网络名称空间
了解下网络名称空间,更加利于理解docker中的overlay网络。还有k8s中的endpoint,服务发现等。随笔记录
在每个容器里面都会这样的一个设备叫做endpoint,它的作用就是把容器(sandbox)接入到network中去,endpoint最典型的案例就是veth pair。
就是把两个网络头子,端对端的连接起来。两个网络头子置于不同的网络名称空间就可以使其互相通信
实验操作一下就理解了:
Ip netns add //添加新的网络名称空间
[root@emporerlinux ~]# ip netns add net1
[root@emporerlinux ~]# ip netns list
net1
进入net1 名称空间 查看ip: ip netns exec net1 ifconfig -a 默认未开启使用 -a 参数。
Ip link add 创建虚拟网卡对加入名称空间。
Ip link add name veth1.1 type veth peer name veth1.2
Ip link show 两张网卡成对出现。
[root@emporerlinux ~]# ip link add name veth1.1 type veth peer name veth1.2
[root@emporerlinux ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:0c:29:f6:84:ad brd ff:ff:ff:ff:ff:ff
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:36:cf:f5:db brd ff:ff:ff:ff:ff:ff
5: veth6bdff3b@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether fe:52:73:ea:ba:22 brd ff:ff:ff:ff:ff:ff link-netnsid 0
7: vethf5c9f74@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether 7e:09:db:ca:10:71 brd ff:ff:ff:ff:ff:ff link-netnsid 1
8: veth1.2@veth1.1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 7a:5d:43:b7:a2:6c brd ff:ff:ff:ff:ff:ff
9: veth1.1@veth1.2: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether ee:d4:a6:cc:9a:e9 brd ff:ff:ff:ff:ff:ff
1.1 和1.2 相当于一根网线连接两头。可以把一端加入一个名称空间实现互通。
Ip link set dev veth1.2 netns net1 //把veth1.2 这张网卡加入net1名称空间。
Ip netns exec net1 ifconfig -a //进入net1 名称空间。查看有1.2这张网卡。
[root@emporerlinux ~]# ip link set dev veth1.2 netns net1
[root@emporerlinux ~]# ip netns exec net1 ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: veth1.2@if9: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 7a:5d:43:b7:a2:6c brd ff:ff:ff:ff:ff:ff link-netnsid 0
Ip netns exec net1 ip link set dev veth1.2 name eth0 //更改net1中veth1.2 网卡名称为eth0
Ifconfig veth1.1 192.168.1./24 up //给本机veth1.1网卡配置ip 激活。
[root@emporerlinux ~]# ifconfig veth1.1 192.168.1.1/24 up
[root@emporerlinux ~]# ip a |grep veth
5: veth6bdff3b@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
7: vethf5c9f74@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
9: veth1.1@if8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global veth1.1
Ip netns exec net1ifconfig etho0 10.1.0.2/24 up //配置名称空间net1内另一端ip地址即可通信
[root@emporerlinux ~]# ip netns exec net1 ifconfig eth0 192.168.1.2/24 up
[root@emporerlinux ~]# ip netns exec net1 ip a
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 7a:5d:43:b7:a2:6c brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::785d:43ff:feb7:a26c/64 scope link
valid_lft forever preferred_lft forever
net1 ping 测试
[root@emporerlinux ~]# ip netns exec net1 ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.103 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.096 ms
^C
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.096/0.099/0.103/0.010 ms
也可以把 veth1.1 移到另外一个名称空间内当做一张网卡 也相当于一张网卡把两个名称空间连接起来。。
Ip link set dev veth1.1 netns net2 //把veth1.1这张网卡移动给net2名称空间使用。宿主机就没有veth1.1这张网卡了
Ip netns exec net2 ifconfig -a //可查看veth1.1这张网卡。
Ip netns exec net2 ifconfig veth1.1 10.1.0.3/24 up //给net2名称空间的veth1.1网卡添加ip并启动。
Ip netns exec net2 ifconfig //查看veth1.1 有ip且ping 通10.1.0.2 实现两个名称空间互通
查看ip:
[root@emporerlinux ~]# ip netns exec net2 ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
9: veth1.1@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether ee:d4:a6:cc:9a:e9 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@emporerlinux ~]# ip netns exec net1 ip link show
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 7a:5d:43:b7:a2:6c brd ff:ff:ff:ff:ff:ff link-netnsid 1
配置net1 ip地址
[root@emporerlinux ~]# ip netns exec net1 ifconfig eth0 192.168.6.1/24 up
配置net2 ip地址
[root@emporerlinux ~]# ip netns exec net2 ifconfig veth1.1 192.168.6.2/24 up
ping测试
[root@emporerlinux ~]# ip netns exec net2 ping 192.168.6.1
PING 192.168.6.1 (192.168.6.1) 56(84) bytes of data.
64 bytes from 192.168.6.1: icmp_seq=1 ttl=64 time=0.111 ms
64 bytes from 192.168.6.1: icmp_seq=2 ttl=64 time=0.086 ms
64 bytes from 192.168.6.1: icmp_seq=3 ttl=64 time=0.092 ms
^C
--- 192.168.6.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.086/0.096/0.111/0.013 ms
[root@emporerlinux ~]# ip netns exec net1 ping 192.168.6.2
PING 192.168.6.2 (192.168.6.2) 56(84) bytes of data.
64 bytes from 192.168.6.2: icmp_seq=1 ttl=64 time=0.099 ms
64 bytes from 192.168.6.2: icmp_seq=2 ttl=64 time=0.101 ms
64 bytes from 192.168.6.2: icmp_seq=3 ttl=64 time=0.113 ms
^C
--- 192.168.6.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.099/0.104/0.113/0.010 ms
版权声明:
本站所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自
Emporer-Linux!
喜欢就支持一下吧