.sh run" 3 seconds ago Up 2 seconds 0.0.0.0:32775->8080/tcp tomcat-03
72ffc620842e tomcat "catalina.sh run" 7 seconds ago Up 6 seconds 0.0.0.0:32774->8080/tcp tomcat-01
8536a22077f7 tomcat "catalina.sh run" 52 minutes ago Up 52 minutes 0.0.0.0:32773->8080/tcp tomcat-net-02
b98cc4bf86e0 tomcat "catalina.sh run" 52 minutes ago Up 52 minutes 0.0.0.0:32772->8080/tcp tomcat-net-01
# 打通tomcat-01 ---- mynet
[root@localhost ~]# docker network connect mynet tomcat-01
# 打通後 使用tomcat-01 ping mynet 下的 tomcat-net-01,發現可以ping通
[root@localhost ~]# docker exec -it tomcat-01 ping tomcat-net-01
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.165 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.053 ms
# 檢視 mynet 網路資訊 容器內多了 tomcat-01
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "b82de0e455b464239dd2cd70c0c409aee43cc3b6c5015b00d77e9ab2c4ce708e",
"Created": "2020-08-16T13:54:31.417280908+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"72ffc620842e842ef2f59161f9c66a2c4c27c49a5cf5bbe20634eb34e2dff651": {
"Name": "tomcat-01",
"EndpointID": "d2f3c68a0b2b75d5a7b36fc738450f9069cc27b602a3dcdb648618f87b645762",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
},
"8536a22077f7f4676ff63ff7f6b60dbe86eac1fd51051725612a448de3886b84": {
"Name": "tomcat-net-02",
"EndpointID": "59b045316d51b615e31c6ef2473c4cbd85da8da4a42619b25a14ddb431d20fd7",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"b98cc4bf86e029feb61fbc1f73bb48760635d26238c79a50bb817a65689742a6": {
"Name": "tomcat-net-01",
"EndpointID": "1778ebe20410bcedc65414b8b991624fe835843e378b2e19ada8a2394ba5eb47",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
結論:假設要跨網路操作別人,就需要使用docker network connect 連通!