Modify docker default gateway-Docker-php.cn

Home

Operation and Maintenance

Docker

Modify docker default gateway

王林

Oct 26, 2020 pm 05:00 PM

dockerDefault gateway

Modify docker default gateway

Article background:

When we use Docker in a LAN, one of the most common confusions we encounter is that sometimes the network is blocked across network segments. The reason is that the gateway generated by Docker by default sometimes conflicts with our LAN segment. For example, if Docker is deployed on a machine in the 172.16 network segment, and the resulting docker0 bridge is the 172.17 network segment, then it is the same as the one used in the real environment. There is a conflict between machines in the network segment (that is, the machine in the 172.17 network segment cannot be pinged).

(Recommended tutorial: docker tutorial)

In order to avoid conflicts, the first thing that comes to mind is to change the gateway. The example is as follows (taking Centos as an example):

service docker stop
# 删除docker防火墙过滤规则
iptables -t nat -F POSTROUTING
# 删除docker默认网关配置
ip link set dev docker0 down
ip addr del 172.17.0.1/16 dev docker0
# 增加新的docker网关配置
ip addr add 192.168.2.1/24 dev docker0
ip link set dev docker0 up
# 检测是否配置成功，如果输出信息中有 192.168.5.1，则表明成功
ip addr show docker0
service docker start
# 验证docker防火墙过滤规则

After this modification, will it be reliable? The answer is no, because after docker restarts, docker0 may still be rebuilt, overwriting the modifications we made. It shows that Docker’s IP rules are hard-coded and we are not allowed to change them at will. But let’s change our thinking and kill docker0 directly and rebuild a new bridge:

First we need to install the bridge creation tool brctl:

sudo yum install -y bridge-utils

Start the creation operation:

# 1.停止 Docker 服务
service docker stop
 
# 2.创建新的网桥（新的网段）
brctl addbr bridge0
ip addr add 192.168.2.1/24 dev bridge0
ip link set dev bridge0 up
 
# 3.确认网桥信息
ip addr show bridge0
# 4.修改配置文件
/etc/docker/daemon.json（如不存在则创建一个 touch daemon.json）,使Docker启动时使用自定义网桥
 
{
  "bridge": "bridge0"
}
# 5.重启 Docker
service docker start
    
# 确认 NAT 网络路由
iptables -t nat -L -n
 
# 6.删除不再使用的网桥
ip link set dev docker0 down
 
brctl delbr docker0
 
iptables -t nat -F POSTROUTING

Regarding the modified configuration made in step 4, it is to reference the new network bridge. In fact, you can also reference the new network bridge in the docker configuration file:

echo &#39;DOCKER_OPTS="-b=bridge0"&#39; >> /etc/sysconfig/docker
sudo service docker start

But it does not mean that we will definitely be able to see the docker custom configuration. file, if there is no default/docker or sysconfig/docker, it will be more troublesome. The solution is as follows:

$ vi /lib/systemd/system/docker.service
#添加一行
$ EnvironmentFile=-/etc/default/docker
或者
$ EnvironmentFile=-/etc/sysconfig/docker
#-代表ignore error
 
#并修改
$ ExecStart=/usr/bin/docker daemon -H fd://
#改成
$ ExecStart=/usr/bin/docker daemon -H fd:// $DOCKER_OPTS
#这样才能使用/etc/default/docker里定义的DOCKER_OPTS参数
 
$ systemctl daemon-reload 重载
$ sudo service docker restart

After completing the creation of bridge0 and transitioning from docker0 to bridge0, we can route it to confirm whether we The 172.17 network segment that we don’t want to see:

Modify docker default gateway

As long as it is not there, then we will not only be connected to the machines in the 172.17 network segment. If there is still one, then use ip addr del 172.17.0.1/16 dev docker0 until it is cleared (because a new docker bridge has been established, deleting the old one will not affect the use of docker).

If the network bridge created by brctl may be lost after restarting the machine, then we can write the following command into the Linux self-start script and execute it every time it restarts:

brctl addbr bridge0
ip addr add 192.168.2.1/24 dev bridge0
ip link set dev bridge0 up

Self-start Scripts can be added by adding executable statements (such as sh /opt/script.sh &) in the /etc/rc.local file. In this way, basically every time the machine is restarted, bridge0 can be guaranteed to be created and the docker service can start normally.

In addition: If you just want to solve the IP network segment conflict and are unwilling to operate the above complicated process, you can actually just change /etc/docker/daemon.json by adding the content "bip": "ip/ netmask" to change the network segment of the docker0 bridge, as follows:

[root@iZ2ze278r1bks3c1m6jdznZ ~]# cat /etc/docker/daemon.json
{
 "bip":"192.168.2.1/24"
}

The above is the detailed content of Modify docker default gateway. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:csdn. If there is any infringement, please contact admin@php.cn delete

Docker: Streamlining Development and OperationsMay 13, 2025 am 12:16 AM

The ways Docker can simplify development and operation and maintenance processes include: 1) providing a consistent environment to ensure that applications run consistently in different environments; 2) optimizing application deployment through Dockerfile and image building; 3) using DockerCompose to manage multiple services. Docker implements these functions through containerization technology, but during use, you need to pay attention to common problems such as image construction, container startup and network configuration, and improve performance through image optimization and resource management.

Kubernetes vs. Docker: Understanding the RelationshipMay 12, 2025 am 12:16 AM

The relationship between Docker and Kubernetes is: Docker is used to package applications, and Kubernetes is used to orchestrate and manage containers. 1.Docker simplifies application packaging and distribution through container technology. 2. Kubernetes manages containers to ensure high availability and scalability. They are used in combination to improve application deployment and management efficiency.

Docker: The Container Revolution and Its ImpactMay 10, 2025 am 12:17 AM

Docker solves the problem of consistency in software running in different environments through container technology. Its development history has promoted the evolution of the cloud computing ecosystem from 2013 to the present. Docker uses Linux kernel technology to achieve process isolation and resource limitation, improving the portability of applications. In development and deployment, Docker improves resource utilization and deployment speed, supports DevOps and microservice architectures, but also faces challenges in image management, security and container orchestration.

Docker vs. Virtual Machines: A ComparisonMay 09, 2025 am 12:19 AM

Docker and virtual machines have their own advantages and disadvantages, and the choice should be based on specific needs. 1.Docker is lightweight and fast, suitable for microservices and CI/CD, fast startup and low resource utilization. 2. Virtual machines provide high isolation and multi-operating system support, but they consume a lot of resources and slow startup.

Docker's Architecture: Understanding Containers and ImagesMay 08, 2025 am 12:17 AM

The core concept of Docker architecture is containers and mirrors: 1. Mirrors are the blueprint of containers, including applications and their dependencies. 2. Containers are running instances of images and are created based on images. 3. The mirror consists of multiple read-only layers, and the writable layer is added when the container is running. 4. Implement resource isolation and management through Linux namespace and control groups.

The Power of Docker: Containerization ExplainedMay 07, 2025 am 12:07 AM

Docker simplifies the construction, deployment and operation of applications through containerization technology. 1) Docker is an open source platform that uses container technology to package applications and their dependencies to ensure cross-environment consistency. 2) Mirrors and containers are the core of Docker. The mirror is the executable package of the application and the container is the running instance of the image. 3) Basic usage of Docker is like running an Nginx server, and advanced usage is like using DockerCompose to manage multi-container applications. 4) Common errors include image download failure and container startup failure, and debugging skills include viewing logs and checking ports. 5) Performance optimization and best practices include mirror optimization, resource management and security improvement.

Kubernetes and Docker: Deploying and Managing Containerized AppsMay 06, 2025 am 12:13 AM

The steps to deploy containerized applications using Kubernetes and Docker include: 1. Build a Docker image, define the application image using Dockerfile and push it to DockerHub. 2. Create Deployment and Service in Kubernetes to manage and expose applications. 3. Use HorizontalPodAutoscaler to achieve dynamic scaling. 4. Debug common problems through kubectl command. 5. Optimize performance, define resource limitations and requests, and manage configurations using Helm.

Docker: An Introduction to Containerization TechnologyMay 05, 2025 am 12:11 AM

Docker is an open source platform for developing, packaging and running applications, and through containerization technology, solving the consistency of applications in different environments. 1. Build the image: Define the application environment and dependencies through the Dockerfile and build it using the dockerbuild command. 2. Run the container: Use the dockerrun command to start the container from the mirror. 3. Manage containers: manage container life cycle through dockerps, dockerstop, dockerrm and other commands.

See all articles