我有一个Docker网络的问题,考虑以下几点:
#docker network create --driver macvlan \
--subnet=1.2.3.0/24 \
--gateway=1.2.3.1 \
-o parent=eth2 \
untrust
# cat /opt/docker-compose.yml
version: "3.5"
services:
foo:
container_name: foo
image: foo/foo-agent:latest
networks:
default:
ipv4_address: 1.2.3.4
networks:
default:
external:
name: untrust
# docker inspect foo
...
"Networks": {
"untrust": {
"IPAMConfig": {
"IPv4Address": "1.2.3.4"
},
"Links": null,
"Aliases": [
"8f8cd42eb471"
],
"NetworkID": "a0720868f1c9178bf0ac4e104076a0c2a318acf93c885319a7a5599c52a15992",
"EndpointID": "bb73157ed0b2376a7b002787388de8d2bed03eaabd995684eb06a66303d47620",
"Gateway": "1.2.3.1",
"IPAddress": "1.2.3.4",
"IPPrefixLen": 24,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:d0:76:e1:65",
"DriverOpts": null
...
docker-compose中的默认驱动程序已经被macvlan驱动程序替换了。这是否意味着应用程序foo将不再能够访问docker 0桥?
我们正在dmz中部署一个应用程序,希望确保它只能监听eth 2。
1条答案
按热度按时间c0vxltue1#
docker-compose中的默认驱动程序已经被macvlan驱动程序替换了。这是否意味着应用程序foo将不再能够访问docker 0桥?