二.容器的重启策略
1.容器重启策略概述
所谓的容器重启策略,指的是容器在退出时是否进行重启以及重启docker服务时是否会默认启动容器。
容器的重启策略如上表所示四种。生产环境中Always和unless-stopped使用较多。2.重启策略验证
1.启动测试环境
[root@elk91 ~]#docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@elk91 ~]#docker image load < alpine-v3.20.2.tar.gz
78561cef0761: Loading layer [==================================================>] 8.082MB/8.082MB
Loaded image: alpine:3.20.2
[root@elk91 ~]#docker image ls alpine
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine 3.20.2 324bc02ae123 20 months ago 7.8MB
[root@elk91 ~]#docker container run -id --name c1-no --restart no alpine
Unable to find image 'alpine:latest' locally
^C
[root@elk91 ~]#docker container run -id --name c1-no --restart no alpine:3.20.2
64f84863fd4015c787fe4d1fe7adfdc02627253834425917704eb1acadf558a6
[root@elk91 ~]#docker container run -id --name c2-always --restart always alpine:3.20.2
402f6da6eb76160163cdd5c2029acb9bdd7018d4921b622e7b8f8b5102a692e7
[root@elk91 ~]#docker container run -id --name c3-unless-stopped --restart unless-stopped alpine:3.20.2
f04c971a16e7df2a81c1a84c4236d67ac198160cf9940a96441734e25050bfbd
[root@elk91 ~]#docker container run -id --name c4-on-failure --restart on-failure alpine:3.20.2
9621457de4792007f2423eae67fac604bfb1def8aaf040d89a14ef6067ad386c
[root@elk91 ~]#docker container run -id --name c5-on-failure-max --restart on-failure:3 alpine:3.20.2
aa45eeaced13b151fd45fdfc2e9a1205ca5ffb47ac1a858a34cdfd75360560ce
[root@elk91 ~]#docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa45eeaced13 alpine:3.20.2 "/bin/sh" 24 seconds ago Up 24 seconds c5-on-failure-max
9621457de479 alpine:3.20.2 "/bin/sh" About a minute ago Up About a minute c4-on-failure
f04c971a16e7 alpine:3.20.2 "/bin/sh" 2 minutes ago Up 2 minutes c3-unless-stopped
402f6da6eb76 alpine:3.20.2 "/bin/sh" 2 minutes ago Up 2 minutes c2-always
64f84863fd40 alpine:3.20.2 "/bin/sh" 6 minutes ago Up 6 minutes c1-no
2.重启docker服务测试验证
[root@elk91 ~]#systemctl restart docker.service
[root@elk91 ~]#docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa45eeaced13 alpine:3.20.2 "/bin/sh" 2 minutes ago Up 3 seconds c5-on-failure-max
9621457de479 alpine:3.20.2 "/bin/sh" 3 minutes ago Up 3 seconds c4-on-failure
f04c971a16e7 alpine:3.20.2 "/bin/sh" 4 minutes ago Up 3 seconds c3-unless-stopped
402f6da6eb76 alpine:3.20.2 "/bin/sh" 5 minutes ago Up 3 seconds c2-always
64f84863fd40 alpine:3.20.2 "/bin/sh" 8 minutes ago Exited (255) 4 seconds ago c1-no
3.退出所有的容器并重启docker服务
[root@elk91 ~]#docker ps -aq
aa45eeaced13
9621457de479
f04c971a16e7
402f6da6eb76
64f84863fd40
[root@elk91 ~]#docker stop -t 0 `docker ps -aq`
aa45eeaced13
9621457de479
f04c971a16e7
402f6da6eb76
64f84863fd40
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa45eeaced13 alpine:3.20.2 "/bin/sh" 5 minutes ago Exited (137) 8 seconds ago c5-on-failure-max
9621457de479 alpine:3.20.2 "/bin/sh" 6 minutes ago Exited (137) 8 seconds ago c4-on-failure
f04c971a16e7 alpine:3.20.2 "/bin/sh" 7 minutes ago Exited (137) 8 seconds ago c3-unless-stopped
402f6da6eb76 alpine:3.20.2 "/bin/sh" 7 minutes ago Exited (137) 8 seconds ago c2-always
64f84863fd40 alpine:3.20.2 "/bin/sh" 11 minutes ago Exited (255) 2 minutes ago c1-no
[root@elk91 ~]#systemctl restart docker.service
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa45eeaced13 alpine:3.20.2 "/bin/sh" 7 minutes ago Up 57 seconds c5-on-failure-max
9621457de479 alpine:3.20.2 "/bin/sh" 8 minutes ago Up 57 seconds c4-on-failure
f04c971a16e7 alpine:3.20.2 "/bin/sh" 9 minutes ago Exited (137) 2 minutes ago c3-unless-stopped
402f6da6eb76 alpine:3.20.2 "/bin/sh" 9 minutes ago Up 57 seconds c2-always
64f84863fd40 alpine:3.20.2 "/bin/sh" 13 minutes ago Exited (255) 4 minutes ago c1-no
4.模拟异常退出
[root@elk91 ~]#docker ps -aq
aa45eeaced13
9621457de479
f04c971a16e7
402f6da6eb76
64f84863fd40
[root@elk91 ~]#docker container stop `docker ps -aq`
aa45eeaced13
9621457de479
f04c971a16e7
402f6da6eb76
64f84863fd40
[root@elk91 ~]#docker container start `docker ps -aq`
aa45eeaced13
9621457de479
f04c971a16e7
402f6da6eb76
64f84863fd40
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa45eeaced13 alpine:3.20.2 "/bin/sh" 11 minutes ago Up 10 seconds c5-on-failure-max
9621457de479 alpine:3.20.2 "/bin/sh" 12 minutes ago Up 10 seconds c4-on-failure
f04c971a16e7 alpine:3.20.2 "/bin/sh" 13 minutes ago Up 10 seconds c3-unless-stopped
402f6da6eb76 alpine:3.20.2 "/bin/sh" 13 minutes ago Up 9 seconds c2-always
64f84863fd40 alpine:3.20.2 "/bin/sh" 17 minutes ago Up 9 seconds c1-no
[root@elk91 ~]#docker container inspect -f {{.State.Pid}} `docker ps -aq` | xargs kill -9
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa45eeaced13 alpine:3.20.2 "/bin/sh" 16 minutes ago Up 5 seconds c5-on-failure-max
9621457de479 alpine:3.20.2 "/bin/sh" 18 minutes ago Up 5 seconds c4-on-failure
f04c971a16e7 alpine:3.20.2 "/bin/sh" 18 minutes ago Up 5 seconds c3-unless-stopped
402f6da6eb76 alpine:3.20.2 "/bin/sh" 19 minutes ago Up 5 seconds c2-always
64f84863fd40 alpine:3.20.2 "/bin/sh" 22 minutes ago Exited (137) 6 seconds ago
5.验证正常退出
5.1 移除容器
[root@elk91 ~]#docker container rm -f `docker ps -qa`
aa45eeaced13
9621457de479
f04c971a16e7
402f6da6eb76
64f84863fd40
5.2 启动时指定容器的启动命令
docker container run -itd --name c1-no --restart no alpine:3.20.2 sleep 10
docker container run -itd --name c2-always --restart always alpine:3.20.2 sleep 10
docker container run -itd --name c3-unless-stopped --restart unless-stopped alpine:3.20.2 sleep 10
docker container run -itd --name c4-on-failure --restart on-failure alpine:3.20.2 sleep 10
docker container run -itd --name c5-on-failure-max --restart on-failure:3 alpine:3.20.2 sleep 10
5.3测试验证
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
64cfef3d127b alpine:3.20.2 "sleep 10" 7 seconds ago Up 7 seconds c5-on-failure-max
733e64fa746a alpine:3.20.2 "sleep 10" 10 seconds ago Up 9 seconds c4-on-failure
fb6064b1cbd6 alpine:3.20.2 "sleep 10" 10 seconds ago Up 9 seconds c3-unless-stopped
f719e2f1e42c alpine:3.20.2 "sleep 10" 10 seconds ago Up 9 seconds c2-always
e3efa86b8513 alpine:3.20.2 "sleep 10" 10 seconds ago Up 10 seconds c1-no
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
64cfef3d127b alpine:3.20.2 "sleep 10" 29 seconds ago Exited (0) 19 seconds ago c5-on-failure-max
733e64fa746a alpine:3.20.2 "sleep 10" 32 seconds ago Exited (0) 21 seconds ago c4-on-failure
fb6064b1cbd6 alpine:3.20.2 "sleep 10" 32 seconds ago Up Less than a second c3-unless-stopped
f719e2f1e42c alpine:3.20.2 "sleep 10" 32 seconds ago Up 1 second c2-always
e3efa86b8513 alpine:3.20.2 "sleep 10" 32 seconds ago Exited (0) 22 seconds ago 三.容器的四种状态
1.容器的状态概述
容器有四种状态,如上表所示。只有Up状态的容器才能对外提供服务。
2.实战案例
1.创建容器
[root@elk91 ~]#docker container rm -f `docker ps -qa`
64cfef3d127b
733e64fa746a
fb6064b1cbd6
f719e2f1e42c
e3efa86b8513
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@elk91 ~]#docker container create -it --name c1 --restart always alpine:3.20.2
497218e1e674920e7db39c18208a8c6f17eadc4a8f86578aa27ec3d1ccd8eb19
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 6 seconds ago Created c1
2.启动容器让其变为Up状态
[root@elk91 ~]#docker start c1
c1
[root@elk91 ~]#docker container ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 2 minutes ago Up 16 seconds c1
3.暂停或恢复容器
[root@elk91 ~]#docker container pause c1
c1
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 3 minutes ago Up About a minute (Paused)
[root@elk91 ~]#docker container exec -it c1 bash
Error response from daemon: Container c1 is paused, unpause the container before exec
[root@elk91 ~]#docker container unpause c1
c1
[root@elk91 ~]#docker container ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 5 minutes ago Up 3 minutes c1
[root@elk91 ~]#docker container exec -it c1 sh
/ # cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 497218e1e674
/ #
[root@elk91 ~]#docker container restart c1
c1
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 7 minutes ago Up 6 seconds c1
4.停止容器
[root@elk91 ~]#docker container ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 8 minutes ago Up About a minute c1
[root@elk91 ~]#docker container stop -t 0 c1
c1
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
497218e1e674 alpine:3.20.2 "/bin/sh" 9 minutes ago Exited (137) 9 seconds ago
四.存储卷实战
1.存储卷的概述
所谓的存储卷就是为了让容器的数据进行持久化,说白了就是让容器的数据不丢失
docker关于存储卷可以指定一个宿主机的路径,也可以使用存储卷进行管理。2.将宿主机的指定路径挂载在到容器实现数据持久化
1.导入测试镜像
[root@elk91 ~]#docker image load -i oldboyedu-nginx-1.27.4-alpine.tar.gz
08000c18d16d: Loading layer [==================================================>] 8.121MB/8.121MB
c1761f3c364a: Loading layer [==================================================>] 4.504MB/4.504MB
8f3c313eb124: Loading layer [==================================================>] 3.584kB/3.584kB
c9ce8cb4e76a: Loading layer [==================================================>] 4.608kB/4.608kB
252b6db79fae: Loading layer [==================================================>] 2.56kB/2.56kB
f1f70b13aacc: Loading layer [==================================================>] 5.12kB/5.12kB
9af9e76ea07f: Loading layer [==================================================>] 7.168kB/7.168kB
c18897d5e3dd: Loading layer [==================================================>] 36.65MB/36.65MB
Loaded image: nginx:1.27.4-alpine
2.运行容器将宿主机的指定路径挂在到容器
[root@elk91 ~]#ll /oldboyedu/data
ls: cannot access '/oldboyedu/data': No such file or directory
[root@elk91 ~]#docker container run -d --name web -p 81:80 --restart always -v /oldboyedu/data:/usr/share/nginx/html/ nginx:1.27.4-alpine
fd641471422553d0c7b999b51120f3ffe4d94c5865975d3fb76418b4ab0607af
[root@elk91 ~]#ll /oldboyedu/data/
total 8
drwxr-xr-x 2 root root 4096 Apr 9 16:28 ./
drwxr-xr-x 4 root root 4096 Apr 9 16:28 ../
3.测试验证本地和容器是否共享数据
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fd6414714225 nginx:1.27.4-alpine "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:81->80/tcp, :::81->80/tcp web
[root@elk91 ~]#ll /oldboyedu/data/
total 8
drwxr-xr-x 2 root root 4096 Apr 9 16:28 ./
drwxr-xr-x 4 root root 4096 Apr 9 16:28 ../
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fd6414714225 nginx:1.27.4-alpine "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:81->80/tcp, :::81->80/tcp web
[root@elk91 ~]#docker container exec -it web sh
/ # ls -l /usr/share/nginx/html/
total 0
/ # echo www.oldboyedu.com > /usr/share/nginx/html/index.html
/ # ls -l /usr/share/nginx/html/
total 4
-rw-r--r-- 1 root root 18 Apr 9 08:31 index.html
/ # exit
[root@elk91 ~]#cat /oldboyedu/data/index.html
www.oldboyedu.com
[root@elk91 ~]#echo linux102 >/oldboyedu/data/index.html
[root@elk91 ~]#cat /oldboyedu/data/index.html
linux102
[root@elk91 ~]#docker exec -it web sh
/ # cat /usr/share/nginx/html/index.html
linux102
/ # exit
4.删除容器验证宿主机数据是否丢失
[root@elk91 ~]#docker container rm -f web
web
[root@elk91 ~]#cat /oldboyedu/data/index.html
linux102
5.重新创建新的容器也可以指定之前的存储卷
[root@elk91 ~]#docker run -d --name web02 -p 81:80 --restart always -v /oldboyedu/data:/usr/share/nginx/html/ nginx:1.27.4-alpine
052a77d09635713710b15c31e13180aa990c85cc6b2290eaaf8980eede1e1c7b
[root@elk91 ~]#docker container exec -it web02 sh
/ # cat /usr/share/nginx/html/index.html
linux102
6.创建新的容器和已经存在的容器使用相同的存储卷
[root@elk91 ~]#docker container run -d --name web01 -p 82:80 --restart always --volumes-from web02 nginx:1.27.4-alpine
b09ae3ca3ee7202a1056a4b753c713c85bd877a2ee42d138bcc4bdae935c363d
[root@elk91 ~]#docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b09ae3ca3ee7 nginx:1.27.4-alpine "/docker-entrypoint.…" 15 seconds ago Up 14 seconds 0.0.0.0:82->80/tcp, :::82->80/tcp web01
052a77d09635 nginx:1.27.4-alpine "/docker-entrypoint.…" 10 minutes ago Up 10 minutes 0.0.0.0:81->80/tcp, :::81->80/tcp web02
[root@elk91 ~]#curl 10.0.0.91:81
linux102
[root@elk91 ~]#curl 10.0.0.91:82
linux102
[root@elk91 ~]#docker exec web02 cat /usr/share/nginx/html/index.html
linux102
[root@elk91 ~]#docker exec web01 cat /usr/share/nginx/html/index.html
linux1023.容器使用存储卷案例
1.查看存储卷
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local 2fabec594669ea7efed83c651f56b055af68c215547269cd7beb46dfd68fbe4d
local 5c88535708428bf8a12dcd5ea360fba797f7b3258140ffc822af3b05ef6c00ca
local 99bab3a48faaca9be003b825a4fb76f94bb6732a64ffc25676f0e01d47e510df
local 94071a1d78742ad97eb6229b8dfb6e2a27493b26ef33ffdeb090d0807a4c5597
2.删除未使用的存储卷释放空间
[root@elk91 ~]#docker volume prune -f
Deleted Volumes:
2fabec594669ea7efed83c651f56b055af68c215547269cd7beb46dfd68fbe4d
5c88535708428bf8a12dcd5ea360fba797f7b3258140ffc822af3b05ef6c00ca
94071a1d78742ad97eb6229b8dfb6e2a27493b26ef33ffdeb090d0807a4c5597
99bab3a48faaca9be003b825a4fb76f94bb6732a64ffc25676f0e01d47e510df
Total reclaimed space: 481.6MB
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
3.创建存储卷
[root@elk91 ~]#docker volume create
1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local 1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470
自定义创建
[root@elk91 ~]#docker volume create oldboyedu
oldboyedu
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local 1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470
local oldboyedu
4.查看存储卷的详细信息
[root@elk91 ~]#docker volume inspect oldboyedu
[
{
"CreatedAt": "2026-04-09T16:56:27+08:00",
"Driver": "local",
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/oldboyedu/_data",
"Name": "oldboyedu",
"Options": {},
"Scope": "local"
}
]
[root@elk91 ~]#docker volume inspect 1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470
[
{
"CreatedAt": "2026-04-09T16:55:29+08:00",
"Driver": "local",
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470/_data",
"Name": "1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470",
"Options": {},
"Scope": "local"
}
]
[root@elk91 ~]#ll /var/lib/docker/volumes/1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470/_data
total 8
drwxr-xr-x 2 root root 4096 Apr 9 16:55 ./
drwx-----x 3 root root 4096 Apr 9 16:55 ../
[root@elk91 ~]#ll /var/lib/docker/volumes/
total 40
drwx-----x 4 root root 4096 Apr 9 16:56 ./
drwx--x--- 14 root root 4096 Apr 9 15:38 ../
drwx-----x 3 root root 4096 Apr 9 16:55 1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470/
brw------- 1 root root 253, 0 Apr 9 15:38 backingFsBlockDev
-rw------- 1 root root 32768 Apr 9 16:56 metadata.db
drwx-----x 3 root root 4096 Apr 9 16:56 oldboyedu/
5.删除指定的存储卷
[root@elk91 ~]#docker volume rm 1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470
1e63bd0a9f413748f44288a28e5e563f7d9323d1b04f3319e6ae8edd47684470
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local oldboyedu
[root@elk91 ~]#docker volume prune -f
Deleted Volumes:
oldboyedu
Total reclaimed space: 0B
6.容器使用存储卷案例
[root@elk91 ~]#docker run -itd --name web03 --restart always -v linux100:/usr/share/nginx/html nginx:1.27.4-alpine
902bf14a4640445de5afd38530f7fd4ad0414802c1f8ee59d508f85d4f2d262f
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
902bf14a4640 nginx:1.27.4-alpine "/docker-entrypoint.…" 5 seconds ago Up 4 seconds 80/tcp web03
b09ae3ca3ee7 nginx:1.27.4-alpine "/docker-entrypoint.…" 51 minutes ago Up 51 minutes 0.0.0.0:82->80/tcp, :::82->80/tcp web01
052a77d09635 nginx:1.27.4-alpine "/docker-entrypoint.…" About an hour ago Up About an hour 0.0.0.0:81->80/tcp, :::81->80/tcp web02
[root@elk91 ~]#docker run -itd --name web04 -p 83:80 --restart always -v /usr/share/nginx/html nginx:1.27.4-alpine
2938ebc0d0056831d8a756cf12ad8e42dabc79a3f28041fe04f9b0021003f5ce
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2938ebc0d005 nginx:1.27.4-alpine "/docker-entrypoint.…" 9 seconds ago Up 9 seconds 0.0.0.0:83->80/tcp, :::83->80/tcp web04
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9
local linux100
[root@elk91 ~]#docker volume inspect f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9
[
{
"CreatedAt": "2026-04-09T17:41:22+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9/_data",
"Name": "f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9",
"Options": null,
"Scope": "local"
}
]
[root@elk91 ~]#echo www.oldboyedu.com >/var/lib/docker/volumes/f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9/_data/index.html
[root@elk91 ~]#docker container exec web04 cat /usr/share/nginx/html/index.html
www.oldboyedu.com
[root@elk91 ~]#curl 10.0.0.91:83
www.oldboyedu.com
六.docker的单机网络管理
1.端口映射底层原理
1.1 架构图解
在使用时可以使用-p进行端口转发
[root@elk91 ~]#docker run -itd --name c11 -p 10.0.0.91:9153:53/udp alpine:3.20.2
859cb5a49ab46d7f7ee4ed65e4d9e0552a4c2b36393ee49d69fc664b3f21d666
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
859cb5a49ab4 alpine:3.20.2 "/bin/sh" 7 seconds ago Up 7 seconds 10.0.0.91:9153->53/udp c11
[root@elk91 ~]#docker run -itd --name c22 -p 10.0.0.91:9153:53/udp alpine:3.20.2
7dcc2ffa0c8f73e5a0bb7ec75e4e1e97cd08bf1c91ac3f04cb8b637ff5ca792e
[root@elk91 ~]#docker run -itd --name c22 -p 10.0.0.91::53/udp alpine:3.20.2
a5f6fe136016e02d893a5af25dd4907d20a8d23f175c6a59b60b465ae3f3ccd1
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a5f6fe136016 alpine:3.20.2 "/bin/sh" 7 seconds ago Up 6 seconds 10.0.0.91:32768->53/udp c22
859cb5a49ab4 alpine:3.20.2 "/bin/sh" About a minute ago Up About a minute 10.0.0.91:9153->53/udp c11
[root@elk91 ~]#docker run -itd --name c33 -p ::53/udp alpine:3.20.2
85e89ab347d7aaec5cb72202c5ad8bb984f79842b243bf3fd439d72bb7f4bee5
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
85e89ab347d7 alpine:3.20.2 "/bin/sh" 2 seconds ago Up 1 second 0.0.0.0:32769->53/udp, :::32768->53/udp c33
a5f6fe136016 alpine:3.20.2 "/bin/sh" 47 seconds ago Up 46 seconds 10.0.0.91:32768->53/udp c22
859cb5a49ab4 alpine:3.20.2 "/bin/sh" 2 minutes ago Up 2 minutes 10.0.0.91:9153->53/udp c11
[root@elk91 ~]#docker run -itd --name c44 -p 19200:9200 alpine:3.20.2
e0f5bb3774425b87b5a54c30b58e4c50a6c439ffb3b6c877c2e2dc32bc129292
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e0f5bb377442 alpine:3.20.2 "/bin/sh" 2 seconds ago Up 1 second 0.0.0.0:19200->9200/tcp, :::19200->9200/tcp c44
85e89ab347d7 alpine:3.20.2 "/bin/sh" About a minute ago Up About a minute 0.0.0.0:32769->53/udp, :::32768->53/udp c33
a5f6fe136016 alpine:3.20.2 "/bin/sh" 2 minutes ago Up 2 minutes 10.0.0.91:32768->53/udp c22
859cb5a49ab4 alpine:3.20.2 "/bin/sh" 3 minutes ago Up 3 minutes 10.0.0.91:9153->53/udp c111.2案例实战
1.创建测试容器
[root@elk91 ~]#docker run -itd --name haha -p 90:80 alpine:3.20.2
0704961d264d2eafc9e36e944703fa9f7e98e285a180d1048b6d27e06e9a8c38
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0704961d264d alpine:3.20.2 "/bin/sh" 10 seconds ago Up 9 seconds 0.0.0.0:90->80/tcp, :::90->80/tcp haha
2.查看容器的网卡信息及路由表
[root@elk91 ~]#docker exec -it haha sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
444: eth0@if445: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
/ #
3.查看宿主机的ip地址以及网卡信息
[root@elk91 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:b7:95:c6 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 10.0.0.91/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb7:95c6/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:24:86:48:52 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:24ff:fe86:4852/64 scope link
valid_lft forever preferred_lft forever
445: vetha417cb9@if444: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 56:6b:1d:0a:a5:bd brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::546b:1dff:fe0a:a5bd/64 scope link
valid_lft forever preferred_lft forever
4.查看网卡接口
[root@elk91 ~]#apt install -y bridge-utils
[root@elk91 ~]#brctl show docker0
bridge name bridge id STP enabled interfaces
docker0 8000.024224864852 no vetha417cb9
5.查看物理机端口转发规则
[root@elk91 ~]#iptables-save | grep 90
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 90 -j DNAT --to-destination 172.17.0.2:80
6.ping测试
[root@elk91 ~]#docker exec -it haha sh
/ # ping baidu.com -c 3
PING baidu.com (124.237.177.164): 56 data bytes
64 bytes from 124.237.177.164: seq=0 ttl=127 time=89.615 ms
64 bytes from 124.237.177.164: seq=1 ttl=127 time=109.390 ms
64 bytes from 124.237.177.164: seq=2 ttl=127 time=108.804 ms
--- baidu.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 89.615/102.603/109.390 ms
/ #
7.tcpdump抓包虚拟网卡
[root@elk91 ~]#tcpdump -i vetha417cb9 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on vetha417cb9, link-type EN10MB (Ethernet), snapshot length 262144 bytes
20:03:06.215361 IP 172.17.0.2 > 124.237.177.164: ICMP echo request, id 22, seq 0, length 64
20:03:06.306788 IP 124.237.177.164 > 172.17.0.2: ICMP echo reply, id 22, seq 0, length 64
20:03:07.215835 IP 172.17.0.2 > 124.237.177.164: ICMP echo request, id 22, seq 1, length 64
20:03:07.310793 IP 124.237.177.164 > 172.17.0.2: ICMP echo reply, id 22, seq 1, length 64
20:03:08.216539 IP 172.17.0.2 > 124.237.177.164: ICMP echo request, id 22, seq 2, length 64
20:03:08.335760 IP 124.237.177.164 > 172.17.0.2: ICMP echo reply, id 22, seq 2, length 64
8.tcpdump抓物理网卡
[root@elk91 ~]#ping www.baidu.com
PING www.a.shifen.com (111.45.11.5) 56(84) bytes of data.
64 bytes from 111.45.11.5 (111.45.11.5): icmp_seq=1 ttl=128 time=24.0 ms
64 bytes from 111.45.11.5 (111.45.11.5): icmp_seq=2 ttl=128 time=32.4 ms
[root@elk91 ~]#tcpdump -i ens33 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), snapshot length 262144 bytes
20:12:38.787469 IP elk91 > 111.45.11.5: ICMP echo request, id 2, seq 301, length 64
20:12:38.811702 IP 111.45.11.5 > elk91: ICMP echo reply, id 2, seq 301, length 64
20:12:39.789364 IP elk91 > 111.45.11.5: ICMP echo request, id 2, seq 302, length 64
20:12:39.816664 IP 111.45.11.5 > elk91: ICMP echo reply, id 2, seq 302, length 64
9.关闭内核参数
[root@elk91 ~]#sysctl -q net.ipv4.ip_forward
net.ipv4.ip_forward = 1
关闭内核转发
[root@elk91 ~]#sysctl -w net.ipv4.ip_forward=0
net.ipv4.ip_forward = 0
[root@elk91 ~]#sysctl -q net.ipv4.ip_forward
net.ipv4.ip_forward = 0
10.验证容器无法访问外网
[root@elk91 ~]#docker exec -it haha sh
/ # ping www.baidu.com
ping: bad address 'www.baidu.com'
重新开启内核转发
[root@elk91 ~]#sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
[root@elk91 ~]#sysctl -q net.ipv4.ip_forward
net.ipv4.ip_forward = 1
/ # ping www.baidu.com
PING www.baidu.com (183.240.99.224): 56 data bytes
64 bytes from 183.240.99.224: seq=0 ttl=127 time=27.735 ms
64 bytes from 183.240.99.224: seq=1 ttl=127 time=47.080 ms
64 bytes from 183.240.99.224: seq=2 ttl=127 time=45.503 ms
64 bytes from 183.240.99.224: seq=3 ttl=127 time=30.433 ms
64 bytes from 183.240.99.224: seq=4 ttl=127 time=44.232 ms2.单机网络类型
2.1单机网络类型概述
2.2内置的四种类型案例
1.准备测试环境
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@elk91 ~]#docker run -id --name c1-bridge --network bridge alpine:3.20.2
9d33f01c1c70611b4d1b263d1e85b2e182d2619ed39c33f899c17900c9efcecb
[root@elk91 ~]#docker run -id --name c2-none --network none alpine:3.20.2
6616732d0364b65bbd70e0a0db8357fdf72074a9ab110f212b0c120b46b476fb
[root@elk91 ~]#docker run -id --name c3-host --network host alpine:3.20.2
8b621baf19e6272846cd70896da194369f7fe5929b6418fb320589f6a2af6c77
[root@elk91 ~]#docker run -id --name c4-container --network container:c1-bridge alpine:3.20.2
f9a194abebbd80d141fd1642932122898cd6de76b9152420baadb43d57900c1d
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f9a194abebbd alpine:3.20.2 "/bin/sh" 3 seconds ago Up 3 seconds c4-container
8b621baf19e6 alpine:3.20.2 "/bin/sh" 12 minutes ago Up 12 minutes c3-host
6616732d0364 alpine:3.20.2 "/bin/sh" 12 minutes ago Up 12 minutes c2-none
9d33f01c1c70 alpine:3.20.2 "/bin/sh" 12 minutes ago Up 12 minutes c1-bridge
2.查看本地网卡
[root@elk91 ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:b7:95:c6 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 10.0.0.91/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb7:95c6/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:24:86:48:52 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:24ff:fe86:4852/64 scope link
valid_lft forever preferred_lft forever
447: veth61da65a@if446: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 32:52:a2:70:00:cb brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::3052:a2ff:fe70:cb/64 scope link
valid_lft forever preferred_lft forever
3.查看各个容器的网络信息
[root@elk91 ~]#docker exec c1-bridge ip
BusyBox v1.36.1 (2024-06-10 07:11:47 UTC) multi-call binary.
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [ARGS]
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
ip addr add|del IFADDR dev IFACE | show|flush [dev IFACE] [to PREFIX]
ip route list|flush|add|del|change|append|replace|test ROUTE
ip link set IFACE [up|down] [arp on|off] [multicast on|off]
[promisc on|off] [mtu NUM] [name NAME] [qlen NUM] [address MAC]
[master IFACE | nomaster] [netns PID]
ip tunnel add|change|del|show [NAME]
[mode ipip|gre|sit] [remote ADDR] [local ADDR] [ttl TTL]
ip neigh show|flush [to PREFIX] [dev DEV] [nud STATE]
ip rule [list] | add|del SELECTOR ACTION
[root@elk91 ~]#docker exec c1-bridge ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
446: eth0@if447: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@elk91 ~]#docker exec c2-none ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
[root@elk91 ~]#docker exec c3-host ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
link/ether 00:0c:29:b7:95:c6 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.91/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb7:95c6/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:24:86:48:52 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:24ff:fe86:4852/64 scope link
valid_lft forever preferred_lft forever
447: veth61da65a@if446: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 32:52:a2:70:00:cb brd ff:ff:ff:ff:ff:ff
inet6 fe80::3052:a2ff:fe70:cb/64 scope link
valid_lft forever preferred_lft forever
[root@elk91 ~]#docker exec c4-container ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
446: eth0@if447: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
2.3自定义网络案例
1.查看现有的网路类型
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local
2.创建自定义网络
[root@elk91 ~]#docker network create -d bridge --subnet 172.20.0.0/16 --ip
--ip-range --ipam-driver --ipam-opt --ipv6
[root@elk91 ~]#docker network create -d bridge --subnet 172.20.0.0/16 --ip-range 172.20.100.0/24 --gateway 172.20.0.254 oldboyedu
2b121a538b9abfec4b46bff5f1a80880d9c8142e19de993b73438b11014b9b72
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local
2b121a538b9a oldboyedu bridge local
3.查看网络的详细信息
[root@elk91 ~]#docker network inspect oldboyedu
[
{
"Name": "oldboyedu",
"Id": "2b121a538b9abfec4b46bff5f1a80880d9c8142e19de993b73438b11014b9b72",
"Created": "2026-04-09T21:14:06.288420192+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.20.0.0/16",
"IPRange": "172.20.100.0/24",
"Gateway": "172.20.0.254"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
4.容器使用自定义网络
[root@elk91 ~]#docker run -id --name c1 --restart always --network oldboyedu alpine:3.20.2
79cf7cc5ed905062f7e976f0a64304bb85ab511cca17bb7d553e5c7903a0fe4f
[root@elk91 ~]#docker run -id --name c2 --restart always --network oldboyedu alpine:3.20.2
d04b3fc905a77e8c4cba70214baf962e8f078e6a0ed43c74c5b9a863ae172e91
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d04b3fc905a7 alpine:3.20.2 "/bin/sh" 5 seconds ago Up 4 seconds c2
79cf7cc5ed90 alpine:3.20.2 "/bin/sh" 7 seconds ago Up 7 seconds c1
[root@elk91 ~]#docker exec -it c1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
453: eth0@if454: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:14:64:00 brd ff:ff:ff:ff:ff:ff
inet 172.20.100.0/16 brd 172.20.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@elk91 ~]#docker exec -it c2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
455: eth0@if456: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:14:64:01 brd ff:ff:ff:ff:ff:ff
inet 172.20.100.1/16 brd 172.20.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@elk91 ~]#docker exec -it c1 route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.20.0.254 0.0.0.0 UG 0 0 0 eth0
172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
[root@elk91 ~]#docker exec -it c1 ping c2 -c 3
PING c2 (172.20.100.1): 56 data bytes
64 bytes from 172.20.100.1: seq=0 ttl=64 time=0.210 ms
64 bytes from 172.20.100.1: seq=1 ttl=64 time=0.113 ms
64 bytes from 172.20.100.1: seq=2 ttl=64 time=0.118 ms
--- c2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.113/0.147/0.210 ms
5.再次查看网络自定义信息
[root@elk91 ~]#docker network inspect oldboyedu
[
{
"Name": "oldboyedu",
"Id": "2b121a538b9abfec4b46bff5f1a80880d9c8142e19de993b73438b11014b9b72",
"Created": "2026-04-09T21:14:06.288420192+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.20.0.0/16",
"IPRange": "172.20.100.0/24",
"Gateway": "172.20.0.254"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"79cf7cc5ed905062f7e976f0a64304bb85ab511cca17bb7d553e5c7903a0fe4f": {
"Name": "c1",
"EndpointID": "d113685d5388735fc9ab6cdeb1daae8500bf69090dddd8de15edd112e28d3a89",
"MacAddress": "02:42:ac:14:64:00",
"IPv4Address": "172.20.100.0/16",
"IPv6Address": ""
},
"d04b3fc905a77e8c4cba70214baf962e8f078e6a0ed43c74c5b9a863ae172e91": {
"Name": "c2",
"EndpointID": "b1453701c4e85fa0128af98fab8a5301fc9dbc75c54ec9954da5aecf36e38ca0",
"MacAddress": "02:42:ac:14:64:01",
"IPv4Address": "172.20.100.1/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
6.删除自定义网络
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local
2b121a538b9a oldboyedu bridge local
[root@elk91 ~]#docker network rm oldboyedu # 网络被使用中无法删除
Error response from daemon: error while removing network: network oldboyedu id 2b121a538b9abfec4b46bff5f1a80880d9c8142e19de993b73438b11014b9b72 has active endpoints
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local
2b121a538b9a oldboyedu bridge local
[root@elk91 ~]#docker ps -aq
d04b3fc905a7
79cf7cc5ed90
[root@elk91 ~]#docker rm -f `docker ps -aq`
d04b3fc905a7
79cf7cc5ed90
[root@elk91 ~]#docker network rm oldboyedu # 当容器不使用自定义网络时则可以删除
oldboyedu
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local3.实战案例
3.1使用自定义网络部署wordpress博客
使用自定义网络部署WordPress,要求如下:
- 1.MySQL不对外暴露端口;
- 2.仅将WordPress数据进行暴露;
- 3.发表测试文字,删除MySQL或者wordpress容器数据不丢失;
1.准备mysql镜像和wordpress镜像
[root@elk91 ~]#docker image load -i oldboyedu-mysql-v8.0.36-oracle.tar.gz
fc037c17567d: Loading layer [==================================================>] 118.8MB/118.8MB
152c1ecea280: Loading layer [==================================================>] 11.26kB/11.26kB
fb5c92e924ab: Loading layer [==================================================>] 2.359MB/2.359MB
5b76076a2dd4: Loading layer [==================================================>] 13.86MB/13.86MB
a6909c467615: Loading layer [==================================================>] 6.656kB/6.656kB
eaa1e85de732: Loading layer [==================================================>] 3.072kB/3.072kB
9513d2aedd12: Loading layer [==================================================>] 185.6MB/185.6MB
84d659420bad: Loading layer [==================================================>] 3.072kB/3.072kB
876b8cd855eb: Loading layer [==================================================>] 298.7MB/298.7MB
1c0ff7ed67c4: Loading layer [==================================================>] 16.9kB/16.9kB
318dde184d61: Loading layer [==================================================>] 1.536kB/1.536kB
Loaded image: mysql:8.0.36-oracle
[root@elk91 ~]#docker image ls mysql
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.0.36-oracle f5f171121fa3 2 years ago 603MB
[root@elk91 ~]#docker image load -i oldboyedu-wordpress-v6.7.1-php8.1-apache.tar.gz
7914c8f600f5: Loading layer [==================================================>] 77.83MB/77.83MB
9d3505e94f88: Loading layer [==================================================>] 3.584kB/3.584kB
cca374cc7ecc: Loading layer [==================================================>] 320.2MB/320.2MB
93531ad2cad2: Loading layer [==================================================>] 5.12kB/5.12kB
76c322751b28: Loading layer [==================================================>] 50.46MB/50.46MB
e1862c15b46e: Loading layer [==================================================>] 9.728kB/9.728kB
41a48fee6648: Loading layer [==================================================>] 7.68kB/7.68kB
683fadaa2d15: Loading layer [==================================================>] 12.42MB/12.42MB
cd29cc24986e: Loading layer [==================================================>] 4.096kB/4.096kB
65ed9c32ccf8: Loading layer [==================================================>] 49.07MB/49.07MB
6a874987401a: Loading layer [==================================================>] 12.8kB/12.8kB
72d18aad6507: Loading layer [==================================================>] 4.608kB/4.608kB
541b75dced10: Loading layer [==================================================>] 4.608kB/4.608kB
5f70bf18a086: Loading layer [==================================================>] 1.024kB/1.024kB
dd20169e4636: Loading layer [==================================================>] 69.66MB/69.66MB
7aa076c583ee: Loading layer [==================================================>] 56.58MB/56.58MB
1bd5766fdd49: Loading layer [==================================================>] 5.632kB/5.632kB
fd6f751879ec: Loading layer [==================================================>] 4.608kB/4.608kB
10ffebd37647: Loading layer [==================================================>] 91.65kB/91.65kB
9dfe5f929ccc: Loading layer [==================================================>] 76.94MB/76.94MB
3a7d623958af: Loading layer [==================================================>] 9.216kB/9.216kB
5a91ae3138b2: Loading layer [==================================================>] 6.656kB/6.656kB
Loaded image: wordpress:6.7.1-php8.1-apache
[root@elk91 ~]#docker image ls wordpress
REPOSITORY TAG IMAGE ID CREATED SIZE
wordpress 6.7.1-php8.1-apache 13ffff361078 16 months ago 700MB
2.创建自定义网络
[root@elk91 ~]#docker network create wp
20529ffbb479fe93b7b8cf3d2b5b3303e38a8f280c94836585a815c3413fd095
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local
20529ffbb479 wp bridge local
3.启动mysql
[root@elk91 ~]#docker container run \
mysql:8.0.36-oracle \
--character-set-server=utf8mb4 \
--collation-server=utf8mb4_unicode_ci \
--default-authentication-plugin=mysql_native_password> -e MYSQL_ALLOW_EMPTY_PASSWORD="yes" \
> -d \
> --network wp \
> --restart always \
> -v oldboyedu-db:/var/lib/mysql/ \
> --name mysql-server \
> -e MYSQL_DATABASE="wordpress" \
> -e MYSQL_USER="linux102" \
> -e MYSQL_PASSWORD="oldboyedu" \
> mysql:8.0.36-oracle \
> --character-set-server=utf8mb4 \
> --collation-server=utf8mb4_unicode_ci \
> --default-authentication-plugin=mysql_native_password
1cbce0352bf0593046a9cee6bb2cf5894165b7862766e0fa6035b5afea285694
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1cbce0352bf0 mysql:8.0.36-oracle "docker-entrypoint.s…" 8 seconds ago Up 7 seconds 3306/tcp, 33060/tcp mysql-server
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9
local linux100
local oldboyedu-db
4.启动wordpress
[root@elk91 ~]# docker container run --name wordpress-server \
> -d \
> -p 81:80 \
> --network wp \
> --restart always \
> -v oldboyedu-wp:/var/www/html \
> -e WORDPRESS_DB_HOST=mysql-server \
> -e WORDPRESS_DB_USER=linux102 \
> -e WORDPRESS_DB_PASSWORD=oldboyedu \
> -e WORDPRESS_DB_NAME=wordpress \
> wordpress:6.7.1-php8.1-apache
c81fcc4367e79b4d5a2c7832419e8b13dd3eb23b39513b0e078d793d9da3047e
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c81fcc4367e7 wordpress:6.7.1-php8.1-apache "docker-entrypoint.s…" 16 seconds ago Up 15 seconds 0.0.0.0:81->80/tcp, :::81->80/tcp wordpress-server
[root@elk91 ~]#docker volume ls
DRIVER VOLUME NAME
local f3a48d41ac94519e3a9dea524b2f52047788e0c3369fd3526c32fba496826ef9
local linux100
local oldboyedu-db
local oldboyedu-wp
5.测试:
http://10.0.0.91:81/
6.删除容器
[root@elk91 ~]#docker ps -aq
c81fcc4367e7
1cbce0352bf0
[root@elk91 ~]#docker rm -f `docker ps -aq`
c81fcc4367e7
1cbce0352bf0
重新参考上面的步骤创建MySQL和WordPress的容器。
3.2基于docker容器部署zabbix案例
1.导入镜像到本地
[root@elk91 ~]#docker image load -i oldboyedu-zabbix-server-mysql-alpine-7.2-latest.tar.gz
08000c18d16d: Loading layer [==================================================>] 8.121MB/8.121MB
b2038076ec0a: Loading layer [==================================================>] 6.04MB/6.04MB
35b02ede82c0: Loading layer [==================================================>] 611.3kB/611.3kB
38e450648739: Loading layer [==================================================>] 86.02kB/86.02kB
6a3216859096: Loading layer [==================================================>] 3.963MB/3.963MB
2bf33e141b21: Loading layer [==================================================>] 83.2MB/83.2MB
5f70bf18a086: Loading layer [==================================================>] 1.024kB/1.024kB
ffcd8adfe8d7: Loading layer [==================================================>] 16.9kB/16.9kB
Loaded image: zabbix/zabbix-server-mysql:alpine-7.2-latest
[root@elk91 ~]#docker image load -i oldboyedu-zabbix-
oldboyedu-zabbix-java-gateway-alpine-7.2-latest.tar.gz oldboyedu-zabbix-web-nginx-mysql-alpine-7.2-latest.tar.gz
oldboyedu-zabbix-server-mysql-alpine-7.2-latest.tar.gz
[root@elk91 ~]#docker image load -i oldboyedu-zabbix-java-gateway-alpine-7.2-latest.tar.gz
b0fd99c49c37: Loading layer [==================================================>] 1.067MB/1.067MB
0bffa45421c7: Loading layer [==================================================>] 185.8MB/185.8MB
5f70bf18a086: Loading layer [==================================================>] 1.024kB/1.024kB
8b93c54b414a: Loading layer [==================================================>] 4.096kB/4.096kB
274d999a3848: Loading layer [==================================================>] 3.584kB/3.584kB
Loaded image: zabbix/zabbix-java-gateway:alpine-7.2-latest
[root@elk91 ~]#docker image load -i oldboyedu-zabbix-web-nginx-mysql-alpine-7.2-latest.tar.gz
4e1fdc1c5a49: Loading layer [==================================================>] 111.4MB/111.4MB
afd3adb945d4: Loading layer [==================================================>] 28.16kB/28.16kB
38d8371765fc: Loading layer [==================================================>] 146.6MB/146.6MB
5f70bf18a086: Loading layer [==================================================>] 1.024kB/1.024kB
251f5795031e: Loading layer [==================================================>] 12.8kB/12.8kB
Loaded image: zabbix/zabbix-web-nginx-mysql:alpine-7.2-latest
2.创建自定义网络
[root@elk91 ~]#docker network create --subnet 172.20.0.0/16 --ip-range 172.20.240.0/20 zabbix-net
e9c503ef00a80b41a6f8315da124eb5a8e6d50983b832a7e2bd0bd2f4e85f81a
[root@elk91 ~]#docker network ls
NETWORK ID NAME DRIVER SCOPE
405ee24664fc bridge bridge local
a8d63d38ec96 host host local
af8c56e20106 none null local
e9c503ef00a8 zabbix-net bridge local
[root@elk91 ~]#docker network inspect zabbix-net
[
{
"Name": "zabbix-net",
"Id": "e9c503ef00a80b41a6f8315da124eb5a8e6d50983b832a7e2bd0bd2f4e85f81a",
"Created": "2026-04-09T23:01:27.636170456+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.20.0.0/16",
"IPRange": "172.20.240.0/20"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
3.启动mysql服务
[root@elk91 ~]#docker image load -i oldboyedu-mysql-v8.0.36-oracle.tar.gz
fc037c17567d: Loading layer [==================================================>] 118.8MB/118.8MB
152c1ecea280: Loading layer [==================================================>] 11.26kB/11.26kB
fb5c92e924ab: Loading layer [==================================================>] 2.359MB/2.359MB
5b76076a2dd4: Loading layer [==================================================>] 13.86MB/13.86MB
a6909c467615: Loading layer [==================================================>] 6.656kB/6.656kB
eaa1e85de732: Loading layer [==================================================>] 3.072kB/3.072kB
9513d2aedd12: Loading layer [==================================================>] 185.6MB/185.6MB
84d659420bad: Loading layer [==================================================>] 3.072kB/3.072kB
876b8cd855eb: Loading layer [==================================================>] 298.7MB/298.7MB
1c0ff7ed67c4: Loading layer [==================================================>] 16.9kB/16.9kB
318dde184d61: Loading layer [==================================================>] 1.536kB/1.536kB
Loaded image: mysql:8.0.36-oracle
[root@elk91 ~]#docker run --name mysql-server -t \
> -e MYSQL_DATABASE="zabbix" \
> -e MYSQL_USER="zabbix" \
> -e MYSQL_PASSWORD="zabbix_pwd" \
> -e MYSQL_ROOT_PASSWORD="root_pwd" \
> --network=zabbix-net \
> --restart unless-stopped \
> -d mysql:8.0.36-oracle \
> --character-set-server=utf8 --collation-server=utf8_bin \
> --default-authentication-plugin=mysql_native_password
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7795bfd0b427 zabbix/zabbix-server-mysql:alpine-7.2-latest "/usr/bin/docker-ent…" 9 seconds ago Up 8 seconds 10051/tcp mysql-server
4.部署java-gateway组件
[root@elk91 ~]#docker run --name zabbix-java-gateway -t \
> --network=zabbix-net \
> --restart unless-stopped \
> -d zabbix/zabbix-java-gateway:alpine-7.2-latest
f1b78a1a69f730a226b0d084f7e1efaaf03d4e77468899e7c6f36c45a11b7822
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f1b78a1a69f7 zabbix/zabbix-java-gateway:alpine-7.2-latest "docker-entrypoint.s…" 7 seconds ago Up 6 seconds 10052/tcp zabbix-java-gateway
5.部署zabbix server
[root@elk91 ~]#docker run --name zabbix-server-mysql -t \
> -e DB_SERVER_HOST="mysql-server" \
> -e MYSQL_DATABASE="zabbix" \
> -e MYSQL_USER="zabbix" \
> -e MYSQL_PASSWORD="zabbix_pwd" \
> -e MYSQL_ROOT_PASSWORD="root_pwd" \
> -e ZBX_JAVAGATEWAY="zabbix-java-gateway" \
> --network=zabbix-net \
> -p 10051:10051 \
> --restart unless-stopped \
> -d zabbix/zabbix-server-mysql:alpine-7.2-latest
4eeec6695c697ecdef41dc309035fb381ffcd8f4f47a363a9f4ebdf923fdb52c
[root@elk91 ~]#docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4eeec6695c69 zabbix/zabbix-server-mysql:alpine-7.2-latest "/usr/bin/docker-ent…" 12 seconds ago Up 12 seconds 0.0.0.0:10051->10051/tcp, :::10051->10051/tcp zabbix-server-mysql
6.部署zabbix的webUI组件
[root@elk91 ~]#docker run --name zabbix-web-nginx-mysql -t \
> -e ZBX_SERVER_HOST="zabbix-server-mysql" \
> -e DB_SERVER_HOST="mysql-server" \
> -e MYSQL_DATABASE="zabbix" \
> -e MYSQL_USER="zabbix" \
> -e MYSQL_PASSWORD="zabbix_pwd" \
> -e MYSQL_ROOT_PASSWORD="root_pwd" \
> --network=zabbix-net \
> -p 80:8080 \
> --restart unless-stopped \
> -d zabbix/zabbix-web-nginx-mysql:alpine-7.2-latest
0cf10fd0523598da3b3d0b70f9286f14a02910bb9a1e00bd36143931adc77095
[root@elk91 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0cf10fd05235 zabbix/zabbix-web-nginx-mysql:alpine-7.2-latest "docker-entrypoint.sh" 2 minutes ago Up 2 minutes (health: starting) 8443/tcp, 0.0.0.0:80->8080/tcp, :::80->8080/tcp zabbix-web-nginx-mysql
4eeec6695c69 zabbix/zabbix-server-mysql:alpine-7.2-latest "/usr/bin/docker-ent…" 6 minutes ago Up 6 minutes 0.0.0.0:10051->10051/tcp, :::10051->10051/tcp zabbix-server-mysql
f1b78a1a69f7 zabbix/zabbix-java-gateway:alpine-7.2-latest "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 10052/tcp zabbix-java-gateway
7795bfd0b427 zabbix/zabbix-server-mysql:alpine-7.2-latest "/usr/bin/docker-ent…" 8 minutes ago Up 8 minutes 10051/tcp mysql-server
mysql-server
8.访问zabbix的webUI
http://10.0.0.91/
默认的用户名: Admin
密码: zabbix
