Docker桥接宿主机网络与配置固定IP地址

有些需求是把这个容器与宿主机在同一个网段，但是本人不建议这样子去操作，因为一个容器本身就是一个封装好的服务。建议去按默认的网络去实现。

临时设置

[root@linux-docker01 ~]# vim a.sh

# 网桥名称

br_name=br0

# 添加网桥

brctl addbr $br_name

# 给网桥设置IP

ip addr add 192.168.43.10/24 dev $br_name

# 删除已存在的eth0网卡配置

ip addr del 192.168.43.10/24 dev ens32

# 激活网桥

ip link set $br_name up

# 添加eth0到网桥

brctl addif $br_name ens32

# 添加路由

ip route add default via 192.168.43.2 dev br0

[root@linux-docker01 ~]# sh a.sh   

[root@linux-docker01 ~]# ping baidu.com

PING baidu.com (220.181.57.216) 56(84) bytes of data.

64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=1 ttl=128 time=44.2 ms

64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=2 ttl=128 time=48.4 ms

64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=3 ttl=128 time=43.6 ms

桥接成功

[root@linux-docker01 ~]# brctl show

bridge name     bridge id               STP enabled     interfaces

br-67e7e0736b2c         8000.0242f6e74907       no

br0             8000.000c2946f293       no              ens32

docker0         8000.024232deb134       no              veth0e8ad3d

编辑配置文件

[root@linux-docker01 ~]# vim /usr/lib/systemd/system/docker.service

[root@linux-docker01 ~]# systemctl daemon-reload

[root@linux-docker01 ~]# systemctl restart docker

 

配置固定IP

C_ID=$(docker run -itd --net=none ubuntu)

C_PID=$(docker inspect -f '{{.State.Pid}}' $C_ID)

# 创建network namespace目录并将容器的network namespace软连接到此目录，以便ip netns命令读取

mkdir -p /var/run/netns

ln -s /proc/$C_PID/ns/net /var/run/netns/$C_PID

# 添加虚拟网卡veth+容器PID，类型是veth pair，名称是vp+容器PID

ip link add veth$C_PID type veth peer name vp$C_PID

# 添加虚拟网卡到br0网桥

brctl addif br0 veth$C_PID

# 激活虚拟网卡

ip link set veth$C_PID up

# 设置容器网络信息

IP='192.168.43.123/24'

GW='192.168.43.2'

# 给进程配置一个network namespace

ip link set vp$C_PID netns $C_PID

# 在容器进程里面设置网卡信息

ip netns exec $C_PID ip link set dev vp$C_PID name eth0

ip netns exec $C_PID ip link set eth0 up

ip netns exec $C_PID ip addr add $IP dev eth0

ip netns exec $C_PID ip route add default via 192.168.43.2

 

pipework工具配置容器固定IP

[root@linux-docker01 ~]# yum install git -y

[root@linux-docker01 ~]# git clone https://github.com/jpetazzo/pipework.git

[root@linux-docker01 ~]# mv pipework/pipework /usr/bin/

[root@linux-docker01 ~]# docker run -itd --name bs2 --net none busybox

d28efc7d562301a67d40f63930c75d9b7277137c9f7adc7b5568223f3496aa83

[root@linux-docker01 ~]# pipework br0 bs2 192.168.43.55/24@192.168.43.2

[root@linux-docker01 ~]# docker exec -it bs2 sh

/ # ifconfig

eth1      Link encap:Ethernet  HWaddr 46:76:F4:DA:DC:39  

          inet addr:192.168.43.55  Bcast:192.168.43.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9 errors:0 dropped:0 overruns:0 frame:0

          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:730 (730.0 B)  TX bytes:42 (42.0 B)

 

lo        Link encap:Local Loopback  

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

 

/ # ping baidu.com

PING baidu.com (220.181.57.216): 56 data bytes

64 bytes from 220.181.57.216: seq=0 ttl=128 time=57.848 ms

64 bytes from 220.181.57.216: seq=1 ttl=128 time=46.033 ms

注：重启容器，IP会失效。