环境说明:
1.系统:centos7
2.docker:Docker version 1.3.2
3.docker启动参数:OPTIONS=--selinux-enabled=false -H fd:// -b=br0 -g /workspace/docker
配置过程:
====================bond========================
bond需要工作在主备模式下,在均衡模式下不行。(网卡7种bond模式原理)
1.bond做网桥前配置:
cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BOOTPROTO=none
IPADDR=x.x.x.x
NETMASK=x1.x1.x1.x1
NM_CONTROLLED=no
ONBOOT=yes
USERCTL=no
2.bond设置网桥:
cat /etc/sysconfig/network-scripts/ifcfg-bond0
BOOTPROTO=none
BRIDGE=br0
DEVICE=bond0
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Bond
USERCTL=no
设置网桥br0
cat /etc/sysconfig/network-scripts/ifcfg-br0
BOOTPROTO=static
DEVICE=br0
IPADDR=x.x.x.x (与设置网桥前ifcfg-bond0中相同)
NETMASK=x1.x1.x1.x1 (与设置网桥前ifcfg-bond0中相同)
GATEWAY=x2.x2.x2.x2(根据情况设置)
NM_CONTROLLED=no
ONBOOT=yes
SLAVE=bond0
USERCTL=no
TYPE=Bridge
3.其他设备配置 cat /etc/sysconfig/network-scripts/ifcfg-em3
DEVICE=em3
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
NM_CONTROLLED=no
4.cat /etc/modprobe.d/bond.conf
alias bond0 bonding
alias bond1 bonding
options bond0 mode=1 miimon=50
options bond1 mode=1 miimon=50
=======================eth===========================
1.做网桥前eth0配置:
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
IPADDR=x.x.x.x
NETMASK=x1.x1.x1.x1
GATEWAY=x2.x2.x2.x2
NAME=eth0
ONBOOT=yes
2.eth设置网桥:
cat /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=none
BRIDGE=br0
DEVICE=eth0
NM_CONTROLLED=no
ONBOOT=yes
#TYPE=Ethernet
USERCTL=no
设置网桥br0:
cat /etc/sysconfig/network-scripts/ifcfg-br0
BOOTPROTO=static
DEVICE=br0
IPADDR=x.x.x.x (与设置网桥前ifcfg-eth0中相同)
NETMASK=x1.x1.x1.x1 (与设置网桥前ifcfg-eth0中相同)
GATEWAY=x2.x2.x2.x2 (与设置网桥前ifcfg-eth0中相同)
NM_CONTROLLED=no
ONBOOT=yes
USERCTL=no
TYPE=Bridge
==========================================
启动容器:
docker run --rm -t -i --net=none --name=test centos:latest /bin/bash
为容器指定ip,路由及mac地址(下载pipework,通过pipework实现)
pipework br0 $cid $ip/16@$gateway_ip $mac
===================================================
搭建私有仓库:
安装依赖:
sudo yum install -y python-devel libevent-devel python-pip gcc xz-devel
sudo python-pip install docker-registry
或者源码安装(有外网):
git clone https://github.com/docker/docker-registry.git
cd docker-registryxxx
cp config/config_sample.yml config/config.yml #根据需求修改配置
(修改默认db位置:
sqlalchemy_index_database: _env:SQLALCHEMY_INDEX_DATABASE:sqlite:////home/maintain/registry/docker-registry.db
在dev段增加本地存储路径:
storage: local
storage_path: $yourpath
)
python setup.py install
无外网需要安装setuptools,sqlalchemy,requests,rsa,gunicorn,PyYAML,gevent,Flask,blinker,backports.lzma,greenlet,docker-registry-core,itsdangerous,Jinja2,Werkzeug,simplejson,boto(https://pypi.python.org/simple/这里都有)
启动(第一次可能失败,需要启动2次):
gunicorn -c contrib/gunicorn*.py docker_registry.wsgi:application
启动时若有如下报错:
'Heads-up! File is missing: %s' % config_path)
FileNotFoundError: Heads-up! File is missing: /usr/lib/python2.7/site-packages/docker_registry-0.9.0-py2.7.egg/docker_registry/lib/../../config/config.yml
将config.yml拷贝一份到/usr/lib/python2.7/site-packages/docker_registry-0.9.0-py2.7.egg/docker_registry/lib/../../config/config.yml即可
===============================
docker使用自建网桥和私有仓库启动参数:
OPTIONS=--selinux-enabled=false -H fd:// -b=br0 --insecure-registry=registryaddr:5000
========================================
异常:
1.docker重启失败可以尝试删除默认docker0网桥(ifconfig docker0 down;brctl delbr docker0),然后重启
2.如果删除了docker的某些文件(/val/lib/docker下的所有能删的文件),但是devicemapper没删掉,导致docker无法启动,如下报错
Can't set task name /dev/mapper/docker-xxxx-pool
Error running createDevice dm_task_run failed
此时想删除devicemapper,如果报rm: cannot remove ‘devicemapper’: Device or resource busy,则需要umount devicemapper,然后删除devicemapper
再删除默认docker0网桥(ifconfig docker0 down;brctl delbr docker0),然后重启