Docker adds a bridge and sets the IP address range

I don't know if it's because the binary docker 19.03 version does not automatically create the docker0 bridge after installation, or for some other reason, there is no bridge in the docker network mode.

I installed a container to map the port, but I couldn't see the port and no error was reported. I spent a long time locating it before I found that there was no such bridge.

Without further ado. Let’s get started!

Let’s take a look at the current situation:

Since this is a production environment, the pod must be expelled first to avoid affecting the business

First of all, it is not possible to directly use docker network create xx. Because the bridge created in this way is not attached to the virtual machine, it does not work and may require some other additional configuration. I won’t go into this here. Just mention this to avoid any pitfalls.

The whole process is clearly visible as shown in the figure below. For your convenience, I have copied the command as well.

[root@dashuaibi-server-103 jpserver]# ip a|grep docker0
[root@dashuaibi-server-103 jpserver]# brctl -h
Usage: brctl [commands]
commands:
 addbr <bridge> add bridge
 delbr <bridge> delete bridge
 addif <bridge> <device> add interface to bridge
 delif <bridge> <device> delete interface from bridge
 hairpin <bridge> <port> {on|off} turn hairpin on/off
 setageing <bridge> <time> set ageing time
 setbridgeprio <bridge> <prio> set bridge priority
 setfd <bridge> <time> set bridge forward delay
 sethello <bridge> <time> set hello time
 setmaxage <bridge> <time> set max message age
 setpathcost <bridge> <port> <cost> set path cost
 setportprio <bridge> <port> <prio> set port priority
 show [ <bridge> ] show a list of bridges
 showmacs <bridge> show a list of mac addrs
 showstp <bridge> show bridge stp info
 stp <bridge> {on|off} turn stp on/off
[root@dashuaibi-server-103 jpserver]# brctl addbr docker0
[root@dashuaibi-server-103 jpserver]# ip link set docker0 up
[root@dashuaibi-server-103 jpserver]# ip addr add 192.168.0.0/16 dev docker0
[root@dashuaibi-server-103 jpserver]# cat /etc/docker/daemon.json 
{"data-root": "/docker","bridge": "none","registry-mirrors": ["http://9b2cd203.m.daocloud.io"]}
[root@dashuaibi-server-103 jpserver]# vim /etc/docker/daemon.json 
[root@dashuaibi-server-103 jpserver]# cat /etc/docker/daemon.json 
{"data-root": "/docker","bridge": "docker0","registry-mirrors": ["http://9b2cd203.m.daocloud.io"]}
[root@dashuaibi-server-103 jpserver]# systemctl daemon-reload
[root@dashuaibi-server-103 jpserver]# systemctl restart docker
[root@dashuaibi-server-103 jpserver]# ip a|grep docker0
149: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
 inet 192.168.0.1/16 brd 192.168.255.255 scope global docker0
[root@dashuaibi-server-103 jpserver]# docker network ls
NETWORK ID NAME DRIVER SCOPE
edd34bc4e197 bridge bridge local
9560af3573ae host host local
22885d053744 none null local
[root@dashuaibi-server-103 jpserver]#

After the restart, re-run the container to which the port is to be mapped. The comparison is as follows. If no bridge is added before, there will be no port. After adding the bridge. Port mapping is normal

The last step is to remove the stain and resume scheduling of the node.

kubectl uncordon 10.168.0.103

Supplement: Docker modifies the default bridge IP address 172.17.0.1

When the Docker service is started, a docker0 bridge is created by default (with a docker0 internal interface on it), which connects other physical or virtual network cards at the kernel layer, putting all containers and the local host on the same physical network.

By default, Docker specifies the IP address and subnet mask of the docker0 interface, allowing the host and container to communicate with each other through the bridge. It also gives the MTU (the maximum transmission unit allowed to be received by the interface), which is usually 1500 Bytes, or the default value supported by the host network routing. These values ​​can be configured when the service is started.

You can edit the /etc/docker/daemon.json file and add the content "bip": "ip/netmask" [Do not use the same network segment as the host]

[root@localhost /]# vi /etc/docker/daemon.json 
{"bip":"192.168.100.1/24"}
systemctl restart docker

Note: I understand that my friend's modification was unsuccessful and he used brctl to delete the bridge. In fact, it was just that you did not configure it correctly.

Some daemon.json files contain content, for example:

{"registry-mirrors": ["http://f1361db2.m.daocloud.io"]} This is a private repository for docker

{"registry-mirrors": ["http://f1361db2.m.daocloud.io"]}
{"bip":"172.16.0.1/24"}

This change will not take effect.

{"registry-mirrors": ["http://f1361db2.m.daocloud.io"],
"bip":"172.16.0.1/24"}

This is the correct way to modify it.

The above is my personal experience. I hope it can give you a reference. I also hope that you will support 123WORDPRESS.COM. If there are any mistakes or incomplete considerations, please feel free to correct me.