前端之家

  1. 首页
  2. 问答

Docker容器即使只有专用网络也可以向外部ping

问答

我正在尝试使用以下方法创建一个Vagrant项目: 1.具有Internet访问(桥接)功能的VirtualBox VM(Ubonda),只能与2进行通信。 2.可以与1.(桥接)和3.(仅限主机)通信的Docker容器(从属连接器)。 3.只能由2访问的Docker(Slave1)容器。

这是我的VagrantFile:

Vagrant.configure("2") do |config|
  config.vm.define "ubonda" do |vm0|
    vm0.vm.box = "hashicorp/precise64"
    vm0.vm.provider "virtualbox"

    vm0.vm.network "public_network",ip: "192.168.1.75",bridge: "wlan0"
  end

  config.vm.define "slave-connector" do |vm1|
    vm1.vm.hostname = "slave-connector"
    vm1.vm.provider "docker" do |d|
      d.build_dir = "."
      d.name = 'slave-connector'
    end 

    vm1.vm.network :public_network,type: "dhcp",bridge: "wlan0",docker_network__ip_range: "192.168.1.252/24"
    vm1.vm.network :private_network,ip: "172.20.128.2",netmask: "16"
  end

  config.vm.define "slave1" do |vm2|
    vm2.vm.hostname = "slave1"
    vm2.vm.provider "docker" do |d|
      d.build_dir = "."
      d.name = 'slave1'
    end 

    vm2.vm.network :private_network,ip: "172.20.128.3",netmask: "16"
  end
end

我不知道为什么,但是Slave1可以ping Ubonda,即使它无法访问它! 我该如何实现?

zhoujintangjob 回答:Docker容器即使只有专用网络也可以向外部ping

我认为实现这一目标的正确方法是

1。创建docker网络:

docker network create bridge2 --gateway=192.168.50.1 --subnet=192.168.50.1/24

2。检查网络ID:

docker network ls

3。放入Vagrant文​​件中:

Vagrant.configure("2") do |config|
  config.vm.define "ubonda" do |vm0|
    vm0.vm.box = "hashicorp/precise64
    vm0.vm.provider "virtualbox"

    vm0.vm.network "public_network",ip: "192.168.50.4",bridge: "br-9ed82ac09f1b"
   end

  config.vm.define "slave-connector" do |vm1|
    vm1.vm.hostname = "slave-connector"
    vm1.vm.provider "docker" do |d|
      d.build_dir = "."
      d.name = 'slave-connector'
    end 

    vm1.vm.network :public_network,ip: "192.168.50.5",bridge: "br-9ed82ac09f1b"
    vm1.vm.network :private_network,ip: "50.20.128.2",netmask: "16",docker_network__internal: true
   end

   config.vm.define "slave1" do |vm2|
     vm2.vm.hostname = "slave1"
     vm2.vm.provider "docker" do |d|
       d.build_dir = "."
       d.name = 'slave1'
     end    

     vm2.vm.network :private_network,ip: "50.20.128.3",docker_network__internal: true
   end
end
dockervagrantvagrantfile
本文链接:https://www.f2er.com/3121311.html

大家都在问