docker手动配置网络

创建一个没有网络配置的容器

[root@localhost ~]# docker run -i -t --rm --net=none alpine sh/ #

打开另一个终端
查看容器id

[root@localhost ~]# docker ps -a

查找进程id

[root@localhost ~]# docker inspect -f '{{.State.Pid}}' 2aefc41dbdeb 9076[root@localhost ~]# pid=9076

创建命名空间

[root@localhost ~]# mkdir -p /var/run/netns[root@localhost ~]# ln -s /proc/$pid/ns/net /var/run/netns/$pid

查看桥接网卡的IP 和子网掩码信息

[root@localhost ~]# ip addr show docker05: docker0:  mtu 1500 qdisc noqueue state DOWN    link/ether 02:42:8e:e7:64:4a brd ff:ff:ff:ff:ff:ff    inet 172.18.0.1/16 brd 172.18.255.255 scope global docker0       valid_lft forever preferred_lft forever

创建一对"veth pair"接口A和B

[root@localhost ~]# sudo ip link add A type veth peer name B

绑定A接口到网桥docker0

[root@localhost ~]# sudo brctl addif docker0 A

并启用它

[root@localhost ~]# sudo ip link set A up

将B 接口放到容器的网络命名空间

[root@localhost ~]# sudo ip link set B netns $pid

命名为eth0

[root@localhost ~]# sudo ip netns exec $pid ip link set dev B name eth0

开启网络接口B

[root@localhost ~]# sudo ip netns exec $pid ip link set eth0 up

配置一个可用IP（桥接网段）

[root@localhost ~]# sudo ip netns exec $pid ip addr add 172.18.0.99/16 dev eth0

配置默认网关

[root@localhost ~]# sudo ip netns exec $pid ip route add default via 172.18.0.1

最后回到容器检查一下网卡配置

/ # ip a1: lo:  mtu 65536 qdisc noqueue state UNKNOWN qlen 1    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lo       valid_lft forever preferred_lft forever18: eth0@if19:  mtu 1500 qdisc noqueue state UP qlen 1000    link/ether 6e:b9:75:8e:f4:99 brd ff:ff:ff:ff:ff:ff    inet 172.18.0.99/16 scope global eth0       valid_lft forever preferred_lft forever/ # ping baidu.comPING baidu.com (123.125.114.144): 56 data bytes64 bytes from 123.125.114.144: seq=0 ttl=53 time=2.827 ms64 bytes from 123.125.114.144: seq=1 ttl=53 time=2.900 ms^C--- baidu.com ping statistics ---2 packets transmitted, 2 packets received, 0% packet lossround-trip min/avg/max = 2.827/2.863/2.900 ms