Docker容器固定IP分配
我们在使用docker run创建Docker容器时,可以用--net选项指定容器的网络模式,Docker有以下4种网络模式:
1. host模式,使用--net=host指定。
2. container模式,使用--net=container:NAME_or_ID指定。
3. none模式,使用--net=none指定。
4. bridge模式,使用--net=bridge指定,默认设置。
默认选择bridge的情况下,容器启动后会通过DHCP获取一个地址,这可能不是我们想要的,本文介绍在ubuntu docker环境下使用pipework脚本对容器分配固定IP。
Pipework是由Docker的一个工程师设计的解决方案,它让容器能够在“任意复杂的场景”下进行连接。Pipework是Docker的一个网络功能增强插件,它使用了cgroups和namespacpace。
但是容器停止后在启动ip就的重新指定。
# step1: install plug wget https://github.com/jpetazzo/pipework/archive/master.zip unzip master.zip cp pipework-master/pipework /usr/local/bin/ chmod +x /usr/local/bin/pipework # step2: get bridge name and set other contains brctl show |awk ‘NR==2{print $1}‘ #brctl show #detail # step3: example set fixed ip pipework docker0 test1 172.17.0.20/24@172.17.0.1 # | | | | | | |_________ docker 容器镜像内的gateway (以后可以划分vlan) # | | | | | | # | | | | | |_____________ 固定字符 # | | | | | # | | | | |_______________ docker 容器ip的子网 # | | | | # | | | |______________________ docker 容器内网IP # | | | # | | |________________________________ docker 容器的名字 # | | # | |_______________________________________ 网桥的name # | # |________________________________________________ 固有命令 root@ubuntu:/home/leco# cat /etc/issue Ubuntu 16.10 \n \l root@ubuntu:/home/leco# docker images |grep centos centos latest a8493f5f50ff 2 weeks ago 192 MB jdeathe/centos-ssh latest 841c208badec 2 months ago 214 MB root@ubuntu:/home/leco# docker run -idt --net=none --name test1 centos /bin/bash 26079d0851aeed3f2dd4eb93e1db1943ac5baebebedafe16ed2d913ceaae1723 root@ubuntu:/home/leco# pipework docker0 test1 172.17.0.20/24@172.17.0.1 root@ubuntu:/home/leco# docker exec -it 26079d0851a bash [root@26079d0851ae /]# yum install -y net-tools Loaded plugins: fastestmirror, ovl base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/4): base/7/x86_64/group_gz | 155 kB 00:00:00 (2/4): base/7/x86_64/primary_db | 5.6 MB 00:00:01 (3/4): extras/7/x86_64/primary_db | 151 kB 00:00:02 (4/4): updates/7/x86_64/primary_db | 4.8 MB 00:00:11 Determining fastest mirrors * base: mirrors.cn99.com * extras: mirrors.cn99.com * updates: mirrors.163.com Resolving Dependencies --> Running transaction check ---> Package net-tools.x86_64 0:2.0-0.17.20131004git.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================================================================================================================= Package Arch Version Repository Size ======================================================================================================================================================================= Installing: net-tools x86_64 2.0-0.17.20131004git.el7 base 304 k Transaction Summary ======================================================================================================================================================================= Install 1 Package Total download size: 304 k Installed size: 917 k Downloading packages: warning: /var/cache/yum/x86_64/7/base/packages/net-tools-2.0-0.17.20131004git.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for net-tools-2.0-0.17.20131004git.el7.x86_64.rpm is not installed net-tools-2.0-0.17.20131004git.el7.x86_64.rpm | 304 kB 00:00:00 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : centos-release-7-3.1611.el7.centos.x86_64 (@CentOS) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : net-tools-2.0-0.17.20131004git.el7.x86_64 1/1 Verifying : net-tools-2.0-0.17.20131004git.el7.x86_64 1/1 Installed: net-tools.x86_64 0:2.0-0.17.20131004git.el7 Complete! [root@26079d0851ae /]# ifconfig eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.20 netmask 255.255.255.0 broadcast 0.0.0.0 inet6 fe80::d022:6ff:feef:f089 prefixlen 64 scopeid 0x20<link> ether d2:22:06:ef:f0:89 txqueuelen 1000 (Ethernet) RX packets 7309 bytes 11981498 (11.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 5611 bytes 432934 (422.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # step restart this container root@ubuntu:/home/leco# docker stop 26079d0851ae 26079d0851ae root@ubuntu:/home/leco# docker start 26079d0851ae 26079d0851ae root@ubuntu:/home/leco# docker exec -it 26079d0851ae bash [root@26079d0851ae /]# ifconfig lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 root@ubuntu:/home/leco# pipework docker0 test1 172.17.0.20/24@172.17.0.1 root@ubuntu:/home/leco# docker exec -it 26079d0851ae bash [root@26079d0851ae /]# ifconfig eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.20 netmask 255.255.255.0 broadcast 0.0.0.0 inet6 fe80::c893:e6ff:fede:a2ab prefixlen 64 scopeid 0x20<link> ether ca:93:e6:de:a2:ab txqueuelen 1000 (Ethernet) RX packets 12 bytes 1036 (1.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 8 bytes 620 (620.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@26079d0851ae /]# ping baidu.com PING baidu.com (220.181.57.217) 56(84) bytes of data. 64 bytes from 220.181.57.217 (220.181.57.217): icmp_seq=1 ttl=53 time=24.8 ms 64 bytes from 220.181.57.217 (220.181.57.217): icmp_seq=2 ttl=53 time=24.9 ms ^C --- baidu.com ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1002ms rtt min/avg/max/mdev = 24.838/24.896/24.954/0.058 ms
本文出自 “Promise(许诺)” 博客,请务必保留此出处http://caimengzhi.blog.51cto.com/9787265/1919134
原文地址:http://caimengzhi.blog.51cto.com/9787265/1919134