做本实验之前需要先安装好dokcer并已经启动docker服务
这里提供一个安装方法
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
安装完成后执行 docker 命令是需要加 sudo 权限的,这样操作会比较麻烦, 我们可以做如下操作
sudo groupadd docker ## 如果没有 docker 组的话,添加一个 docker 组 sudo gpasswd -a ${USER} docker ## 把当前登陆的用户添加到 docker 组 sudo service docker restart ## 重启 docker 服务 newgrp - docker ## 切换到新的回话
这样你的设备就有docker使用了
二、设置网络
通过 ssh 登录到 树莓派
1. 把网卡混杂模式打开
打开后 openwrt 才能正确的收到数据
sudo ip link set eth0 promisc on
ljx@ljx-desktop:~$ ps -ef | grep docker
root 6222 1 0 16:24 ? 00:00:03 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ljx 13804 11860 0 16:54 pts/0 00:00:00 docker pull sulinggg/openwrt:armv8
ljx 15109 14249 0 17:07 pts/2 00:00:00 grep --color=auto docker
2. 创建 docker 网卡
通过ifconfig命令确定物理网卡的名称为eth0,以及网段netmask 255.255.255.0,应该为192.168.2.0/24
ljx@ljx-desktop:~$ ifconfig docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:2a:d4:b7:ad txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.2.173 netmask 255.255.255.0 broadcast 192.168.2.255 inet6 fe80::9a23:8d7d:6b68:c6d9 prefixlen 64 scopeid 0x20<link> ether 48:b0:2d:2d:e9:8b txqueuelen 1000 (Ethernet) RX packets 114335 bytes 30249042 (30.2 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 62471 bytes 417668404 (417.6 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 149 base 0xb000 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 679 bytes 210056 (210.0 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 679 bytes 210056 (210.0 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 rndis0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 9a:f8:96:2e:89:dd txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 usb0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 9a:f8:96:2e:89:df txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
route -n命令获取到网关为192.168.2.10
ljx@ljx-desktop:~$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.2.10 0.0.0.0 UG 100 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 192.168.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
使用下面命令创建网卡,名称为macnet
docker network create -d macvlan --subnet=192.168.2.0/24 --gateway=192.168.2.10 -o parent=eth0 macnet
macvlan 模式会为每个容器创建一个独立的 ip 每个容器可以通过独立的 ip 进行访问
docker network ls命令查看网卡名称,名称为macnet的网卡已经添加成功
ljx@ljx-desktop:~$ docker network ls NETWORK ID NAME DRIVER SCOPE f6457418525d bridge bridge local c92068614601 host host local a6c32aa094b9 macnet macvlan local 8c1253adb1eb none null local
通过下面命令加上新增的网卡名称,就能够获取到网卡明细了
ljx@ljx-desktop:~$ docker network inspect macnet [ { "Name": "macnet", "Id": "a6c32aa094b95783d3edab523d1150270c526bc9b995214f57524eed786ef7e7", "Created": "2022-06-02T11:21:19.132247856+08:00", "Scope": "local", "Driver": "macvlan", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "192.168.2.0/24", "Gateway": "192.168.2.10" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": { "parent": "eth0" }, "Labels": {} } ]
要查看系统是不是64的可以通过 uname -a 来查看 这个决定要选择你下载镜像的版本
ljx@ljx-desktop:~$ uname -a Linux ljx-desktop 4.9.253-tegra #1 SMP PREEMPT Mon Jul 26 12:13:06 PDT 2021 aarch64 aarch64 aarch64 GNU/Linux
拉取镜像:docker pull 拉取的镜像名称
启动 docker 镜像
docker run --restart always --name openwrt -d --network macnet --privileged sulinggg/openwrt /sbin/init
可以看到我的 openwrt 容器已经运行了, 并且容器 ID是:下面要进入到容器里面并设置容器的 ip 。通过命令 docker exec -it 377921740fd5 bash 进入到容器内部
jx@ljx-desktop:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 377921740fd5 sulinggg/openwrt:armv8 "/sbin/init" 2 hours ago Up About a minute openwrt
ljx@ljx-desktop:~$ docker exec -it 377921740fd5 bash bash-5.1# ifconfig br-lan Link encap:Ethernet HWaddr 02:42:C0:A8:02:01 inet addr:192.168.123.100 Bcast:192.168.123.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2081 errors:0 dropped:75 overruns:0 frame:0 TX packets:73 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:201829 (197.0 KiB) TX bytes:5900 (5.7 KiB) eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:02:01 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2201 errors:0 dropped:3 overruns:0 frame:0 TX packets:76 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:244277 (238.5 KiB) TX bytes:8120 (7.9 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:40 errors:0 dropped:0 overruns:0 frame:0 TX packets:40 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:3588 (3.5 KiB) TX bytes
下面开始设置容器的 ip 以便我们能通过 ip 地址访问容器, 通过命令:vim /etc/config/network 来设置 ip。 按住 i 键开始输入
onfig interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' config interface 'lan' option type 'bridge' option ifname 'eth0' option proto 'static' option netmask '255.255.255.0' option ip6assign '60' option ipaddr '192.168.2.100' option gateway '192.168.2.10' option dns '192.168.2.10' config interface 'vpn0' option ifname 'tun0' option proto 'none' "/etc/config/network" 23L,
其中 option ipaddr 是你的 openwrt 的地址,注意不要与局域网其它设备冲突 . option gateway 与 option dns 设置你路由器的地址
设置完成依次按:Esc -> : -> wq -> 回车保存
bash-5.1# vim /etc/config/network bash-5.1# /etc/init.d/network restart bash-5.1# ifconfig br-lan Link encap:Ethernet HWaddr 02:42:C0:A8:02:01 inet addr:192.168.2.100 Bcast:192.168.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:27 errors:0 dropped:2 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4883 (4.7 KiB) TX bytes:716 (716.0 B) eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:02:01 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:24422 errors:0 dropped:11 overruns:0 frame:0 TX packets:140 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3158652 (3.0 MiB) TX bytes:12604 (12.3 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:112 errors:0 dropped:0 overruns:0 frame:0 TX packets:112 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:10108 (9.8 KiB) TX bytes:10108 (9.8 KiB) bash-5.1# ping 192.168.2.67 PING 192.168.2.67 (192.168.2.67): 56 data bytes 64 bytes from 192.168.2.67: seq=0 ttl=128 time=0.470 ms 64 bytes from 192.168.2.67: seq=1 ttl=128 time=0.281 ms 64 bytes from 192.168.2.67: seq=2 ttl=128 time=0.361 ms ^C --- 192.168.2.67 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 0.281/0.370/0.470 ms
保存完成后通过命令 /etc/init.d/network restart 重启网络, 重启完成后便可以通过浏览器访问了 http://192.168.2.100默认密码是 password