반응형
1. docker 브릿지 연결 확인
alpine 생성 > 브릿지 연결여부 확인 > nginx 생성 > 브릿지 연결여부 확인 >연결이 안되는 서버 생성,확인하기
포트를 지정하여 서버 생성
vagrant@ubuntu2204:~$ docker run -d -it --name alpine2 -p 80:80 alpine /bin/sh
993ea553b04ca380404c66b23e29591a7dbab06dd729dfa1275772d0cb2be414
vagrant@ubuntu2204:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
993ea553b04c alpine "/bin/sh" 17 seconds ago Up 16 seconds 0.0.0.0:80->80/tcp alpine2
alpine 도커 접속 -> ip 확인 : 172.17.0.2
vagrant@ubuntu2204:~$ docker exec -it alpine2 /bin/sh
/ # ps
PID USER TIME COMMAND
1 root 0:00 /bin/sh
7 root 0:00 /bin/sh
13 root 0:00 ps
/ # ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
설치한 서버에 브릿지 생성이 되어있는지 확인
#브릿지util 설치 및 확인
vagrant@ubuntu2204:~$ sudo apt install bridge-utils
vagrant@ubuntu2204:~$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242e3486728 no vetha567dea
#방화벽 확인
vagrant@ubuntu2204:~$ sudo iptables --table nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.2:80
도커가 연결되어있는 것을 확인 할 수 있음
nginx 서버도 하나더 생성하여 연결여부 확인
실행시 port를 지정하게 되면 지정된 port도 확인이 가능함
vagrant@ubuntu2204:~$ docker run -d --name mynginx -p 8000:80 nginx
96f62605706bb59f96576709c720e33cf3547a669e8b31deda384f95f2b52ca7
vagrant@ubuntu2204:~$ sudo iptables --table nat -L -n
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:80
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.2:80
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8000 to:172.17.0.3:80
생성된 서버도 chain DOCKER에 연결되어있는 것을 확인 할 수 있음
단, docker 자신에게 서버를 생성할 경우 생성되지 않음
#도커 ip에 컨테이너 생성
vagrant@ubuntu2204:~$ docker run -d --name mynginx3 -p 192.168.50.10:8000:80 nginx
84fa42dabef49384067c0856c99e487239be307460d574559382c9c8fee0f917
docker: Error response from daemon: driver failed programming external connectiv
proxy: listen tcp4 192.168.50.10:8000: bind: address already in use.
#생성됨, 내용 표출됨
vagrant@ubuntu2204:~$ curl 127.0.0.1:8000
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
#포트가 지정되지 않음(mynginx3)
vagrant@ubuntu2204:~$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
84fa42dabef4 nginx "/docker-entrypoint.…" 9 minutes ago Created mynginx3
96f62605706b nginx "/docker-entrypoint.…" 10 minutes ago Up 10 minutes 0.0.0.0:8000->80/tcp mynginx
993ea553b04c alpine "/bin/sh" 33 minutes ago Up 32 minutes 0.0.0.0:80->80/tcp alpine2
2. docker 네트워크 연결 확인하기
mariadb 생성 > 도커 네트워크 연결 확인 > 사용자정의 브릿지 생성 > 브릿지 연결
<mariadb 컨테이너 생성>
vagrant@ubuntu2204:~$ docker run -d --name apache httpd
9d15b1b77d89ab7a94c8328204a8b5e23db602ca56b87b071b9fe6e6352f4845
vagrant@ubuntu2204:~$ docker run -d --name mariadb --env MARIADB_ROOT_PASSWORD=mypass mariadb
688b4f9211690daab6ae808aab9d60f024298505670e6bae549c3525bca24bc5
#docker 생성 확인
vagrant@ubuntu2204:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
688b4f921169 mariadb "docker-entrypoint.s…" 9 seconds ago Up 9 seconds 3306/tcp mariadb
9d15b1b77d89 httpd "httpd-foreground" 18 seconds ago Up 17 seconds 80/tcp apache
#네트워크 연결 확인
vagrant@ubuntu2204:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
edfae448a19d bridge bridge local
6c49481470a0 host host local
454c6ebb3330 none null local
#브릿지 연결상태 보기
vagrant@ubuntu2204:~$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242e3486728 no veth7ac4b50
vethfa970e5
docker0에 현재 두개의 인터페이스가 연결되어있는 것을 확인 할 수 있습니다.
#브릿지 생성(mybridge)
vagrant@ubuntu2204:~$ docker network create --driver=bridge mybridge
b435a13fe1c8b2356fa078338296db4b8a6072ed48f56970481a234592d9ea21
#네트워크 확인
vagrant@ubuntu2204:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
edfae448a19d bridge bridge local
6c49481470a0 host host local
b435a13fe1c8 mybridge bridge local
454c6ebb3330 none null local
생성된 bridge 확인
# 브릿지 networkid로 ip 확인
vagrant@ubuntu2204:~$ ip addr show br-b435a13fe1c8
17: br-b435a13fe1c8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:23:53:c0:a4 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-b435a13fe1c8
valid_lft forever preferred_lft forever
ip : 172.18.0.1
<생성한 브릿지에 연결된 컨테이너 생성>
#alpine 컨테이너 / mybridge / 생성
vagrant@ubuntu2204:~$ docker run -d --name alpine --network mybridge -it alpine
cacb7cfb40b907150f7b4f7cde5b7ccdbe925756521a8027c76cd64cf9887be4
#접속하여 ip정보 확인
vagrant@ubuntu2204:~$ docker exec -it alpine /bin/sh
/ # ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
18: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.18.0.1 0.0.0.0 UG 0 0 0 eth0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
기존에 있던 apache를 network mybridge로 연결
vagrant@ubuntu2204:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cacb7cfb40b9 alpine "/bin/sh" 35 hours ago Up 35 hours alpine
688b4f921169 mariadb "docker-entrypoint.s…" 35 hours ago Up 35 hours 3306/tcp mariadb
9d15b1b77d89 httpd "httpd-foreground" 35 hours ago Up 35 hours 80/tcp apache
vagrant@ubuntu2204:~$ docker network connect mybridge apache
apache 접속하여 ip 확인
#apache 서버 접속
vagrant@ubuntu2204:~$ docker exec -it apache /bin/bash
#net-tools 설치
root@9d15b1b77d89:/usr/local/apache2# apt update
root@9d15b1b77d89:/usr/local/apache2# apt install net-tools
#ip 확인
root@9d15b1b77d89:/usr/local/apache2# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 555 bytes 9682636 (9.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 369 bytes 22142 (21.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.18.0.3 netmask 255.255.0.0 broadcast 172.18.255.255
ether 02:42:ac:12:00:03 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 6 bytes 522 (522.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 522 (522.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#ping 확인
root@9d15b1b77d89:/usr/local/apache2# ping 172.18.0.3
PING 172.18.0.3 (172.18.0.3) 56(84) bytes of data.
64 bytes from 172.18.0.3: icmp_seq=1 ttl=64 time=0.419 ms
64 bytes from 172.18.0.3: icmp_seq=2 ttl=64 time=0.067 ms
64 bytes from 172.18.0.3: icmp_seq=3 ttl=64 time=0.088 ms
64 bytes from 172.18.0.3: icmp_seq=4 ttl=64 time=0.048 ms
^C
--- 172.18.0.3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3059ms
rtt min/avg/max/mdev = 0.048/0.155/0.419/0.152 ms
root@9d15b1b77d89:/usr/local/apache2# ping 172.18.0.2
PING 172.18.0.2 (172.18.0.2) 56(84) bytes of data.
64 bytes from 172.18.0.2: icmp_seq=1 ttl=64 time=0.466 ms
64 bytes from 172.18.0.2: icmp_seq=2 ttl=64 time=0.082 ms
64 bytes from 172.18.0.2: icmp_seq=3 ttl=64 time=0.180 ms
64 bytes from 172.18.0.2: icmp_seq=4 ttl=64 time=0.106 ms
^C
--- 172.18.0.2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3074ms
rtt min/avg/max/mdev = 0.082/0.208/0.466/0.152 ms
#IP table 확인
root@9d15b1b77d89:/usr/local/apache2# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
root@9d15b1b77d89:/usr/local/apache2# exit
exit
브릿지 연결 상태 보기
#네트워크 mybridge => b435a13fe1c8
vagrant@ubuntu2204:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
edfae448a19d bridge bridge local
6c49481470a0 host host local
b435a13fe1c8 mybridge bridge local
454c6ebb3330 none null local
#네트워크 mybridge => b435a13fe1c8
vagrant@ubuntu2204:~$ brctl show
bridge name bridge id STP enabled interfaces
br-b435a13fe1c8 8000.02422353c0a4 no veth71a3e20
veth8cc2065
docker0 8000.0242e3486728 no veth7ac4b50
vethfa970e5현재 2개 연결되어있음
<네트워크 연결 끊는 방법>
vagrant@ubuntu2204:~$ docker network disconnect mybridge apache
vagrant@ubuntu2204:~$ brctl show
bridge name bridge id STP enabled interfaces
br-b435a13fe1c8 8000.02422353c0a4 no veth71a3e20
docker0 8000.0242e3486728 no veth7ac4b50
vethfa970e
<기존에 있던 host , null 네트워크 삭제>
vagrant@ubuntu2204:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
edfae448a19d bridge bridge local
6c49481470a0 host host local
b435a13fe1c8 mybridge bridge local
454c6ebb3330 none null local
vagrant@ubuntu2204:~$ docker network create --driver host myhost
Error response from daemon: only one instance of "host" network is allowed
#하나만생성 가능해서 더이상 만들수 없음
vagrant@ubuntu2204:~$ docker network rm host
Error response from daemon: host is a pre-defined network and cannot be removed
#미리 정의되어있는 host는 삭제가 되지 않음
<host 네트워크에 서버 생성>
vagrant@ubuntu2204:~$ docker run -d --name alpinex --network host -it alpine
aedc9f6aa9e9d0b43c8879261c732856fd6876b4618b42b11cf590b508b0be3a
vagrant@ubuntu2204:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aedc9f6aa9e9 alpine "/bin/sh" 10 seconds ago Up 9 seconds alpinex
aae5fe848b03 alpine "/bin/sh" 18 minutes ago Up 18 minutes alpine
6b33faee3a31 mariadb "docker-entrypoint.s…" 27 minutes ago Up 27 minutes 3306/tcp mariadb
ecc2e868d67e httpd "httpd-foreground" 30 minutes ago Up 30 minutes 80/tcp apache
#host 네트워크에 서버를 생성
#이럴경우 호스트가 사용하는 네트워크를 공유하는 것임
#그래서 ip, hostname 다 동일함
vagrant@ubuntu2204:~$ docker run -d --name alpinex --network host -it alpine
aedc9f6aa9e9d0b43c8879261c732856fd6876b4618b42b11cf590b508b0be3a
vagrant@ubuntu2204:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aedc9f6aa9e9 alpine "/bin/sh" 10 seconds ago Up 9 seconds alpinex
aae5fe848b03 alpine "/bin/sh" 18 minutes ago Up 18 minutes alpine
6b33faee3a31 mariadb "docker-entrypoint.s…" 27 minutes ago Up 27 minutes 3306/tcp mariadb
ecc2e868d67e httpd "httpd-foreground" 30 minutes ago Up 30 minutes 80/tcp apache
vagrant@ubuntu2204:~$ docker exec -it alpinex /bin/sh
/ # ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
link/ether 08:00:27:8c:69:41 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic eth0
valid_lft 77924sec preferred_lft 77924sec
inet6 fd00::a00:27ff:fe8c:6941/64 scope global dynamic noprefixroute flags 100
valid_lft 86046sec preferred_lft 14046sec
inet6 fe80::a00:27ff:fe8c:6941/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:63:e4:af:89 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
21: vethba7d15f@if20: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 12:d9:a8:0f:ec:31 brd ff:ff:ff:ff:ff:ff
23: veth53c5acd@if22: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 5a:9f:9d:b2:cc:87 brd ff:ff:ff:ff:ff:ff
24: br-ce7f0d0a4168: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:04:ff:e3:cb brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-ce7f0d0a4168
valid_lft forever preferred_lft forever
28: veth11ff8fd@if27: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master br-ce7f0d0a4168 state UP
link/ether 0a:f3:63:4f:ed:1b brd ff:ff:ff:ff:ff:ff
/ # hostname
ubuntu2204.localdomain
네트워크 공유되지 않는 것은 다르게 표출됨
/ # cat /etc/issue
Welcome to Alpine Linux 3.21
Kernel \r on an \m (\l)
/ # exit
<null 네트워크에 컨테이너 생성>
#null 네트워크에 컨테이너 생성
vagrant@ubuntu2204:~$ docker run -d --name alpinez --network none -it alpine
b421548eed3df3242867e2ed435ffbc1446890f77f55f492d9613ae898d215c4
vagrant@ubuntu2204:~$ docker ps
vagrant@ubuntu2204:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
e6a2106d5e9f bridge bridge local
f8334a8e5022 host host local
ce7f0d0a4168 mybridge bridge local
d2585ac98b3b none null local
#인터넷이 되지 않음
vagrant@ubuntu2204:~$ docker exec -it alpinez /bin/sh
/ # ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
/ #
/ # ping 172.18.0.3
PING 172.18.0.3 (172.18.0.3): 56 data bytes
ping: sendto: Network unreachable
<gateway 변경하여 생성>
#브릿지 생성
#ip주소도 생성가능
#게이트웨이도 다른것으로 변경가능
vagrant@ubuntu2204:~$ docker network create --driver bridge --subnet 172.30.0.0/16 --ip-range 172.30.0.0/24 --gateway 172.30.0.254 newbridge
32e648d512605198eea0abb11a4fd6378dc8b535d04af59eebefcf5f5d4a12fe
vagrant@ubuntu2204:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
e6a2106d5e9f bridge bridge local
f8334a8e5022 host host local
ce7f0d0a4168 mybridge bridge local
32e648d51260 newbridge bridge local
d2585ac98b3b none null local
vagrant@ubuntu2204:~$
vagrant@ubuntu2204:~$ docker run -d --name apachex --network newbridge httpd
216bac096ad7f0e1859d728feb1943a2cab5bd8c503337450817f8ff928a5469
vagrant@ubuntu2204:~$ curl 172.30.0.1
<html><body><h1>It works!</h1></body></html>반응형
'요즘공부' 카테고리의 다른 글
| [도커&쿠버네티스] 교육 2일차_인터넷이 차단된 환경에서 도커이미지 다운로드 및 설치 방법 (0) | 2025.03.07 |
|---|---|
| [도커&쿠버네티스] 교육 2일차_도커 이미지 생성(일반,*.tar)/컨테이너 생성 (0) | 2025.03.06 |
| [도커&쿠버네티스] 교육 2일차_ IP설정,docker네트워크 확인 (0) | 2025.02.23 |
| [도커&쿠버네티스] 교육 1일차_ 컨테이너 생성시 삭제되지 않도록 하는 법 (0) | 2025.02.21 |
| [도커&쿠버네티스] 교육 1일차_ centos9,mysql image 설치 (0) | 2025.02.20 |
