Docker 提供多个网络驱动程序(bridge、host、overlay、macvlan、none),用于满足不同的连接需求,以及用户定义网络等功能,具有基于 DNS 的服务发现。深入理解网络对于正确连接多容器和多主机应用程序很重要。
网络驱动程序
text
BRIDGE (default) → a private internal network on a single host; containers communicate;
isolated from the host except via published ports. USER-DEFINED bridges add DNS
(containers reach each other by name) — preferred over the default bridge.
HOST → the container uses the host's network stack directly (no isolation, no port
mapping needed) — max performance, less isolation.
OVERLAY → spans MULTIPLE hosts → containers on different machines communicate
(for Docker Swarm / multi-host clusters).
MACVLAN → gives a container its own MAC/IP on the physical network (appears as a
physical device).
NONE → no networking (fully isolated).