There is a public list of all Tor nodes (except Bridged). You can view it in Vidalia, or here:
or google "list of Tor nodes"
When you start a session, your Tor client randomly picks 3 nodes from that list (lets call them, NodeA, NodeB, ExitNode).
Then it creates packet for the last node (ExitNode) - for example, "GET google.com/"
Encrypts this packet with ExitNode's public key (so only ExitNode can decrypt it back).
Let's call it Packet1.
After that Tor creates second packet, which contains Packet1 inside. This packet is intended for NodeB and is encrypted with NodeB key. It has such instructions: "Connect to this IP (IP of ExitNode) and send him Packet1".
This will be Packet2.
And the third packet is for NodeA, and it says: "Connect to NodeB and send him Packet2".
After that Tor client connects to NodeA and sends him Packet3.
When NodeA receives this packet, he doesn't know what's inside. So he doesn't know IP of ExitNode, and instructions inside it (GET google.com). The only thing NodeA can disassemble from third packet is the IP Address of NodeB, and some random encrypted data (we call it Packet2) that should be sent to that IP. So it sends.
When NodeB receives Packet2, it decrypts it with private key and disassembles. Inside there is an IP address of ExitNode, and some encrypted data (Packet1) to send.
And only ExitNode can decrypt Packet1, and actually go & visit google.com.
Each node in the chain knows only it's neighbors: IP address of next node in the chain, and IP address who sends this packet. So ExitNode doesn't know IP of NodeA, and NodeA doesn't know IP of ExitNode.