*Docker의 네트워크 모델: 

CNM을 사용한다: Container Network Model


SandboxID...

샌드박스는 독립적인 환경에 컨테이너의 네트워킹 configuration을 물고 있는 것이다


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
       "NetworkSettings": {
            "Bridge""",
            "SandboxID""91896e3968b1aedee2ba4275531b7ff1435f2cd3233a703c553990f65246cdeb",
            "HairpinMode"false,
            "LinkLocalIPv6Address""",
            "LinkLocalIPv6PrefixLen"0,
            "Ports": {},
            "SandboxKey""/var/run/docker/netns/91896e3968b1",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID""8bd83561b900d05dab2ed804b28ded759cf1e174858dad6e6c6d47f549e33d51",
            "Gateway""172.17.0.1",
            "GlobalIPv6Address""",
            "GlobalIPv6PrefixLen"0,
            "IPAddress""172.17.0.2",
            "IPPrefixLen"16,
            "IPv6Gateway""",
            "MacAddress""02:42:ac:11:00:02",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID""76d13a20d92c8d68860705f57e8989055660ac78cafea4eaa033cb1fd856e6fa",
                    "EndpointID""8bd83561b900d05dab2ed804b28ded759cf1e174858dad6e6c6d47f549e33d51",
                    "Gateway""172.17.0.1",
                    "IPAddress""172.17.0.2",
                    "IPPrefixLen"16,
                    "IPv6Gateway""",
                    "GlobalIPv6Address""",
                    "GlobalIPv6PrefixLen"0,
                    "MacAddress""02:42:ac:11:00:02",
                    "DriverOpts": null
                }
            }
        }
    }
]
[root@host01-2 _data]# ^C
[root@host01-2 _data]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
76d13a20d92c        bridge              bridge              local
a4bddc4df10b        host                host                local
e9ef483dde2d        none                null                local
[root@host01-2 _data]# docker attach 76d13a20d92c
Error: No such container: 76d13a20d92c
[root@host01-2 _data]# docker ps
CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS               NAMES
e3343a6dd1be        reg.cloud.com/busybox   "sh"                2 minutes ago       Up 2 minutes                            focused_albattani
[root@host01-2 _data]# docker attach e3343a6dd1be
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
150: eth0@if151: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
/ #
 
cs


서로 다른 L2의 인스턴스들이 서로 통신하려면...

eth0를 가지고 별도 컨테이너가 2개의 컨테이너의 bridge 역할을 한다.


*docker의 기본 네트워크


docker0를 통해 통신한다. 아래는 bridge 구성 : 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
[root@host01-2 _data]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
76d13a20d92c        bridge              bridge              local
a4bddc4df10b        host                host                local
e9ef483dde2d        none                null                local
 
[root@host01-2 _data]# docker inspect bridge
[
    {
        "Name""bridge",
        "Id""76d13a20d92c8d68860705f57e8989055660ac78cafea4eaa033cb1fd856e6fa",
        "Created""2018-05-21T15:11:08.970105946+09:00",
        "Scope""local",
        "Driver""bridge",
        "EnableIPv6"false,
        "IPAM": {
            "Driver""default",
            "Options": null,
            "Config": [
                {
                    "Subnet""172.17.0.0/16"#bridge의 
                    "Gateway""172.17.0.1"
                }
            ]
        },
        "Internal"false,
        "Attachable"false,
        "Ingress"false,
        "ConfigFrom": {
            "Network"""
        },
        "ConfigOnly"false,
        "Containers": {},
        "Options": {
            "com.docker.network.bridge.default_bridge""true",
            "com.docker.network.bridge.enable_icc""true"#같은 bridge 내에서 통신하게 할 것인가? 이 부분이 false라면 컨테이너간 통신이 안된다
            "com.docker.network.bridge.enable_ip_masquerade""true"#masquerade는 일종의 NAT역할을 한다.
            "com.docker.network.bridge.host_binding_ipv4""0.0.0.0",
            "com.docker.network.bridge.name""docker0"#docker0 가 bridge 역할
            "com.docker.network.driver.mtu""1500"
        },
        "Labels": {}
    }
]
[root@host01-2 _data]#
 
cs


- 기본적으로 도커의 네트워크는 HOST에서 iptables 룰을 타고 나간다.

=> 네트워크 지연이 거의 없다...베어메탈과 거의 동급

=> 반면 보안쪽으로 민감한 사항들도 있다. 


- 컨테이너간 통신(C1 : 80, C2: 81, C3: 82 일 경우 서로 통신은 어떻게 하나?) :
=> localhost로 통신하면 된다.


- 도커는 결국 하나다(bridge라는 driver) :

1
2
3
4
5
6
7
[root@host01-2 _data]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
76d13a20d92c        bridge              bridge              local  #bridge  
a4bddc4df10b        host                host                local  #호스트와 네트워크를 공유
e9ef483dde2d        none                null                local  #네트워크 X
 
 
cs






* 멀티호스트 네트워킹(VxLAN 사용) / 단일호스트 네트워킹


- VXLAN

- SDN

- NFV


- Service Channing

보안을 고려한 분산 네트워크 시, 

L2로 구성되어있는데 IPS가 1개만 있다면, 결국 IPS가 없는 인스턴스에서 다른 하나의 인스턴스까지 접근해야 하는 아키텍처를 구성해야 한다.

IAAS > PAAS 



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
[root@host01-2 _data]# docker inspect bridge
[
    {
        "Name""bridge",
        "Id""76d13a20d92c8d68860705f57e8989055660ac78cafea4eaa033cb1fd856e6fa",
        "Created""2018-05-21T15:11:08.970105946+09:00",
        "Scope""local",
        "Driver""bridge",
        "EnableIPv6"false,
        "IPAM": {
            "Driver""default",
            "Options": null,
            "Config": [
                {
                    "Subnet""172.17.0.0/16",
                    "Gateway""172.17.0.1"
                }
            ]
        },
        "Internal"false,
        "Attachable"false,
        "Ingress"false,
        "ConfigFrom": {
            "Network"""
        },
        "ConfigOnly"false,
        "Containers": {},  #컨테이너가 없다
        "Options": {
            "com.docker.network.bridge.default_bridge""true",
            "com.docker.network.bridge.enable_icc""true",
            "com.docker.network.bridge.enable_ip_masquerade""true",
            "com.docker.network.bridge.host_binding_ipv4""0.0.0.0",
            "com.docker.network.bridge.name""docker0",
            "com.docker.network.driver.mtu""1500"
        },
        "Labels": {}
    }
]
[root@host01-2 _data]# docker inspect bridge
[
    {
        "Name""bridge",
        "Id""76d13a20d92c8d68860705f57e8989055660ac78cafea4eaa033cb1fd856e6fa"                                                                                                                      ,
        "Created""2018-05-21T15:11:08.970105946+09:00",
        "Scope""local",
        "Driver""bridge",
        "EnableIPv6"false,
        "IPAM": {
            "Driver""default",
            "Options": null,
            "Config": [
                {
                    "Subnet""172.17.0.0/16",
                    "Gateway""172.17.0.1"
                }
            ]
        },
        "Internal"false,
        "Attachable"false,
        "Ingress"false,
        "ConfigFrom": {
            "Network"""
        },
        "ConfigOnly"false,
        "Containers": {
            "8c4add8d8d16d6b7d9eb247cee125e012a803c61f5b6592c8819dd30b926fbab":                                                                                                                       {
                "Name""c1",
                "EndpointID""dfda49ba957d32e371c012c3952f01aaff83e2c3c9668fbae                                                                                                                      07cb53595ef02d5",
                "MacAddress""02:42:ac:11:00:02",
                "IPv4Address""172.17.0.2/16",
                "IPv6Address"""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge""true",
            "com.docker.network.bridge.enable_icc""true",
            "com.docker.network.bridge.enable_ip_masquerade""true",
            "com.docker.network.bridge.host_binding_ipv4""0.0.0.0",
            "com.docker.network.bridge.name""docker0",
            "com.docker.network.driver.mtu""1500"
        },
        "Labels": {}
    }
]
[root@host01-2 _data]# docker inspect bridge
[
    {
        "Name""bridge",
        "Id""76d13a20d92c8d68860705f57e8989055660ac78cafea4eaa033cb1fd856e6fa",
        "Created""2018-05-21T15:11:08.970105946+09:00",
        "Scope""local",
        "Driver""bridge",
        "EnableIPv6"false,
        "IPAM": {
            "Driver""default",
            "Options": null,
            "Config": [
                {
                    "Subnet""172.17.0.0/16",
                    "Gateway""172.17.0.1"
                }
            ]
        },
        "Internal"false,
        "Attachable"false,
        "Ingress"false,
        "ConfigFrom": {
            "Network"""
        },
        "ConfigOnly"false,
        "Containers": {
            "703292574cb0d7730b1fe601acf826a99ac2530b056624ae2ad808e1e90db2f1": {
                "Name""c2",
                "EndpointID""43da37e1fef531cf525de9dae8801889e819108f27113bed9b09bda6e82cb95e",
                "MacAddress""02:42:ac:11:00:03",
                "IPv4Address""172.17.0.3/16",
                "IPv6Address"""
            },
            "8c4add8d8d16d6b7d9eb247cee125e012a803c61f5b6592c8819dd30b926fbab": {
                "Name""c1",
                "EndpointID""dfda49ba957d32e371c012c3952f01aaff83e2c3c9668fbae07cb53595ef02d5",
                "MacAddress""02:42:ac:11:00:02",
                "IPv4Address""172.17.0.2/16",
                "IPv6Address"""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge""true",
            "com.docker.network.bridge.enable_icc""true",
            "com.docker.network.bridge.enable_ip_masquerade""true",
            "com.docker.network.bridge.host_binding_ipv4""0.0.0.0",
            "com.docker.network.bridge.name""docker0",
            "com.docker.network.driver.mtu""1500"
        },
        "Labels": {}
    }
]
[root@host01-2 _data]# docker attach c1
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
152: eth0@if153: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
       valid_lft forever preferred_lft forever
/ # exit
d[root@host01-2 _data]# docker ps a
"docker ps" accepts no arguments.
See 'docker ps --help'.
 
Usage:  docker ps [OPTIONS] [flags]
 
List containers
[root@host01-2 _data]# docker ps -aa
CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS                     PORTS               NAMES
703292574cb0        reg.cloud.com/busybox   "sh"                29 seconds ago      Up 27 seconds                                  c2
8c4add8d8d16        reg.cloud.com/busybox   "sh"                50 seconds ago      Exited (05 seconds ago                       c1
[root@host01-2 _data]# docker ps -a
CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS                     PORTS               NAMES
703292574cb0        reg.cloud.com/busybox   "sh"                31 seconds ago      Up 29 seconds                                  c2
8c4add8d8d16        reg.cloud.com/busybox   "sh"                52 seconds ago      Exited (07 seconds ago                       c1
[root@host01-2 _data]# network inspect
-bash: network: command not found
[root@host01-2 _data]# docker network inspect
"docker network inspect" requires at least 1 argument.
See 'docker network inspect --help'.
 
Usage:  docker network inspect [OPTIONS] NETWORK [NETWORK...] [flags]
 
Display detailed information on one or more networks
[root@host01-2 _data]# docker inspect bridge
[
    {
        "Name""bridge",
        "Id""76d13a20d92c8d68860705f57e8989055660ac78cafea4eaa033cb1fd856e6fa",
        "Created""2018-05-21T15:11:08.970105946+09:00",
        "Scope""local",
        "Driver""bridge",
        "EnableIPv6"false,
        "IPAM": {
            "Driver""default",
            "Options": null,
            "Config": [
                {
                    "Subnet""172.17.0.0/16",
                    "Gateway""172.17.0.1"
                }
            ]
        },
        "Internal"false,
        "Attachable"false,
        "Ingress"false,
        "ConfigFrom": {
            "Network"""
        },
        "ConfigOnly"false,
        "Containers": {
            "703292574cb0d7730b1fe601acf826a99ac2530b056624ae2ad808e1e90db2f1": {
                "Name""c2",  #c1은 사라지고 c2만 
                "EndpointID""43da37e1fef531cf525de9dae8801889e819108f27113bed9b09bda6e82cb95e",
                "MacAddress""02:42:ac:11:00:03",
                "IPv4Address""172.17.0.3/16",
                "IPv6Address"""
            }
        },
        "Options": {
            "com.docker.network.bridge.default_bridge""true",
            "com.docker.network.bridge.enable_icc""true",
            "com.docker.network.bridge.enable_ip_masquerade""true",
            "com.docker.network.bridge.host_binding_ipv4""0.0.0.0",
            "com.docker.network.bridge.name""docker0",
            "com.docker.network.driver.mtu""1500"
        },
        "Labels": {}
    }
]
[root@host01-2 _data]#
root@host01-2 _data]# docker ps  -a
CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS                     PORTS               NAMES
703292574cb0        reg.cloud.com/busybox   "sh"                3 minutes ago       Up 3 minutes                                   c2
8c4add8d8d16        reg.cloud.com/busybox   "sh"                3 minutes ago       Exited (02 minutes ago                       c1
[root@host01-2 _data]# docker attach c2
/ # cat /etc/resolv.conf
# Generated by NetworkManager
search cloud.com
nameserver 10.10.12.1
 
 
cs


*기본적으로 host 네트워크를 공유함으로 통신이 docker0를 통해 이루어진다. User Defined Network를 사용하기 위해서는...DNS설정 필요...사용자 정의 네트워크를 만들어 띄울 수 있다,


* 사용자 정의 네트워크를 만들어 띄우기 

Container name이 DNS로 올라간다


*사용자 정의 네트워크를 통해 C3, C4 컨테이너를 띄워보자(기존 host network와 다른 네트워크) :

(C3에서 C4로 ping 실행 시 dns에서 ip를 알려준다.)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
[root@host01-2 _data]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
76d13a20d92c        bridge              bridge              local
a4bddc4df10b        host                host                local
e9ef483dde2d        none                null                local
[root@host01-2 _data]# docker network create test
efe418b38219518e5a7b4d09902dd5c4772c9a4ce9a715a842b60d6848165825
 
[root@host01-2 _data]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
76d13a20d92c        bridge              bridge              local
a4bddc4df10b        host                host                local
e9ef483dde2d        none                null                local
efe418b38219        test                bridge              local
[root@host01-2 _data]# docker run --name c3 --network=test --itd reg.cloud.com/busybox
unknown flag: --itd
See 'docker run --help'.
[root@host01-2 _data]# docker run --name c3 --network=test -itd reg.cloud.com/busybox
28674f6d5ac97c95694b4342a76e34120c872c9914881d7fb7a8d9860f587fe8
[root@host01-2 _data]# docker run --name c4 --network=test -itd reg.cloud.com/busybox
48d67f53f81a5c61a1358e02576a1000d8a8d1395df4dfb13e0675408d90d714
[root@host01-2 _data]# docker attach c3
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
157: eth0@if158: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
    link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
    inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
       valid_lft forever preferred_lft forever
/ # hostname
28674f6d5ac9
/ # ping c4
PING c4 (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.257 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.178 ms
64 bytes from 172.18.0.3: seq=2 ttl=64 time=0.177 ms
64 bytes from 172.18.0.3: seq=3 ttl=64 time=0.181 ms
64 bytes from 172.18.0.3: seq=4 ttl=64 time=0.180 ms
64 bytes from 172.18.0.3: seq=5 ttl=64 time=0.178 ms
64 bytes from 172.18.0.3: seq=6 ttl=64 time=0.178 ms
64 bytes from 172.18.0.3: seq=7 ttl=64 time=0.206 ms
 
cs







*docker0와 별도의 사용자 정의 네트워크 구성
isolated_nw라는 사용자정의 네트워크를 새로 만들고
C3, C4, C5 컨테이너를 구성한다.


C4를 Web이라는 이름으로 조회

C5를 DB라는 이름으로 조회


*Alias 할당 방법 (link로 구성) - db, web이라는 이름으로도 ping 가능

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
[root@host01-2 ~]# docker run --network=isolated_nw -itd --name c5 --link c4:web  reg.cloud.com/b^Cybox
[root@host01-2 ~]# docker rm -f $(docker ps -aq)
9891fb7e3af2
ec900985c74c
1df32b36382b
33c48eda73cc
079bb7c7c709
[root@host01-2 ~]# docker run --network=isolated_nw -itd --name c5 --link c4:web  reg.cloud.com/busybox
0a0c051a84839085601e938e3843015263b1867cf87db9985051cb20d2aca433
[root@host01-2 ~]# docker run --network=isolated_nw -itd --name c4 --link c5:db  reg.cloud.com/busybox
6c07e34435a360d3142f0955a06a64197775902095ea54ff9009c6107593c98d
[root@host01-2 ~]# docker attach c4
/ # ping c5
PING c5 (172.25.0.2): 56 data bytes
64 bytes from 172.25.0.2: seq=0 ttl=64 time=0.287 ms
64 bytes from 172.25.0.2: seq=1 ttl=64 time=0.180 ms
^C
--- c5 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.180/0.233/0.287 ms
/ # ping db
PING db (172.25.0.2): 56 data bytes
64 bytes from 172.25.0.2: seq=0 ttl=64 time=0.159 ms
64 bytes from 172.25.0.2: seq=1 ttl=64 time=0.183 ms
^C
--- db ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.159/0.171/0.183 ms
/ # ^C
/ #
 
cs



*Alias 할당 방법 (network_alias로 구성) - alias로 호출하면(c6, c7 round robin방식으로 라턴)


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
[root@host01-2 ~]# docker run -itd --network=isolated_nw --name c6 --network-alias app reg.cloud.com/busybox
117113d2b352a4a7253914d1b1178cf92e6ef6aa49bf194f25f81fe8ccf5452a
^[[A[root@host01-2 ~]# docker run -itd --network=isolated_nw --name c7 --network-alias app reg.cloud.com/busybox
23b79ec545f71d9a448829fbdd1c30ee1a1110d07742a067c7475544d6987abe
[root@host01-2 ~]# docker run --network=isolated_nw -it --name c8 reg.cloud.com/busybox
/ # ping c6
PING c6 (172.25.0.4): 56 data bytes
64 bytes from 172.25.0.4: seq=0 ttl=64 time=0.261 ms
64 bytes from 172.25.0.4: seq=1 ttl=64 time=0.176 ms
^C
--- c6 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.176/0.218/0.261 ms
/ # ping c7
PING c7 (172.25.0.5): 56 data bytes
64 bytes from 172.25.0.5: seq=0 ttl=64 time=0.265 ms
64 bytes from 172.25.0.5: seq=1 ttl=64 time=0.179 ms
^C
--- c7 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.179/0.222/0.265 ms
/ # ping app
PING app (172.25.0.4): 56 data bytes
64 bytes from 172.25.0.4: seq=0 ttl=64 time=0.189 ms
64 bytes from 172.25.0.4: seq=1 ttl=64 time=0.177 ms
^C
--- app ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.177/0.183/0.189 ms
/ #
 
 
cs






* LINK 개념(old) - 지금은 사용 안함(Why? 싱글 호스트만 지원가능) => 이제는 User Defined Network를 사용한다


C1(DB) <------C2(web) 


DNS서버를 조회하기 전에 C2서버에서 먼저 조회하는 파일이 /etc/hosts 파일임!!

C2으로부터 expose의 정보가 모두 c2로 넘어간다?


* link 사용법(env로 MYSQL_ROOT_PASSWORD를 포함한 env 정보가 넘어간다)


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
[root@host01-2 ~]# docker run --name db -e MYSQL_ROOT_PASSWORD=1234 -d reg.cloud.com/mysql
c718db3a5bed23a0c8f4bba81b2500e9350b3813364cf2780c86b27ac1754732
[root@host01-2 ~]# docker logs db
Initializing database
2018-05-24T05:50:32.189359Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2018-05-24T05:50:34.743553Z 0 [Warning] InnoDB: New log files created, LSN=45790
2018-05-24T05:50:35.111689Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2018-05-24T05:50:35.216022Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 60c3bc8a-5f16-11e8-a17f-0242ac110002.
2018-05-24T05:50:35.234417Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2018-05-24T05:50:35.235689Z 1 [Warning] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
2018-05-24T05:50:39.434990Z 1 [Warning] 'user' entry 'root@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435049Z 1 [Warning] 'user' entry 'mysql.session@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435078Z 1 [Warning] 'user' entry 'mysql.sys@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435139Z 1 [Warning] 'db' entry 'performance_schema mysql.session@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435158Z 1 [Warning] 'db' entry 'sys mysql.sys@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435198Z 1 [Warning] 'proxies_priv' entry '@ root@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435294Z 1 [Warning] 'tables_priv' entry 'user mysql.session@localhost' ignored in --skip-name-resolve mode.
2018-05-24T05:50:39.435326Z 1 [Warning] 'tables_priv' entry 'sys_config mysql.sys@localhost' ignored in --skip-name-resolve mode.
[root@host01-2 ~]# docker ps
CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS               NAMES
c718db3a5bed        reg.cloud.com/mysql     "docker-entrypoint.s…"   22 seconds ago      Up 21 seconds       3306/tcp            db
23b79ec545f7        reg.cloud.com/busybox   "sh"                     22 minutes ago      Up 22 minutes                           c7
117113d2b352        reg.cloud.com/busybox   "sh"                     22 minutes ago      Up 22 minutes                           c6
6c07e34435a3        reg.cloud.com/busybox   "sh"                     25 minutes ago      Up 25 minutes                           c4
0a0c051a8483        reg.cloud.com/busybox   "sh"                     25 minutes ago      Up 25 minutes                           c5
[root@host01-2 ~]# docker exec db env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=c718db3a5bed
MYSQL_ROOT_PASSWORD=1234
GOSU_VERSION=1.7
MYSQL_MAJOR=5.7
MYSQL_VERSION=5.7.20-1debian8
HOME=/root
[root@host01-2 ~]# docker run -it --link db:sql reg.cloud.com/mysql bash
root@e0de0246a2a3:/# cat /etc/resolv.conf
# Generated by NetworkManager
search cloud.com
nameserver 10.10.12.1
root@e0de0246a2a3:/# cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2      sql c718db3a5bed db
172.17.0.3      e0de0246a2a3
root@e0de0246a2a3:/# ping sql
PING sql (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: icmp_seq=0 ttl=64 time=0.328 ms
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.202 ms
^C--- sql ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.202/0.265/0.328/0.063 ms
root@e0de0246a2a3:/# env
HOSTNAME=e0de0246a2a3
TERM=xterm
MYSQL_VERSION=5.7.20-1debian8
SQL_ENV_MYSQL_VERSION=5.7.20-1debian8
SQL_PORT_3306_TCP=tcp://172.17.0.2:3306
SQL_NAME=/brave_panini/sql
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
SQL_PORT_3306_TCP_ADDR=172.17.0.2
SQL_ENV_MYSQL_MAJOR=5.7
PWD=/
SQL_PORT_3306_TCP_PORT=3306
SQL_ENV_MYSQL_ROOT_PASSWORD=1234
HOME=/root
SHLVL=1
SQL_PORT_3306_TCP_PROTO=tcp
MYSQL_MAJOR=5.7
GOSU_VERSION=1.7
SQL_ENV_GOSU_VERSION=1.7
SQL_PORT=tcp://172.17.0.2:3306
_=/usr/bin/env
root@e0de0246a2a3:/#
 
cs






+ Recent posts