docker使用宿主机网段IP

  • 内容
  • 评论
  • 相关

·

0.准备

物理机 centos 7.4

安装 docker 18.5

IP 190.168.0.1 -- 190.168.3.255

网关:190.168.0.1

子网掩码:255.255.252.0  prefix=22

1.创建br0 可以是使用命令方式,这里我使用文件形式

vi /etc/sysconfig/network-scripts/ifcfg-br0

TYPE=Bridge
BOOTPROTO=static
IPADDR=190.168.3.0
NETMASK=255.255.252.0
GATEWAY=190.168.0.1
PREFIX=22
DNS1=190.168.0.6
DNS2=8.8.8.8
NAME=br0
ONBOOT=yes
DEVICE=br0

2.修改eth0 桥接br0

vi /etc/sysconfig/network-scripts/ifcfg-eth0

TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
PEERROUTES=yes
PEERDNS=yes
NAME=eth0
#UUID=00f2e830-ed07-4ace-9e54-56a325e3a690
ONBOOT=yes
#IPADDR0=190.168.0.19
#PREFIX0=22
#GATEWAY0=190.168.0.1
#DNS1=190.168.0.6
#HWADDR=00:0C:29:F7:22:81
BRIDGE="br0"

3.修改docker.service

clip_image001

vi /lib/systemd/system/docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
#ExecStartPre=-/sbin/ip link del docker0
ExecStart=/usr/bin/dockerd -b=br0
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

4.执行 systemctl daemon-reload

5.重启docker服务

service docker restart

6.创建容器,创建容器是加入参数 --net=none 不自动指定ip

clip_image002

7.下载安装pipework

clip_image003

cd /data

git clone https://github.com/jpetazzo/pipework.git

cp pipework/pipework /usr/local/bin/

8.容器执行IP

pipework br0 容器名/容器ID  容器IP/Prefix@宿主机网关

pipework br0 vue-msf-docker 190.168.3.1/22@190.168.0.1

9.查看容器ip

clip_image004

10.存在问题

docker restart vue-msf-docker 之后,需要重新分配下IP,也就是步骤8重新执行下.