Before detailed understanding of docker network and data volume, you can first go to see docker advanced and use. Docker advanced
Docker network mode
Container is the smallest unit managed by Docker, just like different rooms in a house, they are isolated from each other and do not affect each other. The failure of one container does not affect the normal operation of other containers. Docker provides four network modes for communication between containers. Next, four common Docker network modes are introduced.
bridge
Default network driver. If no driver is specified, this is the network type used by the container by default.
veth pairVirtual network devices are connected to the bridge, and containers can communicate directly with each other over the IP of the container.
host
Share the Network namespace of the host. Remove the network isolation between the container and the Docker host, and directly use the network and port of the host, but the file system is still isolated.
none
For this container, disable all networks. Usually used in conjunction with custom network drivers. None does not apply to group services
container
The network namespace of the shared container. Use the IP + port of an existing container.
Custom network and container communication
Docker common network commands
Docker network ls docker network ls Docker network create --help docker network create --help Docker network create test-net [--subnet 100.10.0.0/24 --gateway 100.10.0.1] docker inspect test-net docker network rm test-netCopy the codeTest bridge network
- Create a Docker network
docker network create redis-net
Copy the code- Create a Redis container and use a Redis-net network (add parameters in [], other containers can be accessed by container name)
docker run -d --name redis-test --net redis-net [--network-alias redis] redis
Copy the code- View the IP of the Redis container
Docker inspect Containers redis-net # the IP address of redis-test is 172.21.0.2Copy the code- Create a busyBox container and ping the IP address of redis-test
Docker run --rm it --net redis-net busybox ping 172.21.0.2Copy the code
As you can see, it can be pinged through. The communication between containers is complete. The test is successful. With the Docker inspect command, we can view the details of the network and the container information that is running. If network-alias redis is used, busyBox can be pinged from the container name.
Testing the Container Network
- Run the mysql-test container, meaning that no network can be specified
docker run -d --name redis-test2 redis
Copy the code- Run BusyBox to join the Redis-test2 network
docker run --rm -it --net container:redis-test2 busybox
Copy the code- Check local port 6379
netstat -anp|grep 6379
Copy the code
At this point, 6379 is in listening state, that is, BusyBox and Redis are in the same IP address, as expected, the test is complete.
Docker0 is the default bridge of Docker, container can also communicate with each other directly through Docker0, the specific operation is consistent with bridge network operation, use without specifying -- NET, the default line. Docker also provides a parameter --link, which can write the IP and name mapping of the XX container into the hosts file of the running container to realize the communication of the container name.
Docker data volume
Due to the nature of the container, when the container no longer exists, data is lost and stored in the container rather than the host machine. And when another process needs to use the data, it is difficult to get the data in the container. Based on the above problems, Docker designed two ways to facilitate persistent storage of data and realize data sharing between containers.
Volumes
Volumes is a container data persistence solution designed by Docker, which can be understood as a directory. When volumes are created, they are stored in the /var/lib/docker-volumes directory on the host. When you mount a volume to a container, all files in the directory the container is mounted to will be placed in the volume. If the volume does not exist, it is automatically created when the container is created. When a container is mounted to a directory that had files in it before it was mounted, it will also exist in the volume after it is mounted.
Docker inspect volume name # Create a volume docker volume create test-volume # Delete volumes docker volume rm test-volume docker volume pruneCopy the codeVolume is used to persist data in mysql
docker run -d --name mysql-test -e MYSQL_ROOT_PASSWORD=123456 -v mysql-data:/var/lib/mysql mysql
Copy the codeCheck the volume directory/var/lib/docker/volumes/mysql – data / _data while forming
Here we mainly demonstrate the named volume. The usage of anonymous volume is the same. When -v is mounted, there is no need to write the volume name, docker will automatically randomly create a unique volume name. We can use the Docker Inspect container name to view detailed volume mount points.
Bind mounts
Bind Mounts is another persistence scheme designed by Docker. Unlike volumes, this approach requires specifying a specific path for the container to mount. In addition, the path to which the container is mounted will be cleared if files exist before the container is mounted. If files exist in the directory mounted to the host, they will continue to exist after the mount.
You use Bind mounts to persist data in the mysql database
docker run -d --name mysql-test -e MYSQL_ROOT_PASSWORD=123456 -v /data/mysql:/var/lib/mysql mysql
Copy the codeCheck the mount directory /data/mysql
You can see that files mounted in the bind mounts mode are persisted on the host.
When multiple containers use the same volume, data sharing can be achieved.
Summary: This article describes the core concepts and usage of network and volume in Docker, which are most used in actual development. Through the docker inspect [volume | | network container] can see the details of the corresponding line fault in a timely manner. Dockerfile, Docker-compose, Dockerfile, docker-compose, Dockerfile, docker-compose, Dockerfile, docker-compose, Dockerfile, docker-compose