The establishment of Docker bridge network under Centos7
- 2020-06-03 08:59:56
- OfStack
preface
Recently, there has been a change in career planning. It is impossible for one person to play only one role in an entrepreneurial team. Tell me about the roles I have played now: configuration management, project manager, pre-sales technical support, post-sales technical support, testing, some development work, product planning; Except for marketing, everything else is dry. In the end, I found that the most suitable position for me might be devops, and the work content of this position is subject to your own baidu.
Back to the topic, I started to pay attention to docker last year, until this year, after seeing the great spirits in the jar investigating and practicing docker, I decided to start practicing it. Starting from the transformation of the company's R & D and operation and maintenance environment, this post mainly describes the process of building docker bridge physical network by myself. There were many posts on the Internet, but there were a lot of holes. In order to make those who want to study docker less detour, this post is summarized.
Why bridge the physical network to docker?
By default, docker provides an isolated Intranet environment. On startup, an docker0 virtual network card is created, and each container is connected to the docker0 network card. The ip segment of docker0 is 172.17.0.1. If the container and other machines in the same network segment of the host can access, a port must be mapped to the port of the host when docker is started, for example: docker ES24en-ES25en-ES26en 22 centos. This is unacceptable, considering that every application has to struggle to set up ports because they cannot be repeated, especially if the application has multiple ports. So in order for the container to have the same network segment as the host, we need to build our own bridge network.
The process of Docker bridging physical network on centos7 host
Host network card information:
name:ens0
IP:192.168.184.99
GATEWAY:192.168.184.2
DNS:192.168.184.2
1. Stop the docker service
~#:service docker stop2. Delete docker0 network card
~#:ip link set dev docker0 down
~#:brctl delbr docker03. New bridge physical network virtual network card br0
~#:brctl addbr br0
~#:ip link set dev br0 up
~#:ip addr add 192.168.184.100/24 dev br0 # for br0 Allocate in the physical network ip address
~#:ip addr del 192.168.184.99/24 dev ens0 # Will host the network card IP empty
~#:brctl addif br0 ens0 # Attach the host network card to br0 on
~#:ip route del default # Delete the original route
~#:ip route add default via 192.168.184.2 dev br0 # for br0 Set the routing
4. Set docker service startup parameters
It is important to note that the configuration files for docker differ from linux
centos in/etc/sysconfig/docker
For other operating systems, please visit the following url
https://docs.docker.com/installation/#installation
~#:vim /etc/sysconfig/docker # in the middle repair of OPTIONS='-- selinux-ES93en 'change to OPTIONS='-- selinux-ES96en-ES97en =br0' to enable docker service to start using br0 network card for bridging
5. Start docker
~#:service docker start6. Install pipework
~#:git clone https://github.com/jpetazzo/pipework
~#:cp ~/pipework/pipework /usr/local/bin/
7. Start a container that manually sets up the network
It is better not to let docker automatically acquire ip, the next start will change and the acquired ip may conflict with ip in the physical segment
~#:docker run -itd --net=none --name=test centos7 /bin/bash8. Set up an ES123en@gateway for the test container at the same address segment as the bridging physical network
~#:pipework br0 test 192.168.184.11/24@192.168.184.29. Enter the container to view ip
~#:docker attach test