export和import容器
bash
[root@docker ~ 10:10:44]# docker run -d --name httpd1 httpd
60aa85d4d68ff852feacd7439e2c6f7fe7dae9996b8d176a9eaf706497d328fe
[root@docker ~ 10:11:07]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
60aa85d4d68f httpd "httpd-foreground" 3 seconds ago Up 2 seconds 80/tcp httpd1
[root@docker ~ 10:11:09]# docker export --help
Usage: docker export [OPTIONS] CONTAINER
Export a container's filesystem as a tar archive
Aliases:
docker container export, docker export
Options:
-o, --output string Write to a file, instead of STDOUT
##将容器导出为一个tar包
[root@docker ~ 10:11:24]# docker export httpd1 -o export_httpd
[root@docker ~ 10:12:07]# ls
allimages.tar dirA export_httpd harbor-offline-installer-v2.9.1.tgz httpd.tar porject
anaconda-ks.cfg Dockerfile harbor httpd index.html ssh.centos
[root@docker ~ 10:12:39]# docker import --help
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
Aliases:
docker image import, docker import
Options:
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Set commit message for imported image
--platform string Set platform if server is multi-platform capable
[root@docker ~ 10:12:53]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu-with-stress latest 0659db69e990 18 hours ago 139MB
httpd latest c194ed9b9e8f 3 days ago 117MB
ubuntu latest 30ba44506a6d 2 weeks ago 100MB
busybox latest 925ff61909ae 19 months ago 4.42MB
[root@docker ~ 10:13:02]# docker import export_httpd httpd_1:v1
sha256:8c6e0d5248b05c37dd3d03f2db2d999b47c30eef7ebaa592bad9faa7a9bb0521
[root@docker ~ 10:13:48]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd_1 v1 8c6e0d5248b0 7 seconds ago 115MB
ubuntu-with-stress latest 0659db69e990 18 hours ago 139MB
httpd latest c194ed9b9e8f 3 days ago 117MB
ubuntu latest 30ba44506a6d 2 weeks ago 100MB
busybox latest 925ff61909ae 19 months ago 4.42MBdocker save 和 docker export 对比:
docker save :将镜像保存为文件,save会保存该镜像的所有元数据和历史记录。
docker export :将容器导出为文件,文件会丢失所有元数据和历史记录,仅保存容器当时的状 态,再次导入会当作全新的镜像。
none和host网络的适用场景
none
none 网络就是什么都没有的网络。挂在这个网络下的容器除了 lo,没有其他任何网卡
bash
[root@docker ~ 10:14:41]# docker network ls
NETWORK ID NAME DRIVER SCOPE
6b7a7f98d849 bridge bridge local
58d0fcfc22ef harbor_harbor bridge local
f18bc86af02a host host local
7abb49f3f545 none null local
[root@docker ~ 11:03:37]# docker run -it --network=none busybox
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # hostname
837e62759e45
/ # exithost
挂在host网络上的容器共享宿主机的network namespace。即容器的网络配置与host网络配置完全一 样。
bash
[root@docker ~ 11:05:39]# docker run -it --network=host busybox
/ # ip l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
link/ether 00:0c:29:e3:f8:c5 brd ff:ff:ff:ff:ff:ff
3: br-58d0fcfc22ef: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 02:42:44:c6:72:e8 brd ff:ff:ff:ff:ff:ff
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
link/ether 02:42:f5:c7:4f:dc brd ff:ff:ff:ff:ff:ff
6: vethb845c33@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue master docker0
link/ether e2:8a:7d:8a:41:5b brd ff:ff:ff:ff:ff:ff
/ # ifconfig
br-58d0fcfc22ef Link encap:Ethernet HWaddr 02:42:44:C6:72:E8
inet addr:172.18.0.1 Bcast:172.18.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
docker0 Link encap:Ethernet HWaddr 02:42:F5:C7:4F:DC
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:f5ff:fec7:4fdc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:526 (526.0 B)
ens160 Link encap:Ethernet HWaddr 00:0C:29:E3:F8:C5
inet addr:192.168.108.30 Bcast:192.168.108.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee3:f8c5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:17803 errors:0 dropped:0 overruns:0 frame:0
TX packets:29524 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1365075 (1.3 MiB) TX bytes:11481471 (10.9 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vethb845c33 Link encap:Ethernet HWaddr E2:8A:7D:8A:41:5B
inet6 addr: fe80::e08a:7dff:fe8a:415b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:1672 (1.6 KiB)
/ # hostname
docker
/ # exitbrige网络
bash
#先配置yum源用于安装软件
[root@docker ~ 14:04:00]# cd /etc/yum.repos.d/
[root@docker yum.repos.d 14:04:08]# ls
docker-ce.repo os.repo
[root@docker yum.repos.d 14:04:09]# vim linux.birdge.repo
[centos-openstack-victoria]
name=CentOS 8 - OpenStack victoria
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/cloud/x86_64/openstack-victoria/
enabled=1
gpgcheck=0
[root@docker yum.repos.d 14:06:45]# yum install -y bridge-utils
[root@docker yum.repos.d 14:07:07]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.024213d2158d no
##当前 docker0 上没有任何其他网络设备
[root@docker yum.repos.d 14:08:00]# docker run -itd --name busybox1 busybox
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
481282afbc43: Pull complete
Digest: sha256:1487d0af5f52b4ba31c7e465126ee2123fe3f2305d638e7827681e7cf6c83d5e
Status: Downloaded newer image for busybox:latest
74ff8b9fe84b02aa05ebc1f7de4627d0d9363f82d51ba75b01c001b3cb4aa7d7
[root@docker yum.repos.d 14:08:34]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.024213d2158d no vethbf629ed
##一个新的网络接口 vethddb2744 被挂到了 docker0 上, vethddb2744 就是新创建容器的虚拟网卡
[root@docker yum.repos.d 14:08:40]# docker exec -it busybox1 sh
/ # ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
#容器里的网卡是4号网卡名字叫eth0,对面是5号网卡
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ # read escape sequence
[root@docker yum.repos.d 14:10:10]# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "d53cfc52373a8c647031189b1af435e64ecdadc7de444276fb041f3d3dfecf85",
"Created": "2026-05-12T14:02:45.886957278+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"74ff8b9fe84b02aa05ebc1f7de4627d0d9363f82d51ba75b01c001b3cb4aa7d7": {
"Name": "busybox1", ###容器busybox1
"EndpointID": "beaf1657e5b59944e0eca0562a2a16f2bab1bb300f718c97f5db3e7473fa4490",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16", #分配给busybox1的172.17.0.2
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@docker yum.repos.d 14:10:35]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:e3:f8:c5 brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.108.30/24 brd 192.168.108.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee3:f8c5/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:13:d2:15:8d brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:13ff:fed2:158d/64 scope link
valid_lft forever preferred_lft forever
###证明了容器busybox1里的 eth0 连接到了docker0网桥的vethbf629ed
5: vethbf629ed@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether d2:58:4a:3e:e2:4a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::d058:4aff:fe3e:e24a/64 scope link
valid_lft forever preferred_lft forever
自定义容器网络
bash
##创建一个软件交换机
[root@docker ~ 14:49:39]# docker network create --driver bridge my_net
e08ed43672c1ed49d9995451e19d99eac55469b05566e0e941be695c6f3c36bf
[root@docker ~ 14:50:13]# brctl show
bridge name bridge id STP enabled interfaces
br-e08ed43672c1 8000.02425288fdee no
docker0 8000.024213d2158d no vethbf629ed
##注意看id是一样的
[root@docker ~ 14:50:20]# docker network ls
NETWORK ID NAME DRIVER SCOPE
d53cfc52373a bridge bridge local
f18bc86af02a host host local
e08ed43672c1 my_net bridge local
7abb49f3f545 none null local
##查看my_net的配置信息
[root@docker ~ 14:50:46]# docker network inspect my_net
[
{
"Name": "my_net",
"Id": "e08ed43672c1ed49d9995451e19d99eac55469b05566e0e941be695c6f3c36bf",
"Created": "2026-05-12T14:50:13.382915297+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
#这里 172.18.0.0/16 是 Docker自动分配的 IP 网段
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
##创建指定ip网段
[root@docker ~ 14:51:14]# docker network create --driver bridge --subnet 172.22.16.0/24 --gateway 172.22.16.1 my_net2
d3c54ceed8230ce88bcd81a9e61291eacf788f74d29c91fbbf29c93acc6bc66d
[root@docker ~ 14:52:50]# brctl show
bridge name bridge id STP enabled interfaces
br-d3c54ceed823 8000.0242b0a13d59 no
br-e08ed43672c1 8000.02425288fdee no
docker0 8000.024213d2158d no vethbf629ed
[root@docker ~ 14:52:57]# docker network inspect my_net2
[
{
"Name": "my_net2",
"Id": "d3c54ceed8230ce88bcd81a9e61291eacf788f74d29c91fbbf29c93acc6bc66d",
"Created": "2026-05-12T14:52:50.332274914+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.22.16.0/24",
"Gateway": "172.22.16.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@docker ~ 14:53:59]# docker run -it --network=my_net2 --name busybox2 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:16:10:02 brd ff:ff:ff:ff:ff:ff
inet 172.22.16.2/24 brd 172.22.16.255 scope global eth0
valid_lft forever preferred_lft forever
/ # [root@docker ~ 14:55:13]# brctl show
bridge name bridge id STP enabled interfaces
br-d3c54ceed823 8000.0242b0a13d59 no veth89c3be9
br-e08ed43672c1 8000.02425288fdee no
docker0 8000.024213d2158d no vethbf629ed
[root@docker ~ 14:55:21]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:e3:f8:c5 brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.108.30/24 brd 192.168.108.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee3:f8c5/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:13:d2:15:8d brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:13ff:fed2:158d/64 scope link
valid_lft forever preferred_lft forever
5: vethbf629ed@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether d2:58:4a:3e:e2:4a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::d058:4aff:fe3e:e24a/64 scope link
valid_lft forever preferred_lft forever
6: br-e08ed43672c1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:52:88:fd:ee brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-e08ed43672c1
valid_lft forever preferred_lft forever
7: br-d3c54ceed823: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:b0:a1:3d:59 brd ff:ff:ff:ff:ff:ff
inet 172.22.16.1/24 brd 172.22.16.255 scope global br-d3c54ceed823
valid_lft forever preferred_lft forever
inet6 fe80::42:b0ff:fea1:3d59/64 scope link
valid_lft forever preferred_lft forever
9: veth89c3be9@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-d3c54ceed823 state UP group default
link/ether 9e:33:23:fa:3d:41 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::9c33:23ff:fefa:3d41/64 scope link
valid_lft forever preferred_lft forever
[root@docker ~ 14:56:00]# docker run -it --network=my_net2 --ip 172.22.16.8 --name busybox3 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
10: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:16:10:08 brd ff:ff:ff:ff:ff:ff
inet 172.22.16.8/24 brd 172.22.16.255 scope global eth0
valid_lft forever preferred_lft forever
/ # [root@docker ~ 14:57:21]# brctl show
bridge name bridge id STP enabled interfaces
br-d3c54ceed823 8000.0242b0a13d59 no veth89c3be9
vethd6c4eec
br-e08ed43672c1 8000.02425288fdee no
docker0 8000.024213d2158d no vethbf629ed
[root@docker ~ 14:57:27]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:e3:f8:c5 brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 192.168.108.30/24 brd 192.168.108.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee3:f8c5/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:13:d2:15:8d brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:13ff:fed2:158d/64 scope link
valid_lft forever preferred_lft forever
5: vethbf629ed@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether d2:58:4a:3e:e2:4a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::d058:4aff:fe3e:e24a/64 scope link
valid_lft forever preferred_lft forever
6: br-e08ed43672c1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:52:88:fd:ee brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-e08ed43672c1
valid_lft forever preferred_lft forever
7: br-d3c54ceed823: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:b0:a1:3d:59 brd ff:ff:ff:ff:ff:ff
inet 172.22.16.1/24 brd 172.22.16.255 scope global br-d3c54ceed823
valid_lft forever preferred_lft forever
inet6 fe80::42:b0ff:fea1:3d59/64 scope link
valid_lft forever preferred_lft forever
9: veth89c3be9@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-d3c54ceed823 state UP group default
link/ether 9e:33:23:fa:3d:41 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::9c33:23ff:fefa:3d41/64 scope link
valid_lft forever preferred_lft forever
11: vethd6c4eec@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-d3c54ceed823 state UP group default
link/ether 9a:91:77:bc:c8:00 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::9891:77ff:febc:c800/64 scope link
valid_lft forever preferred_lft forever
[root@docker ~ 14:57:37]# docker run -it --network=my_net --ip 172.18.0.8 busybox
docker: Error response from daemon: invalid config for network my_net: invalid endpoint settings:
user specified IP address is supported only when connecting to networks with user configured subnets.
See 'docker run --help'.理解容器之间的连通性
bash
[root@docker ~ 15:28:43]# docker exec -it busybox2 sh
/ # ping 172.22.16.8
PING 172.22.16.8 (172.22.16.8): 56 data bytes
64 bytes from 172.22.16.8: seq=0 ttl=64 time=0.128 ms
64 bytes from 172.22.16.8: seq=1 ttl=64 time=0.147 ms
64 bytes from 172.22.16.8: seq=2 ttl=64 time=0.149 ms
^C
--- 172.22.16.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.128/0.141/0.149 ms
/ # ping 172.22.16.1
PING 172.22.16.1 (172.22.16.1): 56 data bytes
64 bytes from 172.22.16.1: seq=0 ttl=64 time=0.104 ms
64 bytes from 172.22.16.1: seq=1 ttl=64 time=0.086 ms
^C
--- 172.22.16.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.086/0.095/0.104 ms
/ # ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
/ # read escape sequence
[root@docker ~ 15:34:33]# ip r
default via 192.168.108.2 dev ens160 proto static metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
172.18.0.0/16 dev br-e08ed43672c1 proto kernel scope link src 172.18.0.1 linkdown
172.22.16.0/24 dev br-d3c54ceed823 proto kernel scope link src 172.22.16.1
192.168.108.0/24 dev ens160 proto kernel scope link src 192.168.108.30 metric 100
[root@docker ~ 15:34:36]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
[root@docker ~ 15:34:58]# iptables-save
# Generated by iptables-save v1.8.5 on Tue May 12 15:35:28 2026
*filter
:INPUT ACCEPT [30891:7446944]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [49665:19159933]
:DOCKER - [0:0]
:DOCKER-ISOLATION-STAGE-1 - [0:0]
:DOCKER-ISOLATION-STAGE-2 - [0:0]
:DOCKER-USER - [0:0]
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o br-d3c54ceed823 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-d3c54ceed823 -j DOCKER
-A FORWARD -i br-d3c54ceed823 ! -o br-d3c54ceed823 -j ACCEPT
-A FORWARD -i br-d3c54ceed823 -o br-d3c54ceed823 -j ACCEPT
-A FORWARD -o br-e08ed43672c1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o br-e08ed43672c1 -j DOCKER
-A FORWARD -i br-e08ed43672c1 ! -o br-e08ed43672c1 -j ACCEPT
-A FORWARD -i br-e08ed43672c1 -o br-e08ed43672c1 -j ACCEPT
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER-ISOLATION-STAGE-1 -i br-d3c54ceed823 ! -o br-d3c54ceed823 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -i br-e08ed43672c1 ! -o br-e08ed43672c1 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o br-d3c54ceed823 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -o br-e08ed43672c1 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-USER -j RETURN
COMMIT
# Completed on Tue May 12 15:35:28 2026
# Generated by iptables-save v1.8.5 on Tue May 12 15:35:28 2026
*security
:INPUT ACCEPT [30883:7445112]
:FORWARD ACCEPT [6:504]
:OUTPUT ACCEPT [49665:19159933]
COMMIT
# Completed on Tue May 12 15:35:28 2026
# Generated by iptables-save v1.8.5 on Tue May 12 15:35:28 2026
*raw
:PREROUTING ACCEPT [30899:7447616]
:OUTPUT ACCEPT [49665:19159933]
COMMIT
# Completed on Tue May 12 15:35:28 2026
# Generated by iptables-save v1.8.5 on Tue May 12 15:35:28 2026
*mangle
:PREROUTING ACCEPT [30899:7447616]
:INPUT ACCEPT [30891:7446944]
:FORWARD ACCEPT [8:672]
:OUTPUT ACCEPT [49665:19159933]
:POSTROUTING ACCEPT [49671:19160437]
COMMIT
# Completed on Tue May 12 15:35:28 2026
# Generated by iptables-save v1.8.5 on Tue May 12 15:35:28 2026
*nat
:PREROUTING ACCEPT [16:2376]
:INPUT ACCEPT [5:292]
:POSTROUTING ACCEPT [75:6202]
:OUTPUT ACCEPT [74:6118]
:DOCKER - [0:0]
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.22.16.0/24 ! -o br-d3c54ceed823 -j MASQUERADE
-A POSTROUTING -s 172.18.0.0/16 ! -o br-e08ed43672c1 -j MASQUERADE
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A DOCKER -i br-d3c54ceed823 -j RETURN
-A DOCKER -i br-e08ed43672c1 -j RETURN
-A DOCKER -i docker0 -j RETURN
COMMIT
# Completed on Tue May 12 15:35:28 2026
[root@docker ~ 15:35:28]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
86d0ae4b5678 busybox "sh" 38 minutes ago Up 38 minutes busybox3
27f3527358e1 busybox "sh" 41 minutes ago Up 41 minutes busybox2
74ff8b9fe84b busybox "sh" About an hour ago Up About an hour busybox1
[root@docker ~ 15:36:01]# docker network connect my_net2 busybox1
[root@docker ~ 15:36:24]# docker exec -it busybox1 sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
12: eth1@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:16:10:03 brd ff:ff:ff:ff:ff:ff
inet 172.22.16.3/24 brd 172.22.16.255 scope global eth1
valid_lft forever preferred_lft forever
/ # read escape sequence
[root@docker ~ 15:37:05]# brctl show
bridge name bridge id STP enabled interfaces
br-d3c54ceed823 8000.0242b0a13d59 no veth009f075
veth89c3be9
vethd6c4eec
br-e08ed43672c1 8000.02425288fdee no
docker0 8000.024213d2158d no vethbf629ed
[root@docker ~ 15:44:15]# docker exec -it busybox1 sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
12: eth1@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:16:10:03 brd ff:ff:ff:ff:ff:ff
inet 172.22.16.3/24 brd 172.22.16.255 scope global eth1
valid_lft forever preferred_lft forever
/ #
[root@docker ~ 15:37:16]# docker exec -it busybox2 sh
/ # ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
^C
--- 172.17.0.2 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
/ # ping 172.22.16.3
PING 172.22.16.3 (172.22.16.3): 56 data bytes
64 bytes from 172.22.16.3: seq=0 ttl=64 time=0.131 ms
64 bytes from 172.22.16.3: seq=1 ttl=64 time=0.090 ms
64 bytes from 172.22.16.3: seq=2 ttl=64 time=0.092 ms
^C
--- 172.22.16.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.090/0.104/0.131 ms
/ # read escape sequence通信的三种方式
IP 通信
从上一节的例子可以得出这样一个结论:两个容器要能通信,必须要有属于同一个网络的网卡
Docker DNS Server
使用 docker DNS 有个限制:只能在 user-defined 网络中使用。也就是说,默认的 bridge 网络是无法 使用 DNS 的
bash
[root@docker ~ 15:58:21]# docker run -it --network my_net2 --name box1 busybox
/ # [root@docker ~ 15:59:03]# docker run -it --network my_net2 --name box2 busybox
/ # ping box1
PING box1 (172.22.16.4): 56 data bytes
64 bytes from 172.22.16.4: seq=0 ttl=64 time=0.106 ms
64 bytes from 172.22.16.4: seq=1 ttl=64 time=0.078 ms
64 bytes from 172.22.16.4: seq=2 ttl=64 time=0.073 ms
^C
--- box1 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.073/0.085/0.106 ms
/ # [root@docker ~ 15:59:27]# docker run -it --name box3 busybox
/ # [root@docker ~ 15:59:49]# docker run -it --name box4 busybox
/ # ping box3
ping: bad address 'box3'joined 容器
joined 容器是另一种实现容器间通信的方式。 joined 容器非常特别,它可以使两个或多个容器共享一个网络栈,共享网卡和配置信息,joined 容器之 间可以通过 127.0.0.1 直接通信
bash
/ # [root@docker ~ 16:00:01]# docker run -d -it --name web1 httpd
Unable to find image 'httpd:latest' locally
latest: Pulling from library/httpd
57fb71246055: Pull complete
4b31e7d9a3b8: Pull complete
4f4fb700ef54: Pull complete
6e3e6d1d5b56: Pull complete
777279f5ce9f: Pull complete
4b705a141cea: Pull complete
Digest: sha256:bac8021a9b7ad41a399dc72bb0e1f0b832b565632df7e62871e07d2aca8b293e
Status: Downloaded newer image for httpd:latest
02ad010920759b46505a178fc344ad646a877b347bf99e16d220e89a8c3c0f71
[root@docker ~ 16:00:55]# docker exec -it web1 bash
root@02ad01092075:/usr/local/apache2# hostname -i
172.17.0.5
root@02ad01092075:/usr/local/apache2# read escape sequence
##busybox 和 web1 的网卡 mac 地址与 IP 完全一样,它们共享了相同的网络栈。busybox 可以直接用 127.0.0.1 访问 web1 的 http 服务。
[root@docker ~ 16:01:28]# docker run -it --network container:web1 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
22: eth0@if23: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:11:00:05 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.5/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ # wget 127.0.0.1
Connecting to 127.0.0.1 (127.0.0.1:80)
saving to 'index.html'
index.html 100% |*************************************************| 191 0:00:00 ETA
'index.html' saved
/ # cat index.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>It works! Apache httpd</title>
</head>
<body>
<p>It works!</p>
</body>
</html>容器如何访问外部世界
bash
[root@docker ~ 16:25:18]# ping www.qq.com
PING ins-r23tsuuf.ias.tencent-cloud.net (101.91.42.232) 56(84) bytes of data.
64 bytes from 101.91.42.232 (101.91.42.232): icmp_seq=1 ttl=128 time=10.9 ms
64 bytes from 101.91.42.232 (101.91.42.232): icmp_seq=2 ttl=128 time=9.45 ms
^C
--- ins-r23tsuuf.ias.tencent-cloud.net ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 9.451/10.182/10.914/0.738 ms
[root@docker ~ 16:25:35]# docker run -it busybox sh
/ # ping www.11.com
PING www.11.com (104.21.7.201): 56 data bytes
64 bytes from 104.21.7.201: seq=0 ttl=127 time=209.272 ms
^C
--- www.11.com ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 209.272/209.272/209.272 ms
[root@docker ~ 16:27:03]# iptables -t nat -S
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P POSTROUTING ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.22.16.0/24 ! -o br-d3c54ceed823 -j MASQUERADE
-A POSTROUTING -s 172.18.0.0/16 ! -o br-e08ed43672c1 -j MASQUERADE
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A DOCKER -i br-d3c54ceed823 -j RETURN
-A DOCKER -i br-e08ed43672c1 -j RETURN
-A DOCKER -i docker0 -j RETURN通过 tcpdump 查看地址是如何转换的。先查看 docker host 的路由表:
bash
[root@docker ~ 16:31:25]# ip r
default via 192.168.108.2 dev ens160 proto static metric 100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1
172.18.0.0/16 dev br-e08ed43672c1 proto kernel scope link src 172.18.0.1 linkdown
172.22.16.0/24 dev br-d3c54ceed823 proto kernel scope link src 172.22.16.1
192.168.108.0/24 dev ens160 proto kernel scope link src 192.168.108.30 metric 100新开俩个窗口用来抓包docker0网卡和ens160网卡
ping测试
bash
[root@docker ~ 16:29:00]# docker run -it busybox sh
/ # ping www.qq.com
PING www.qq.com (101.91.22.57): 56 data bytes
64 bytes from 101.91.22.57: seq=0 ttl=127 time=11.599 ms
64 bytes from 101.91.22.57: seq=1 ttl=127 time=11.394 ms
64 bytes from 101.91.22.57: seq=2 ttl=127 time=12.796 ms
64 bytes from 101.91.22.57: seq=3 ttl=127 time=11.982 ms
^C
--- www.qq.com ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 11.394/11.942/12.796 ms
/ # 转到抓包界面观察
观察docker0
bash
[root@docker ~ 16:29:25]# tcpdump -i docker0 -n icmp
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on docker0, link-type EN10MB (Ethernet), capture size 262144 bytes
16:30:55.347499 IP 172.17.0.7 > 101.91.22.57: ICMP echo request, id 6, seq 0, length 64
16:30:55.358987 IP 101.91.22.57 > 172.17.0.7: ICMP echo reply, id 6, seq 0, length 64
16:30:56.348049 IP 172.17.0.7 > 101.91.22.57: ICMP echo request, id 6, seq 1, length 64
16:30:56.359311 IP 101.91.22.57 > 172.17.0.7: ICMP echo reply, id 6, seq 1, length 64
16:30:57.348762 IP 172.17.0.7 > 101.91.22.57: ICMP echo request, id 6, seq 2, length 64
16:30:57.361403 IP 101.91.22.57 > 172.17.0.7: ICMP echo reply, id 6, seq 2, length 64
16:30:58.349363 IP 172.17.0.7 > 101.91.22.57: ICMP echo request, id 6, seq 3, length 64
16:30:58.361213 IP 101.91.22.57 > 172.17.0.7: ICMP echo reply, id 6, seq 3, length 64
##docker0 收到 busybox 的 ping 包,源地址为容器 IP 172.17.0.2,这没问题,交给 MASQUERADE 处理观察ens160
bash
[root@docker ~ 16:29:28]# tcpdump -i ens160 -n icmp
dropped privs to tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens160, link-type EN10MB (Ethernet), capture size 262144 bytes
16:30:55.347527 IP 192.168.108.30 > 101.91.22.57: ICMP echo request, id 6, seq 0, length 64
16:30:55.358951 IP 101.91.22.57 > 192.168.108.30: ICMP echo reply, id 6, seq 0, length 64
16:30:56.348090 IP 192.168.108.30 > 101.91.22.57: ICMP echo request, id 6, seq 1, length 64
16:30:56.359285 IP 101.91.22.57 > 192.168.108.30: ICMP echo reply, id 6, seq 1, length 64
16:30:57.348823 IP 192.168.108.30 > 101.91.22.57: ICMP echo request, id 6, seq 2, length 64
16:30:57.361371 IP 101.91.22.57 > 192.168.108.30: ICMP echo reply, id 6, seq 2, length 64
16:30:58.349404 IP 192.168.108.30 > 101.91.22.57: ICMP echo request, id 6, seq 3, length 64
16:30:58.361181 IP 101.91.22.57 > 192.168.108.30: ICMP echo reply, id 6, seq 3, length 64
##ping 包的源地址变成了 ens160 的 IP 192.168.108.30-
busybox 发送 ping 包:172.17.0.2 > www.qq.com。
-
docker0 收到包,发现是发送到外网的,交给 NAT 处理。
-
NAT 将源地址换成 ens160的 IP:192.168.108.30 > www.qq.com。
-
ping 包从 ens160 发送出去,到达 www.qq.com。
通过 NAT,docker 实现了容器对外网的访问。
外部世界如何访问容器
通过端口映射
bash
##-p 指定映射到 host 某个特定端口
[root@docker ~ 16:41:25]# docker run -d -p 80 httpd
1092b1dfe5ae8e06c528300005aa5dfe294491a9d3c18f92a69f5fff4aa615cd
[root@docker ~ 16:42:07]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1092b1dfe5ae httpd "httpd-foreground" 6 seconds ago Up 5 seconds
####这里看到32768映射到80端口
0.0.0.0:32768->80/ tcp, :::32768->80/tcp boring_jang
a57c4be438b8 busybox "sh" 11 minutes ago Up 11 minutes hardcore_bouman
e01862805906 busybox "sh" 16 minutes ago Up 16 minutes dazzling_bassi
dba34b86ae91 busybox "sh" 40 minutes ago Up 40 minutes goofy_edison
02ad01092075 httpd "httpd-foreground" 41 minutes ago Up 41 minutes 80/tcp web1
4ea90c744ae2 busybox "sh" 42 minutes ago Up 42 minutes box4
40ee7711bf24 busybox "sh" 42 minutes ago Up 42 minutes box3
2096cbe0efd2 busybox "sh" 43 minutes ago Up 43 minutes box2
c69d8247d077 busybox "sh" 43 minutes ago Up 43 minutes box1
86d0ae4b5678 busybox "sh" 2 hours ago Up 2 hours busybox3
27f3527358e1 busybox "sh" 2 hours ago Up 2 hours busybox2
74ff8b9fe84b busybox "sh" 3 hours ago Up 3 hours busybox1
[root@docker ~ 16:42:13]# curl 192.168.108.30:32768
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>It works! Apache httpd</title>
</head>
<body>
<p>It works!</p>
</body>
</html>
##-p 中指定映射到 host 某个特定端口,将 80 端口映射到 host的8080端口
[root@docker ~ 16:42:55]# docker run -d -p 8080:80 httpd
9d4e117306f559db3126162ba9b82242392c85d325372dcbd1ce8b56194159c7
[root@docker ~ 16:43:14]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9d4e117306f5 httpd "httpd-foreground" 8 seconds ago Up 7 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp ecstatic_meitner
1092b1dfe5ae httpd "httpd-foreground" About a minute ago Up About a minute 0.0.0.0:32768->80/tcp, :::32768->80/tcp boring_jang
a57c4be438b8 busybox "sh" 12 minutes ago Up 12 minutes hardcore_bouman
e01862805906 busybox "sh" 17 minutes ago Up 17 minutes dazzling_bassi
dba34b86ae91 busybox "sh" 41 minutes ago Up 41 minutes goofy_edison
02ad01092075 httpd "httpd-foreground" 42 minutes ago Up 42 minutes 80/tcp web1
4ea90c744ae2 busybox "sh" 43 minutes ago Up 43 minutes box4
40ee7711bf24 busybox "sh" 43 minutes ago Up 43 minutes box3
2096cbe0efd2 busybox "sh" 44 minutes ago Up 44 minutes box2
c69d8247d077 busybox "sh" 44 minutes ago Up 44 minutes box1
86d0ae4b5678 busybox "sh" 2 hours ago Up 2 hours busybox3
27f3527358e1 busybox "sh" 2 hours ago Up 2 hours busybox2
74ff8b9fe84b busybox "sh" 3 hours ago Up 3 hours busybox1
[root@docker ~ 16:43:22]# curl 192.168.108.30:8080
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>It works! Apache httpd</title>
</head>
<body>
<p>It works!</p>
</body>
</html>"sh" 44 minutes ago Up 44 minutes box2
c69d8247d077 busybox "sh" 44 minutes ago Up 44 minutes box1
86d0ae4b5678 busybox "sh" 2 hours ago Up 2 hours busybox3
27f3527358e1 busybox "sh" 2 hours ago Up 2 hours busybox2
74ff8b9fe84b busybox "sh" 3 hours ago Up 3 hours busybox1
root@docker \~ 16:43:22\]# curl 192.168.108.30:8080 It works! Apache httpd It works! \`\`\`