| docker默认网段修改、docker网桥、docker network、用户自定义网桥 | 您所在的位置:网站首页 › default gateway怎么设置 › docker默认网段修改、docker网桥、docker network、用户自定义网桥 |
|
修改docker默认网段的两种方法
创建网桥 然后使用新建的网桥作为默认网桥(非自定义网桥)
[root@VM_0_12_centos ~]# yum install bridge-utils
Loaded plugins: fastestmirror, langpacks
Repository epel is listed more than once in the configuration
docker-ce-stable | 3.5 kB 00:00:00
epel | 3.2 kB 00:00:00
extras | 3.4 kB 00:00:00
mysql-connectors-community | 2.5 kB 00:00:00
mysql-tools-community | 2.5 kB 00:00:00
mysql57-community | 2.5 kB 00:00:00
nodesource | 2.5 kB 00:00:00
os | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
Loading mirror speeds from cached hostfile
Package bridge-utils-1.5-9.el7.x86_64 already installed and latest version
Nothing to do
[root@VM_0_12_centos ~]# brctl addbr br0
device br0 already exists; can't create bridge with the same name
[root@VM_0_12_centos ~]# brctl addbr br1
[root@VM_0_12_centos ~]# ip addr add 10.122.0.0/16 dev br1
[root@VM_0_12_centos ~]# ip link set dev br1 up
[root@VM_0_12_centos ~]# ip addr show br1
123: br1: mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether ee:6e:b7:fb:4a:97 brd ff:ff:ff:ff:ff:ff
inet 10.122.0.0/16 scope global br1
valid_lft forever preferred_lft forever
[root@VM_0_12_centos ~]# vim /etc/docker/daemon.json
[root@VM_0_12_centos ~]# cat /etc/docker/daemon.json
{
"bridge": "br1"
}
[root@VM_0_12_centos ~]# systemctl restart docker.service
[root@VM_0_12_centos ~]# docker run -it --rm busybox cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
10.122.0.3 51c410e24a69
[root@VM_0_12_centos ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
03faaf61101a bridge bridge local
d08980b50bd0 bridge0 bridge local
7a093c39f225 bridge3 bridge local
117f13eb9ab8 host host local
206f66306972 none null local
[root@VM_0_12_centos ~]# docker network inspect bridge -f '{{json .Options }}'
{"com.docker.network.bridge.default_bridge":"true","com.docker.network.bridge.enable_icc":"true","com.docker.network.bridge.enable_ip_masquerade":"true","com.docker.network.bridge.host_binding_ipv4":"0.0.0.0","com.docker.network.bridge.name":"br1","com.docker.network.driver.mtu":"1500"}
[root@VM_0_12_centos ~]# docker network inspect bridge -f '{{index .Options "com.docker.network.bridge.name"}}'
br1
容器的ip 显示docker的网桥设置已生效 2.修改默认网桥网段(docker0) [root@VM_0_12_centos ~]# vim /etc/docker/daemon.json [root@VM_0_12_centos ~]# cat /etc/docker/daemon.json { "bip": "10.125.0.1/16" } [root@VM_0_12_centos ~]# systemctl restart docker [root@VM_0_12_centos ~]# docker run -it --rm busybox cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 10.125.0.3 e294ad32d849 [root@VM_0_12_centos ~]# docker network ls NETWORK ID NAME DRIVER SCOPE da4f0fc850ad bridge bridge local d08980b50bd0 bridge0 bridge local 7a093c39f225 bridge3 bridge local 117f13eb9ab8 host host local 206f66306972 none null local [root@VM_0_12_centos ~]# docker network inspect bridge -f '{{index .Options "com.docker.network.bridge.name"}}' docker0上述是两种方法修改docker容器网段的方法, 本质是一样的(原因下述),都是docker的默认网桥,只是名字不一样,并不是自定义网桥,因此推荐第二种修改docker网段的方法。 而docker自定义网桥的功能,只有在docker network 创建的才有自定义网桥的种种便利及特性。 docker 自定义网桥自定义网桥的优势 可以指定别名, 基于docker内部的DNS 实现别名解析ip可以指定容器一个固定ip 首先测试下默认网桥是否可以是使用上述功能(切换至br1网桥) [root@VM_0_12_centos ~]# vim /etc/docker/daemon.json [root@VM_0_12_centos ~]# cat /etc/docker/daemon.json { "bridge": "br1" } [root@VM_0_12_centos ~]# systemctl restart docker [root@VM_0_12_centos ~]# docker run -it --rm busybox tail -n 1 /etc/hosts 10.122.0.3 4be7569b8933 [root@VM_0_12_centos ~]# ip addr show br1 123: br1: mtu 1500 qdisc noqueue state UP qlen 1000 link/ether fa:dd:bd:81:e2:14 brd ff:ff:ff:ff:ff:ff inet 10.122.0.1/16 brd 10.122.255.255 scope global br1 valid_lft forever preferred_lft forever [root@VM_0_12_centos ~]# docker run --network-alias my1 --hostname my1 -it busybox sh docker: Error response from daemon: network-scoped alias is supported only for containers in user defined networks. [root@VM_0_12_centos ~]# docker run --rm --ip 10.122.4.3 -it busybox sh docker: Error response from daemon: user specified IP address is supported on user defined networks only. [root@VM_0_12_centos ~]# # 上述报错说明: 重新创建的br1 并不是自定义网桥 [root@VM_0_12_centos ~]# # 创建自定义网桥 [root@VM_0_12_centos ~]# docker network create --gateway=10.237.0.1 --subnet=10.237.0.0/16 br2 9f618061c9bd3d7ad8d41229e956504fe1a01dc6cb7b4ffd3557561d2d83736b [root@VM_0_12_centos ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 9f618061c9bd br2 bridge local 49afa1fe5079 bridge bridge local d08980b50bd0 bridge0 bridge local 7a093c39f225 bridge3 bridge local 117f13eb9ab8 host host local 206f66306972 none null local 使用自定义网桥 ,并创建网络别名,hostname 查看ip / # [root@VM_0_12_centos ~]# docker run --network br2 --network-alias my1 --hostname my01 -it busybox sh / # cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 10.237.0.2 my01 使用自定义网桥 ,并创建网络别名,hostname 并指定固定ip查看ip / # [root@VM_0_12_centos ~]# docker run --network br2 --network-alias my2 --hostname my02 --ip 10.237.255.10 -it busybox sh / # ip addr 1: lo: mtu 65536 qdisc noqueue qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 151: eth0@if152: mtu 1500 qdisc noqueue link/ether 02:42:0a:ed:ff:0a brd ff:ff:ff:ff:ff:ff inet 10.237.255.10/16 brd 10.237.255.255 scope global eth0 valid_lft forever preferred_lft forever / # # ping my1 / # ping my1 PING my1 (10.237.0.2): 56 data bytes 64 bytes from 10.237.0.2: seq=0 ttl=64 time=0.081 ms 64 bytes from 10.237.0.2: seq=1 ttl=64 time=0.093 ms ^C --- my1 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.081/0.087/0.093 ms / # 设定多个容器 网络别名为一个,测试可达到负载均衡的目的 # 启动三个统一网络别名的容器 [root@VM_0_12_centos ~]# docker run --network br2 --network-alias my1 -d --hostname my02 --ip 10.237.255.11 -it busybox 03b2ee5820e3718a8353ab900c586e0a4f2e2856a2bbf335039663e1d58f98f7 [root@VM_0_12_centos ~]# docker run --network br2 --network-alias my1 -d --hostname my02 --ip 10.237.255.13 -it busybox 11a3eb276ef4c94f195838162cf7894017fb6694d7fc54528e45558220238e12 [root@VM_0_12_centos ~]# docker run --network br2 --network-alias my1 -d --hostname my02 --ip 10.237.255.12 -it busybox faf567c53db044cc8b5f22b3aba9c8f09b062d27a04df3a5cdaf4e4556bc194d [root@VM_0_12_centos ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES faf567c53db0 busybox "sh" 3 minutes ago Up 3 minutes gallant_golick 11a3eb276ef4 busybox "sh" 3 minutes ago Up 3 minutes thirsty_nightingale 03b2ee5820e3 busybox "sh" 3 minutes ago Up 3 minutes amazing_sinoussi e9f3d2fe4a8d busybox "sh" 40 minutes ago Up 40 minutes distracted_babbage 2c582cb994ed jpillora/dnsmasq "webproc --config /e…" 46 hours ago Up About an hour 0.0.0.0:53->53/udp, 0.0.0.0:5380->8080/tcp dnsmasq [root@VM_0_12_centos ~]# for i in {1..10};do docker run --rm --network br2 --hostname my02 --ip 10.237.255.15 -it busybox ping -c 1 my1 |head -2;done PING my1 (10.237.255.12): 56 data bytes 64 bytes from 10.237.255.12: seq=0 ttl=64 time=0.080 ms PING my1 (10.237.255.12): 56 data bytes 64 bytes from 10.237.255.12: seq=0 ttl=64 time=0.095 ms PING my1 (10.237.255.11): 56 data bytes 64 bytes from 10.237.255.11: seq=0 ttl=64 time=0.087 ms PING my1 (10.237.255.11): 56 data bytes 64 bytes from 10.237.255.11: seq=0 ttl=64 time=0.080 ms PING my1 (10.237.255.12): 56 data bytes 64 bytes from 10.237.255.12: seq=0 ttl=64 time=0.088 ms PING my1 (10.237.255.13): 56 data bytes 64 bytes from 10.237.255.13: seq=0 ttl=64 time=0.085 ms PING my1 (10.237.255.13): 56 data bytes 64 bytes from 10.237.255.13: seq=0 ttl=64 time=0.095 ms PING my1 (10.237.255.13): 56 data bytes 64 bytes from 10.237.255.13: seq=0 ttl=64 time=0.091 ms PING my1 (10.237.255.12): 56 data bytes 64 bytes from 10.237.255.12: seq=0 ttl=64 time=0.121 ms PING my1 (10.237.255.13): 56 data bytes 64 bytes from 10.237.255.13: seq=0 ttl=64 time=0.100 ms 删除所有测试的镜像 [root@VM_0_12_centos ~]# docker rm -f `docker ps -a|grep busybox |cut -f 1 -d' '`参考文章 docker官网文档网桥构建dockerd 官网文档docker启动命令文档docker 官网文档网络文档 未完待续 |
| CopyRight 2018-2019 实验室设备网 版权所有 |