docker容器启用ipv6地址方法,用ipv6地址访问容器方法流程、创建一个nginx容器用ipv6地址访问测试流程

后端

文章目录

  • docker容器启用ipv6地址方法
    • Docker-Compose启用IPv6
    • 启用ipv6
    • 重启docker生效
    • 创建一个ipv6的docker网络
    • 创建容器测试v6地址
      • 使用ipv6的网络创建容器
      • 使用普通网络创建容器测试
    • 创建一个nginx容器用ipv6地址访问测试
      • 容器创建
      • ipv4地址验证
      • ipv6地址访问验证
      • 修改nginx容器网页内容

docker容器启用ipv6地址方法

Docker-Compose启用IPv6

  • 你如果没用使用Docker-Compose,就忽略配置,以了解为主,直接去看下面的docker配置。
    • docker-compose.yaml 文件必须使用 version: “2.*”,version: “3.*” 不支持 enable_ipv6 配置
    • 如果已有旧的容器在运行(网络配置发生了变化),则需要先销毁容器 docker-compose down 然后再重新创建 docker-compose up
    • 仅需在network下添加如下内容即可,其他信息正常配置。
networks:
      local_bridge:
        enable_ipv6: true
        driver: bridge
        ipam:
          config:
            - subnet: "2409:807e::/80"

启用ipv6

  • 说明

    docker默认是不支持ipv6的,所以想要使用ipv6,就得单独开启这个功能。

  • 前提条件

    主机需要具备ipv6地址并能正常使用,如下,2409开头的正规v6地址,而非fe80这种内部用的v6地址哈。

2: ens3:  mtu 1500 qdisc fq_codel state UP group default qlen 1000    link/ether fa:16:3e:67:77:58 brd ff:ff:ff:ff:ff:ff    inet 10.241.102.245/24 brd 10.241.102.255 scope global dynamic noprefixroute ens3       valid_lft 63404sec preferred_lft 63404sec    inet6 2409:807e:58cc:114::a2d/120 scope global noprefixroute        valid_lft forever preferred_lft forever    inet6 fe80::f816:3eff:fe67:7758/64 scope link noprefixroute        valid_lft forever preferred_lft forever
  • 执行vim /etc/docker/daemon.json 配置文件【没有这个配置文件是正常的】,写入如下内容

    “fixed-cidr-v6”: “2409::/80”,这个后面的ip是自定义的。。。

[root@xz-docker-tes-01 ~]# cat /etc/docker/daemon.json {    "ipv6": true,    "fixed-cidr-v6": "2409::/80",    "experimental": true,    "ip6tables": true}[root@xz-docker-tes-01 ~]#

重启docker生效

  • 重启不报错,实际上此时docker就能支持ipv6了。
[root@xz-docker-tes-01 ~]# systemctl restart docker[root@xz-docker-tes-01 ~]# systemctl status docker● docker.service - Docker Application Container Engine   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)   Active: active (running) since Fri 2023-12-01 11:40:31 CST; 9s ago     Docs: https://docs.docker.com Main PID: 14470 (dockerd)    Tasks: 13   Memory: 47.3M   CGroup: /system.slice/docker.service           └─14470 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

创建一个ipv6的docker网络

  • 这一步其实是不需要做的,因为,不使用这个网络的docker容器,也可以正常使用ipv6地址。

    我这多做一步是为了做测试而已。具体区别见下面测试说明。【测试后,我觉得这个没意义】

[root@xz-docker-tes-01 ~]# docker network create -d bridge --ipv6 --subnet "2409:807e::/80" ipv6_bridge09663034b21493f64d2484dc21923a789bc8ac51c403d422e397435df74f204b[root@xz-docker-tes-01 ~]#
  • 创建好后的网络信息如下
[root@xz-docker-tes-01 ~]# docker network  listNETWORK ID     NAME          DRIVER    SCOPEbf1937081949   bridge        bridge    locale98be3082c27   host          host      local09663034b214   ipv6_bridge   bridge    local7cee98cd58fe   none          null      local[root@xz-docker-tes-01 ~]#

创建容器测试v6地址

使用ipv6的网络创建容器

  • 我这使用上面创建的一个ipv6的网络做测试测试
[root@xz-docker-tes-01 ~]# docker run -dit --name=v6 --restart=always --network=ipv6_bridge hub.c.163.com/library/centos:latest 49af16d7dd9c63afd2a43b24b6dfdb8b39d70ef8e39c1d1c067dcbe28c242efa[root@xz-docker-tes-01 ~]# [root@xz-docker-tes-01 ~]# docker psCONTAINER ID   IMAGE                                 COMMAND       CREATED         STATUS         PORTS     NAMES49af16d7dd9c   hub.c.163.com/library/centos:latest   "/bin/bash"   3 seconds ago   Up 2 seconds             v6[root@xz-docker-tes-01 ~]#
  • 容器内 ping其他v6地址和网关都能通,一切正常
[root@xz-docker-tes-01 ~]# docker exec -it v6 bash[root@49af16d7dd9c /]# lsanaconda-post.log  bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var[root@49af16d7dd9c /]#[root@49af16d7dd9c /]# ping6 2409:807e:58cc:114::a2dPING 2409:807e:58cc:114::a2d(2409:807e:58cc:114::a2d) 56 data bytes64 bytes from 2409:807e:58cc:114::a2d: icmp_seq=1 ttl=64 time=0.459 ms64 bytes from 2409:807e:58cc:114::a2d: icmp_seq=2 ttl=64 time=0.093 ms64 bytes from 2409:807e:58cc:114::a2d: icmp_seq=3 ttl=64 time=0.090 ms^C--- 2409:807e:58cc:114::a2d ping statistics ---3 packets transmitted, 3 received, 0% packet loss, time 2058msrtt min/avg/max/mdev = 0.090/0.214/0.459/0.173 ms[root@49af16d7dd9c /]# ping6 2409:807e:58cc:114::a01PING 2409:807e:58cc:114::a01(2409:807e:58cc:114::a01) 56 data bytes64 bytes from 2409:807e:58cc:114::a01: icmp_seq=1 ttl=63 time=10.2 ms64 bytes from 2409:807e:58cc:114::a01: icmp_seq=2 ttl=63 time=2.04 ms64 bytes from 2409:807e:58cc:114::a01: icmp_seq=3 ttl=63 time=2.23 ms64 bytes from 2409:807e:58cc:114::a01: icmp_seq=4 ttl=63 time=2.35 ms^C--- 2409:807e:58cc:114::a01 ping statistics ---4 packets transmitted, 4 received, 0% packet loss, time 3004msrtt min/avg/max/mdev = 2.048/4.208/10.200/3.461 ms[root@49af16d7dd9c /]# [root@49af16d7dd9c /]# exitexit[root@xz-docker-tes-01 ~]#
  • 该容器的网络容器里面呢,也会有一个ipv6地址,主机虽然能ping通,但这个ip是容器专属的,
[root@xz-docker-tes-01 ~]# docker inspect v6 | grep "IPv6"            "LinkLocalIPv6Address": "",            "LinkLocalIPv6PrefixLen": 0,            "SecondaryIPv6Addresses": null,            "GlobalIPv6Address": "",            "GlobalIPv6PrefixLen": 0,            "IPv6Gateway": "",                    "IPv6Gateway": "2409:807e::1",                    "GlobalIPv6Address": "2409:807e::2",                    "GlobalIPv6PrefixLen": 80,[root@xz-docker-tes-01 ~]# [root@xz-docker-tes-01 ~]# ping 2409:807e::2PING 2409:807e::2(2409:807e::2) 56 data bytes64 bytes from 2409:807e::2: icmp_seq=1 ttl=64 time=0.695 ms64 bytes from 2409:807e::2: icmp_seq=2 ttl=64 time=0.090 ms^C--- 2409:807e::2 ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 50msrtt min/avg/max/mdev = 0.090/0.392/0.695/0.303 ms[root@xz-docker-tes-01 ~]#
  • 容器内能ping通同样用这个网络创建的其他容器【但默认容器直接网络是隔离的哈】,具体这个v6地址的用途自行探索吧。
[root@xz-docker-tes-01 ~]# docker exec -it v6 bash[root@49af16d7dd9c /]# ping6 2409:807e::3PING 2409:807e::3(2409:807e::3) 56 data bytes64 bytes from 2409:807e::3: icmp_seq=1 ttl=64 time=0.346 ms64 bytes from 2409:807e::3: icmp_seq=2 ttl=64 time=0.108 ms64 bytes from 2409:807e::3: icmp_seq=3 ttl=64 time=0.107 ms^C--- 2409:807e::3 ping statistics ---3 packets transmitted, 3 received, 0% packet loss, time 2085msrtt min/avg/max/mdev = 0.107/0.187/0.346/0.112 ms[root@49af16d7dd9c /]#

使用普通网络创建容器测试

进入以后,能ping通网关和其他v6地址,没问题。

[root@xz-docker-tes-01 ~]# docker run --name=test1 -it hub.c.163.com/library/centos
[root@d866a511db84 /]# ping6 2409:807e:58cc:114::a17
PING 2409:807e:58cc:114::a17(2409:807e:58cc:114::a17) 56 data bytes
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=1 ttl=63 time=1.85 ms
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=2 ttl=63 time=0.782 ms
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=3 ttl=63 time=0.793 ms
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=4 ttl=63 time=0.891 ms
^C
--- 2409:807e:58cc:114::a17 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3053ms
rtt min/avg/max/mdev = 0.782/1.080/1.855/0.449 ms
[root@d866a511db84 /]# 
[root@d866a511db84 /]# ping6 2409:807e:58cc:114::a01
PING 2409:807e:58cc:114::a01(2409:807e:58cc:114::a01) 56 data bytes
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=1 ttl=63 time=13.3 ms
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=2 ttl=63 time=1.85 ms
^C
--- 2409:807e:58cc:114::a01 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.716/5.648/13.378/5.466 ms
[root@d866a511db84 /]#
  • 默认生成的,没有这个v6地址的,但不影响使用ipv6.
[root@xz-docker-tes-01 ~]# docker inspect test1 | grep "IP"
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "GlobalIPv6Address": "2409::242:ac11:2",
            "GlobalIPv6PrefixLen": 80,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "2409::1",
                    "IPAMConfig": null,
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "2409::1",
                    "GlobalIPv6Address": "2409::242:ac11:2",
                    "GlobalIPv6PrefixLen": 80,
[root@xz-docker-tes-01 ~]#

创建一个nginx容器用ipv6地址访问测试

容器创建

  • 先创建一个映射端口的nginx容器
[root@xz-docker-tes-01 ~]# docker run -dit --name=nginx --restart=always -p 80:80 --network=ipv6_bridge nginx
4a175fb0754961537b23111bab1251e9c9f36645e9936f07c5daeea28af4d898
[root@xz-docker-tes-01 ~]# netstat -ntlp | grep 80 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      16074/docker-proxy  
tcp6       0      0 :::80                   :::*                    LISTEN      16088/docker-proxy  
[root@xz-docker-tes-01 ~]#
  • 我是指定了创建的ipv6网络的【其实不指定也一样,不影响外部访问的】
[root@xz-docker-tes-01 ~]# docker inspect nginx | grep "IPv6"
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPv6Addresses": null,
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPv6Gateway": "",
                    "IPv6Gateway": "2409:807e::1",
                    "GlobalIPv6Address": "2409:807e::3",
                    "GlobalIPv6PrefixLen": 80,
[root@xz-docker-tes-01 ~]#

ipv4地址验证

直接浏览器输入ipv4的地址,不报错就行【我下面显示ccx是因为我修改过nginx的默认文件内容了】

在这里插入图片描述

ipv6地址访问验证

  • 验证ipv6地址之前,需要保证你测试的主机上已经配置有ipv6地址并且能正常使用

    首先测试能否ping通目标ipv6地址【就上面搭建ipv6的主机v6地址,是主机,而非容器的啊】

    在这里插入图片描述

  • 然后网页直接输入v6地址【就上面搭建ipv6的主机v6地址,是主机,而非容器的啊】
    • 访问格式[ipv6addr] 【注意,v6地址用中括号扩起来的】
    • 其实下面内容就是nginx默认的内容,因为没有放任何东西,所以就会显示nginx界面,反正没报错就是正常的。

      在这里插入图片描述

修改nginx容器网页内容

  • xian进入nginx容器内部
[root@xz-docker-tes-01 ~]# docker exec -it nginx bashroot@4a175fb07549:/#
  • 因为不知道容器的http默认文件在哪里,所以可以用find搜索
root@4a175fb07549:/# find / -name htmlfind: '/proc/32/map_files': Permission deniedfind: '/proc/33/map_files': Permission deniedfind: '/proc/34/map_files': Permission deniedfind: '/proc/35/map_files': Permission denied/usr/share/nginx/htmlroot@4a175fb07549:/#
  • 通过搜索已知html路径为:/usr/share/nginx/html

    那么就可以去修改了噻【懂了吧,想要显示啥内容,替换这个index.html文件就行了】

root@4a175fb07549:/usr/share/nginx/html# ls50x.html  index.htmlroot@4a175fb07549:/usr/share/nginx/html# vi index.html bash: vi: command not foundroot@4a175fb07549:/usr/share/nginx/html# vim index.html bash: vim: command not foundroot@4a175fb07549:/usr/share/nginx/html# cat index.html Welcome to nginx!    body {        width: 35em;        margin: 0 auto;        font-family: Tahoma, Verdana, Arial, sans-serif;    }
Welcome to nginx!
If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.



For online documentation and support please refer tonginx.org.
Commercial support is available atnginx.com.



Thank you for using nginx.



root@4a175fb07549:/usr/share/nginx/html# cp index.html index.html.bak
root@4a175fb07549:/usr/share/nginx/html# echo ccx > index.html
root@4a175fb07549:/usr/share/nginx/html#
  • 如我上面,将ccx内容写入了index.html文件,那么正常情况,网页就只会显示ccx这3个字母

    在这里插入图片描述

本文来自网络,不代表协通编程立场,如若转载,请注明出处:https://net2asp.com/813ce54659.html

(0)
« 上一篇 1天前
下一篇 » 1天前

相关推荐