Of Stack

How can Docker modify the default segment of Docker0 bridge

  • 2020-12-21 18:15:47
  • OfStack

1. The background

By default, the Docker service creates an docker0 bridge (with an docker0 internal interface) that connects other physical or virtual network cards at the kernel level, putting all containers and localhosts on the same physical network.

By default, Docker specifies the IP address and subnet mask of the docker0 interface, so that the host and container can communicate with each other over the bridge, and it also gives MTU (the maximum transport unit that the interface allows to receive), which is usually 1500 Bytes, or the default supported on the host network route. These values can be configured at service startup time.

2. Environmental 


[root@iZ2ze278r1bks3c1m6jdznZ ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@iZ2ze278r1bks3c1m6jdznZ ~]# uname -r
3.10.0-514.26.2.el7.x86_64
[root@iZ2ze278r1bks3c1m6jdznZ ~]# docker version
Client:
 Version:     1.13.1
 API version:   1.26
 Package version: docker-1.13.1-75.git8633870.el7.centos.x86_64
 Go version:   go1.9.4
 Git commit:   8633870/1.13.1
 Built:      Fri Sep 28 19:45:08 2018
 OS/Arch:     linux/amd64

Server:
 Version:     1.13.1
 API version:   1.26 (minimum version 1.12)
 Package version: docker-1.13.1-75.git8633870.el7.centos.x86_64
 Go version:   go1.9.4
 Git commit:   8633870/1.13.1
 Built:      Fri Sep 28 19:45:08 2018
 OS/Arch:     linux/amd64
 Experimental:  false

3. Modify the default docker0 bridge 


[root@iZ2ze278r1bks3c1m6jdznZ ~]# ifconfig docker0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 172.17.0.1 netmask 255.255.255.0 broadcast 0.0.0.0
    ether 02:42:20:c4:fa:7a txqueuelen 0 (Ethernet)
    RX packets 63 bytes 4592 (4.4 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 44 bytes 4206 (4.1 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

We can see that the default docker0 segment is 172.xx.xx.xx

Modify the file/etc docker/daemon json add content "bip" : "ip/netmask" [do not segment with the host machine] 


[root@iZ2ze278r1bks3c1m6jdznZ ~]# cat /etc/docker/daemon.json
{
 "bip":"192.168.100.1/24"
}

Restart the server 


[root@iZ2ze278r1bks3c1m6jdznZ ~]# systemctl restart docker

5. Check the segment of docker0 


[root@iZ2ze278r1bks3c1m6jdznZ ~]# ifconfig docker0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
    inet 192.168.100.1 netmask 255.255.255.0 broadcast 0.0.0.0
    ether 02:42:20:c4:fa:7a txqueuelen 0 (Ethernet)
    RX packets 63 bytes 4592 (4.4 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 44 bytes 4206 (4.1 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

OK, at this point we have successfully modified the bridge of docker0, in the next article I will explain how to container < = > Access between containers, containers < = > Host to host access.

Related articles: