为了使本地网络中的机器和Docker容器更方便的通信,我们经常会有将Docker容器配置到和主机同一网段的需求。这个需求其实很容易实现,我们只要将Docker容器和宿主机的网卡桥接起来,再给Docker容器配上IP就可以了。

Centos 6按照下面的方法操作(6与7的操作有所不同)

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# ls
ifcfg-eth0   ifdown-ib    ifdown-ppp     ifup-aliases  ifup-ipv6   ifup-ppp       init.ipv6-global
ifcfg-lo     ifdown-ippp  ifdown-routes  ifup-bnep     ifup-isdn   ifup-routes    net.hotplug
ifdown       ifdown-ipv6  ifdown-sit     ifup-eth      ifup-plip   ifup-sit       network-functions
ifdown-bnep  ifdown-isdn  ifdown-tunnel  ifup-ib       ifup-plusb  ifup-tunnel    network-functions-ipv6
ifdown-eth   ifdown-post  ifup           ifup-ippp     ifup-post   ifup-wireless
[root@localhost network-scripts]# cp ifcfg-eth0 ifcfg-br0
[root@localhost network-scripts]# vi ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:DB:B2:28
TYPE=Ethernet
UUID=b2268aab-fa2e-49e9-bd67-2572f29e5790
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.1.179
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=114.114.114.114
DNS2=8.8.4.4

增加BRIDGE=br0,删除IPADDR、NETMASK、GATEWAY、DNS

DEVICE=eth0
HWADDR=00:0C:29:DB:B2:28
TYPE=Ethernet
UUID=b2268aab-fa2e-49e9-bd67-2572f29e5790
ONBOOT=yes
BRIDGE=br0
BOOTPROTO=none
#IPADDR=192.168.1.179
#NETMASK=255.255.255.0
#GATEWAY=192.168.1.1
#DNS1=114.114.114.114
#DNS2=8.8.4.4

保存退出

[root@localhost network-scripts]# vi ifcfg-br0
DEVICE=eth0
HWADDR=00:0C:29:DB:B2:28
TYPE=Ethernet
UUID=b2268aab-fa2e-49e9-bd67-2572f29e5790
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.1.179
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=114.114.114.114
DNS2=8.8.4.4

修改DEVICE为br0,Type为Bridge,把eth0的网络设置设置到这里来

DEVICE=br0
TYPE=Bridge
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.179
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=114.114.114.114
DNS2=8.8.4.4

保存退出

[root@localhost network-scripts]# service network restart

这一步我出现了问题,不过重启宿主机后就OK了。

[root@localhost ~]# ifconfig
br0       Link encap:Ethernet  HWaddr 00:0C:29:DB:B2:28
          inet addr:192.168.1.179  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fedb:b228/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:0 overruns:0 frame:0
          TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:13745 (13.4 KiB)  TX bytes:11095 (10.8 KiB)

docker0   Link encap:Ethernet  HWaddr C6:01:70:AF:C6:E4
          inet addr:172.17.42.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::c401:70ff:feaf:c6e4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:468 (468.0 b)

eth0      Link encap:Ethernet  HWaddr 00:0C:29:DB:B2:28
          inet6 addr: fe80::20c:29ff:fedb:b228/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:137 errors:0 dropped:0 overruns:0 frame:0
          TX packets:101 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:15663 (15.2 KiB)  TX bytes:11959 (11.6 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:960 (960.0 b)  TX bytes:960 (960.0 b)
[root@localhost ~]# git
-bash: git: command not found
[root@localhost ~]# yum install -y git
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# git clone https://github.com/jpetazzo/pipework

pipework是由Docker的工程师Jérôme Petazzoni开发的一个Docker网络配置工具

[root@localhost network-scripts]# ls
ifcfg-br0    ifdown-eth   ifdown-post    ifup          ifup-ippp   ifup-post    ifup-wireless           pipework
ifcfg-eth0   ifdown-ib    ifdown-ppp     ifup-aliases  ifup-ipv6   ifup-ppp     init.ipv6-global
ifcfg-lo     ifdown-ippp  ifdown-routes  ifup-bnep     ifup-isdn   ifup-routes  net.hotplug
ifdown       ifdown-ipv6  ifdown-sit     ifup-eth      ifup-plip   ifup-sit     network-functions
ifdown-bnep  ifdown-isdn  ifdown-tunnel  ifup-ib       ifup-plusb  ifup-tunnel  network-functions-ipv6
[root@localhost network-scripts]# cp pipework/pipework /usr/local/bin/
[root@localhost network-scripts]# cd

[root@localhost ~]# docker run -itd --net=none --name docker_bridge  centos_with_httpd:genesis bash
5417847d3edf9381acf4bcc94c5345002521f4500415d835f081b022f6d48723
[root@localhost ~]# docker ps
CONTAINER ID        IMAGE                       COMMAND             CREATED             STATUS              PORTS               NAMES
5417847d3edf        centos_with_httpd:genesis   "bash"              8 seconds ago       Up 6 seconds                            docker_bridge
[root@localhost ~]# docker exec -it docker_bridge bash
[root@5417847d3edf /]# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@5417847d3edf /]# exit
[root@localhost ~]# rpm -Uvh https://repos.fedorapeople.org/openstack/EOL/openstack-grizzly/epel-6/iproute-2.6.32-130.el6ost.netns.2.x86_64.rpm

不升级会报错Object “netns” is unknown, try “ip help”

[root@localhost ~]# pipework br0 docker_bridge 192.168.1.187/24
[root@localhost ~]# docker exec -it docker_bridge bash
[root@5417847d3edf /]# ifconfig
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.187  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::bcf2:9cff:fe1e:4796  prefixlen 64  scopeid 0x20<link>
        ether be:f2:9c:1e:47:96  txqueuelen 1000  (Ethernet)
        RX packets 7  bytes 528 (528.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7  bytes 510 (510.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ping一下网关

[root@5417847d3edf /]# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=63.1 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=2.12 ms
^C
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 2.125/32.637/63.150/30.513 ms