Docker系列5：網(wǎng)絡(luò)名稱空間管理

一、ip命令介紹

創(chuàng)新互聯(lián)基于成都重慶香港及美國(guó)等地區(qū)分布式IDC機(jī)房數(shù)據(jù)中心構(gòu)建的電信大帶寬，聯(lián)通大帶寬，移動(dòng)大帶寬，多線BGP大帶寬租用,是為眾多客戶提供專業(yè)資陽(yáng)服務(wù)器托管報(bào)價(jià)，主機(jī)托管價(jià)格性價(jià)比高，為金融證券行業(yè)服務(wù)器托管，ai人工智能服務(wù)器托管提供bgp線路100M獨(dú)享，G口帶寬及機(jī)柜租用的專業(yè)成都idc公司。

ip命令是iproute軟件的程序

[root@host1?~]#?yum?install?iproute?-y?
[root@host1?~]#?rpm?-q?iproute
iproute-4.11.0-25.el7_7.2.x86_64

通過(guò)ip可以實(shí)現(xiàn)管理網(wǎng)絡(luò)名稱空間

[root@host1?~]#?ip
Usage:?ip?[?OPTIONS?]?OBJECT?{?COMMAND?|?help?}
???????ip?[?-force?]?-batch?filename
where??OBJECT?:=?{?link?|?address?|?addrlabel?|?route?|?rule?|?neigh?|?ntable?|
???????????????????tunnel?|?tuntap?|?maddress?|?mroute?|?mrule?|?monitor?|?xfrm?|
???????????????????netns?|?l2tp?|?fou?|?macsec?|?tcp_metrics?|?token?|?netconf?|?ila?|
???????????????????vrf?}
???????OPTIONS?:=?{?-V[ersion]?|?-s[tatistics]?|?-d[etails]?|?-r[esolve]?|
????????????????????-h[uman-readable]?|?-iec?|
????????????????????-f[amily]?{?inet?|?inet6?|?ipx?|?dnet?|?mpls?|?bridge?|?link?}?|
????????????????????-4?|?-6?|?-I?|?-D?|?-B?|?-0?|
????????????????????-l[oops]?{?maximum-addr-flush-attempts?}?|?-br[ief]?|
????????????????????-o[neline]?|?-t[imestamp]?|?-ts[hort]?|?-b[atch]?[filename]?|
????????????????????-rc[vbuf]?[size]?|?-n[etns]?name?|?-a[ll]?|?-c[olor]}

OBJECT中的netns可以用來(lái)設(shè)置網(wǎng)絡(luò)名稱空間

netns的使用幫助如下

[root@host1?~]#?ip?netns?help
Usage:?ip?netns?list
???????ip?netns?add?NAME
???????ip?netns?set?NAME?NETNSID
???????ip?[-all]?netns?delete?[NAME]
???????ip?netns?identify?[PID]
???????ip?netns?pids?NAME
???????ip?[-all]?netns?exec?[NAME]?cmd?...
???????ip?netns?monitor
???????ip?netns?list-id

二、ip命令的使用

創(chuàng)建兩個(gè)名稱空間并查看一下

[root@host1?~]#?ip?netns?add?r1
[root@host1?~]#?ip?netns?add?r2

[root@host1?~]#?ip?netns?list
r2
r1

查看網(wǎng)絡(luò)名稱空間中有幾個(gè)網(wǎng)卡

其實(shí)就是在網(wǎng)絡(luò)名稱空間中執(zhí)行ip addr命令，需要加選項(xiàng)-a
在網(wǎng)絡(luò)名稱空間執(zhí)行命令是用exec

[root@host1?~]#?ip?netns?exec?r1?ip?addr
1:?lo:?<LOOPBACK>?mtu?65536?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00

創(chuàng)建網(wǎng)卡對(duì)

用的命令是ip link?

[root@host1?~]#?ip?link?help
Usage:?ip?link?add?[link?DEV]?[?name?]?NAME
???????????????????[?txqueuelen?PACKETS?]
???????????????????[?address?LLADDR?]
???????????????????[?broadcast?LLADDR?]
???????????????????[?mtu?MTU?]?[index?IDX?]
???????????????????[?numtxqueues?QUEUE_COUNT?]
???????????????????[?numrxqueues?QUEUE_COUNT?]
???????????????????type?TYPE?[?ARGS?]

創(chuàng)建一對(duì)網(wǎng)卡，兩端分別為veth2.1和veth2.2

[root@host1?~]#?ip?link?add?name?veth2.1?type?veth?peer?name?veth2.2

[root@host1?~]#?ip?link?show?|?grep?veth2.*
7:?veth2.2@veth2.1:?<BROADCAST,MULTICAST,M-DOWN>?mtu?1500?qdisc?noop?state?DOWN?mode?DEFAULT?group?default?qlen?1000
8:?veth2.1@veth2.2:?<BROADCAST,MULTICAST,M-DOWN>?mtu?1500?qdisc?noop?state?DOWN?mode?DEFAULT?group?default?qlen?1000

type veth：指定創(chuàng)建的是虛擬以太網(wǎng)卡

為名稱空間分配虛擬網(wǎng)卡

用的命令是ip link set
一旦將某個(gè)虛擬網(wǎng)卡分配到某個(gè)名稱空間，在物理機(jī)中就看不到這個(gè)網(wǎng)卡了

將veth2.1保留在物理機(jī)，將veth2.2分配到r1名稱空間

[root@host1?~]#?ip?link?set?veth2.2?netns?r1

[root@host1?~]#?ip?netns?exec?r1?ip?addr
1:?lo:?<LOOPBACK>?mtu?65536?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00
7:?veth2.2@if8:?<BROADCAST,MULTICAST>?mtu?1500?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/ether?4e:f2:68:33:47:a1?brd?ff:ff:ff:ff:ff:ff?link-netnsid?0

[root@host1?~]#?ip?link?show?|?grep?veth2.*
8:?veth2.1@if7:?<BROADCAST,MULTICAST>?mtu?1500?qdisc?noop?state?DOWN?mode?DEFAULT?group?default?qlen?1000

也可以修改虛擬網(wǎng)卡的名稱，例如將r1中的veth2.2改名為eth0

[root@host1?~]#?ip?netns?exec?r1?ip?link?set?dev?veth2.2?name?eth0

[root@host1?~]#?ip?netns?exec?r1?ip?addr
1:?lo:?<LOOPBACK>?mtu?65536?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00
7:?eth0@if8:?<BROADCAST,MULTICAST>?mtu?1500?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/ether?4e:f2:68:33:47:a1?brd?ff:ff:ff:ff:ff:ff?link-netnsid?0

將veth2.1地址設(shè)置為10.0.0.1/8，將r1中的eth0地址地址設(shè)置為10.0.0.2/8

[root@host1?~]#?ip?addr?add?10.0.0.1/8?dev?veth2.1

[root@host1?~]#?ip?netns?exec?r1?ip?addr?add?10.0.0.2/8?dev?eth0

[root@host1?~]#?ip?addr?show?veth2.1
8:?veth2.1@if7:?<BROADCAST,MULTICAST>?mtu?1500?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/ether?1e:62:af:a2:bc:6d?brd?ff:ff:ff:ff:ff:ff?link-netnsid?1
????inet?10.0.0.1/8?scope?global?veth2.1
???????valid_lft?forever?preferred_lft?forever
???????
[root@host1?~]#?ip?netns?exec?r1?ip?addr?show?eth0
7:?eth0@if8:?<BROADCAST,MULTICAST>?mtu?1500?qdisc?noop?state?DOWN?group?default?qlen?1000
????link/ether?4e:f2:68:33:47:a1?brd?ff:ff:ff:ff:ff:ff?link-netnsid?0
????inet?10.0.0.2/8?scope?global?eth0
???????valid_lft?forever?preferred_lft?forever

此時(shí)兩個(gè)網(wǎng)卡都是down狀態(tài)，解決方法如下

[root@host1?~]#?ip?link?set?veth2.1?up
[root@host1?~]#?ip?netns?exec?r1?ip?link?set?eth0?up

也可以將veth2.1放入另一個(gè)名稱空間，這樣兩個(gè)名稱空間就可以通信了

[root@host1?~]#?ip?link?set?veth2.1?netns?r2
[root@host1?~]#?ip?netns?exec?r2?ip?link?set?veth2.1?up

網(wǎng)頁(yè)題目：Docker系列5：網(wǎng)絡(luò)名稱空間管理
文章源于：http://www.muchs.cn/article12/gdgsdc.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián)，為您提供App開(kāi)發(fā)、域名注冊(cè)、品牌網(wǎng)站設(shè)計(jì)、網(wǎng)站設(shè)計(jì)、網(wǎng)站維護(hù)、品牌網(wǎng)站制作

聲明：本網(wǎng)站發(fā)布的內(nèi)容（圖片、視頻和文字）以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主，如果涉及侵權(quán)請(qǐng)盡快告知，我們將會(huì)在第一時(shí)間刪除。文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng)，如需處理請(qǐng)聯(lián)系客服。電話：028-86922220；郵箱：631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載，或轉(zhuǎn)載時(shí)需注明來(lái)源：創(chuàng)新互聯(lián)

猜你還喜歡下面的內(nèi)容