この記事は約16分50秒で読むことができます。

docker network

独自ネットワーク作成


[oracle@centos7 docker]$ docker network create --subnet=192.168.200.0/24 user_defined_nw
94d83b03fa3f790af5de17af4a6fb396ce8ea9e7153a3720bf663f9629362ffb
[oracle@centos7 docker]$ docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
0e36d0bb7052        bridge              bridge              local
0bdba384a7be        host                host                local
483c017347fc        none                null                local
94d83b03fa3f        user_defined_nw     bridge              local

コンテナを作る


[oracle@centos7 docker]$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
oracle/database     12.2.0.1-ee         bd737fd89ef9        5 days ago          5.97GB
oraclelinux         7-slim              b19454a5f17a        7 weeks ago         117MB
hello-world         latest              4ab4c602aa5e        3 months ago        1.84kB

[oracle@centos7 docker]$ docker run -it --name test1 --net=user_defined_nw -d oraclelinux:7-slim /bin/bash
[oracle@centos7 docker]$ docker run -it --name test2 --net=user_defined_nw -d oraclelinux:7-slim /bin/bash
[oracle@centos7 docker]$ docker run -it --name test3 --net=user_defined_nw -d oraclelinux:7-slim /bin/bash


CONTAINER ID        IMAGE                         COMMAND                  CREATED             STATUS                     PORTS               NAMES
1c10308b5238        oraclelinux:7-slim            "/bin/bash"              28 minutes ago      Up 28 minutes                                  test1
6bc6cd79c469        oraclelinux:7-slim            "/bin/bash"              42 minutes ago      Up 42 minutes                                  test3
2e7fbb790b46        oraclelinux:7-slim            "/bin/bash"              43 minutes ago      Up 43 minutes                                  test2

割り当てられたipの確認


[oracle@centos7 ~]$ docker network inspect $(docker network ls -q) | grep -E "Subnet|Name|IPv4"
        "Name": "bridge",
                    "Subnet": "172.17.0.0/16",
        "Name": "host",
        "Name": "none",
        "Name": "user_defined_nw",
                    "Subnet": "192.168.200.0/24"
                "Name": "test1",
                "IPv4Address": "192.168.200.2/24",
                "Name": "test2",
                "IPv4Address": "192.168.200.3/24",
                "Name": "test3",
                "IPv4Address": "192.168.200.4/24",

デフォルトゲートウェイは192.168.200.1にわりあてられています。


[oracle@centos7 ~]$ docker network inspect user_defined_nw | grep -E "Subnet|Name|IPv4"
        "Name": "user_defined_nw",
                    "Subnet": "192.168.200.0/24"
                "Name": "test1",
                "IPv4Address": "192.168.200.2/24",
                "Name": "test2",
                "IPv4Address": "192.168.200.3/24",
                "Name": "test3",
                "IPv4Address": "192.168.200.4/24",

コマンドいろいろインストール


[oracle@centos7 docker]$ docker exec -it test1 /bin/bash
bash-4.2# yum install -y iputils
bash-4.2# yum -y install net-tools
bash-4.2# yum install -y iproute 
bash-4.2# yum install -y vim
bash-4.2# yum install -y traceroute

bash-4.2# ifconfig
eth0: flags=4163  mtu 1500
        inet 192.168.200.2  netmask 255.255.255.0  broadcast 192.168.200.255
        ether 02:42:c0:a8:c8:02  txqueuelen 0  (Ethernet)
        RX packets 29283  bytes 41677592 (39.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13729  bytes 919089 (897.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 43  bytes 5079 (4.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 43  bytes 5079 (4.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0



bash-4.2# ip route
default via 192.168.200.1 dev eth0 
192.168.200.0/24 dev eth0 proto kernel scope link src 192.168.200.2 


bash-4.2# ping -c 3 test2
PING test2 (192.168.200.3) 56(84) bytes of data.
64 bytes from test2.user_defined_nw (192.168.200.3): icmp_seq=1 ttl=64 time=0.432 ms
64 bytes from test2.user_defined_nw (192.168.200.3): icmp_seq=2 ttl=64 time=0.199 ms
64 bytes from test2.user_defined_nw (192.168.200.3): icmp_seq=3 ttl=64 time=0.204 ms

--- test2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.199/0.278/0.432/0.109 ms
bash-4.2# ping -c 3 test3
PING test3 (192.168.200.4) 56(84) bytes of data.
64 bytes from test3.user_defined_nw (192.168.200.4): icmp_seq=1 ttl=64 time=0.394 ms
64 bytes from test3.user_defined_nw (192.168.200.4): icmp_seq=2 ttl=64 time=0.200 ms
64 bytes from test3.user_defined_nw (192.168.200.4): icmp_seq=3 ttl=64 time=0.189 ms

--- test3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.189/0.261/0.394/0.094 ms


bash-4.2# iptables -t nat -L -n
iptables v1.4.21: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
bash-4.2# pwd                
/etc/sysconfig
bash-4.2# ls
64bit_strstr_via_64bit_strstr_sse2_unaligned  cbq  ip6tables-config  iptables-config  network  rdisc
bash-4.2# vim /etc/sysconfig/iptables-config





変更前


# Unload modules on restart and stop
#   Value: yes|no,  default: yes
# This option has to be 'yes' to get to a sane state for a firewall
# restart or stop. Only set to 'no' if there are problems unloading netfilter
# modules.
IPTABLES_MODULES_UNLOAD="yes"

変更後


# Unload modules on restart and stop
#   Value: yes|no,  default: yes
# This option has to be 'yes' to get to a sane state for a firewall
# restart or stop. Only set to 'no' if there are problems unloading netfilter
# modules.
IPTABLES_MODULES_UNLOAD="no"

bash-4.2# traceroute google.com
traceroute to google.com (172.217.26.110), 30 hops max, 60 byte packets
 1  gateway (192.168.200.1)  0.167 ms  0.085 ms  0.078 ms
 2  192.168.100.1 (192.168.100.1)  3.085 ms  5.109 ms  5.011 ms
 3  * * *
 4  * * *
 5  172.23.38.114 (172.23.38.114)  78.580 ms  78.440 ms  78.241 ms
 6  172.25.114.126 (172.25.114.126)  78.088 ms  33.786 ms  43.899 ms
 7  obpBBAC05.bb.kddi.ne.jp (27.93.199.137)  43.729 ms  56.664 ms  68.491 ms
 8  27.80.241.77 (27.80.241.77)  69.502 ms 27.85.133.125 (27.85.133.125)  69.375 ms 27.85.133.109 (27.85.133.109)  69.165 ms
 9  27.86.41.102 (27.86.41.102)  67.615 ms  67.501 ms  67.182 ms
10  72.14.202.237 (72.14.202.237)  67.110 ms  66.876 ms  59.708 ms
11  * * *
12  kix05s01-in-f110.1e100.net (172.217.26.110)  57.243 ms 108.170.235.44 (108.170.235.44)  59.557 ms 108.170.235.42 (108.170.235.42)  56.599 ms
bash-4.2# 

Leave a Reply

Your email address will not be published. Required fields are marked *