도커의 기본 네트워크
도커에서 사용하는 기본적인 네트워크의 정보를 간단히 적어 보자.
네트워크 정보
먼저 도커를 사용하여 컨테이너를 6대 띄워 보았다. 포트 매핑은 각 컨테이너의 80번을 65530부터 순서대로 65535까지 주었다. 그 결과는 다음과 같다.
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
212ebf2badd9 f9246c6a4267 "/bin/bash" 38 minutes ago Up 38 minutes 0.0.0.0:65535->80/tcp cranky_saha
976aa73e6c35 f9246c6a4267 "/bin/bash" 38 minutes ago Up 38 minutes 0.0.0.0:65534->80/tcp modest_cori
bd9e5490c123 f9246c6a4267 "/bin/bash" 38 minutes ago Up 38 minutes 0.0.0.0:65533->80/tcp tiny_colden
b1fe994fa7ec f9246c6a4267 "/bin/bash" 38 minutes ago Up 38 minutes 0.0.0.0:65532->80/tcp gigantic_bhabha
98373a368cf3 f9246c6a4267 "/bin/bash" 38 minutes ago Up 38 minutes 0.0.0.0:65531->80/tcp lonely_hodgkin
13bf363f671b f9246c6a4267 "/bin/bash" 38 minutes ago Up 38 minutes 0.0.0.0:65530->80/tcp tiny_stonebraker
여기서 ifconfig를 통해 디바이스 정보를 보면 다음과 같은 내용을 확인할 수 있다.
$ ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:15:81:48:46
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:15ff:fe81:4846/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:56 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3752 (3.7 KB) TX bytes:648 (648.0 B)
eth0 Link encap:Ethernet HWaddr 0a:f1:98:ee:ef:af
...
lo Link encap:Local Loopback
...
veth065ed87 Link encap:Ethernet HWaddr d6:2b:49:9d:4b:f8
inet6 addr: fe80::d42b:49ff:fe9d:4bf8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:1506 (1.5 KB)
veth5347df1 Link encap:Ethernet HWaddr 8e:de:5e:a2:51:f5
inet6 addr: fe80::8cde:5eff:fea2:51f5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:3310 (3.3 KB)
veth80b135d Link encap:Ethernet HWaddr aa:ba:41:1c:bf:2a
inet6 addr: fe80::a8ba:41ff:fe1c:bf2a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:3888 (3.8 KB)
vethc1c0210 Link encap:Ethernet HWaddr b6:ff:df:f6:8e:bb
inet6 addr: fe80::b4ff:dfff:fef6:8ebb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:2154 (2.1 KB)
vethd5015bc Link encap:Ethernet HWaddr aa:18:fc:59:9b:ec
inet6 addr: fe80::a818:fcff:fe59:9bec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:858 (858.0 B)
vethf5e5475 Link encap:Ethernet HWaddr 9e:3a:de:ca:ec:14
inet6 addr: fe80::9c3a:deff:feca:ec14/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:2732 (2.7 KB)
컨테이너의 숫자만큼 veth 디바이스가 추가됨을 확인할 수 있다.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 0a:f1:98:ee:ef:af brd ff:ff:ff:ff:ff:ff
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:15:81:48:46 brd ff:ff:ff:ff:ff:ff
7: veth80b135d@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether aa:ba:41:1c:bf:2a brd ff:ff:ff:ff:ff:ff link-netnsid 0
9: veth5347df1@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether 8e:de:5e:a2:51:f5 brd ff:ff:ff:ff:ff:ff link-netnsid 1
11: vethf5e5475@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether 9e:3a:de:ca:ec:14 brd ff:ff:ff:ff:ff:ff link-netnsid 2
13: vethc1c0210@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether b6:ff:df:f6:8e:bb brd ff:ff:ff:ff:ff:ff link-netnsid 3
15: veth065ed87@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether d6:2b:49:9d:4b:f8 brd ff:ff:ff:ff:ff:ff link-netnsid 4
17: vethd5015bc@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP mode DEFAULT group default
link/ether aa:18:fc:59:9b:ec brd ff:ff:ff:ff:ff:ff link-netnsid 5
네임스페이스
$ sudo nsenter -t 2886 -n ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever
$ sudo nsenter -t 3031 -n ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:3/64 scope link
valid_lft forever preferred_lft forever
$ sudo nsenter -t 3177 -n ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
10: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.4/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:4/64 scope link
valid_lft forever preferred_lft forever
$ sudo nsenter -t 3324 -n ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:05 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.5/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:5/64 scope link
valid_lft forever preferred_lft forever
$ sudo nsenter -t 3471 -n ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:06 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.6/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:6/64 scope link
valid_lft forever preferred_lft forever
$ sudo nsenter -t 3615 -n ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
16: eth0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:07 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.7/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:7/64 scope link
valid_lft forever preferred_lft forever
id가 6인 네트워크 디바이스의 mac id는 첫 번째 컨테이너가 사용중인데, 해당 컨테이너에 접속하여 맥 주소를 확인할 경우 같음을 확인 가능하다.
root@212ebf2badd9:/# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:07
inet addr:172.17.0.7 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:858 (858.0 B) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
veth pair가 어떻게 연결되어 있는지 확인해 보자. 호스트에서 ip link로 확인했을 때 나오는 veth 디바이스 이름을 순서대로 넣어 보았다. 7,9,11,13,15,17이 된다.
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S veth5347df1
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 8
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S veth80b135d
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 6
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S veth5347df1
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 8
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S vethf5e5475
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 10
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S vethc1c0210
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 12
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S veth065ed87
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 14
ubuntu@ip-10-2-9-61:~$ sudo ethtool -S vethd5015bc
sudo: unable to resolve host ip-10-2-9-61
NIC statistics:
peer_ifindex: 16
이 내용을 보았을 때, 다음과 같이 디바이스가 연결되는 것이 확인된다.
