注意:默认部署docker容器是net模块和物理机不在同一个段,可以上网但只能容器之间、容器与物理主机之间通信,不能与物理主机同一网段的其它主机通信。
-
物理主机(192.168.111.236 CentOS 7.2)
[root@cloud ~]# cd /etc/sysconfig/network-scripts/
[root@cloud network-scripts]# cp ifcfg-eno16777736 ifcfg-br0 #配置桥接
[root@cloud network-scripts]# vim ifcfg-eno16777736
TYPE=Ethernet
BOOTPROTO=static
NAME=eno16777736
DEVICE=eno16777736
ONBOOT=yes
BRIDGE=br0
[root@cloud network-scripts]# systemctl restart network
[root@localhost network-scripts]# yum install -y git
[root@localhost network-scripts]# git clone https://github.com/jpetazzo/pipework
[root@localhost network-scripts]# cp pipework/pipework /usr/local/bin/
[root@localhost network-scripts]# cd
//用centos6来弄一个容器
[root@cloud ~]# docker run -itd –net=none –name=Centos6.7 docker.io/repositoryjp/centos /bin/bash
- 部署的容器(192.168.111.81 CentOS6.7)
//没有网络
[root@9eab42477166 ~]# ifconfiglo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@9eab42477166 ~]# exit
- 再次进入宿主机
[root@cloud ~]#
rpm -Uvh https://repos.fedorapeople.org/openstack/EOL/openstack-grizzly/epel-6/iproute-2.6.32-130.el6ost.netns.2.x86_64.rpm
Retrieving https://repos.fedorapeople.org/openstack/EOL/openstack-grizzly/epel-6/iproute-2.6.32-130.el6ost.netns.2.x86_64.rpm
warning: /var/tmp/rpm-tmp.QuEQJe: Header V4 RSA/SHA1 Signature, key ID d97b3247: NOKEY
Preparing… ########################################### [100%]
1:iproute ########################################### [100%]
//配置一个新的ip,只要是和br0同网段,且没有被用过
[root@cloud ~]# pipework br0 Centos6.7
192.168.111.81/24@192.168.111.1注意:后面不加@192.168.111.1这个网关地址,不能访问外网,但容器之间,容器与属主机之间能够访问
[root@cloud ~]# docker exec -it Centos6.7 bash #自动进入容器,如果退出了手动进行请用命令docker attach Centos6.7
- 查看网络配置
[root@ba681a25e7a0 ~]# ifconfig
eth1 Link encap:Ethernet HWaddr 8A:F7:6E:1C:E9:D4
inet addr:192.168.111.81 Bcast:192.168.111.255 Mask:255.255.255.0
inet6 addr: fe80::88f7:6eff:fe1c:e9d4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:62104 errors:0 dropped:0 overruns:0 frame:0
TX packets:188 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3818628 (3.6 MiB) TX bytes:15411 (15.0 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
- 测试网络//ping的通网关,但是还是不能上网,因为还没有配置网关和上网的路由
[root@ba681a25e7a0 ~]# ping www.baidu.com
PING www.a.shifen.com (119.75.217.109) 56(84) bytes of data.
64 bytes from 119.75.217.109: icmp_seq=1 ttl=53 time=3.79 ms
64 bytes from 119.75.217.109: icmp_seq=2 ttl=53 time=4.10 ms
64 bytes from 119.75.217.109: icmp_seq=3 ttl=53 time=3.93 ms
^C
— www.a.shifen.com ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2817ms
rtt min/avg/max/mdev = 3.793/3.944/4.106/0.128 ms
/* 这就完成了 */
将现有容器添加到镜像
[root@cloud ~]# docker commit -m “nodejs_81_FW_front” -a “lgq” ba681a25e7a0 nodejs_81
删除docker镜像
[root@cloud ~]# docker rmi 30c2015dcef5
启动docker容器,指定ip及运行服务脚本
#!/usr/bin/env bash
docker run -itd –net=none –name=nodejs_fw_front_81 nodejs_81 /bin/bash
pipework br0 nodejs_fw_front_81 192.168.111.81/24@192.168.111.1
docker exec -itd nodejs_fw_front_81 service sshd start
docker exec -it nodejs_fw_front_81 node /var/www/html/teaching-service-platform-release/server.js
exit 0
Docker run参数说明
-a stdin: 指定标准输入输出内容类型,可选 STDIN/STDOUT/STDERR 三项;
-d: 后台运行容器,并返回容器ID;
-i: 以交互模式运行容器,通常与 -t 同时使用;
-t: 为容器重新分配一个伪输入终端,通常与 -i 同时使用;
–name=”nginx-lb”: 为容器指定一个名称;
–dns 8.8.8.8: 指定容器使用的DNS服务器,默认和宿主一致;
–dns-search example.com: 指定容器DNS搜索域名,默认和宿主一致;
-h “mars”: 指定容器的hostname;
-e username=”ritchie”: 设置环境变量;
–env-file=[]: 从指定文件读入环境变量;
–cpuset=”0-2″ or –cpuset=”0,1,2″: 绑定容器到指定CPU运行;
-m :设置容器使用内存最大值;
–net=”bridge”: 指定容器的网络连接类型,支持 bridge/host/none/Container: 四种类型;
–link=[]: 添加链接到另一个容器;
–expose=[]: 开放一个端口或一组端口;
- 本文固定链接: https://www.gayj.cn/?p=355
- 转载请注明: https://www.gayj.cn/