当Docker守护程序用尽网络IP地址以在部署撰写环境时分配时会发生什么情况？ [英] What happens when docker daemon runs out of network IP addresses to allocate when deploying compose environments?

问题描述

当前，我们正在将组合环境堆栈部署到ubuntu服务器。在compose文件中，我们没有定义地址，也没有利用docker compose随附的底层默认docker bridge网络。

Currently, we are deploying a compose environment stack to an ubuntu server. In the compose file, we are not defining an address and utilizing the underlying default docker bridge network that docker compose comes with out of the box.

在部署Compose环境时到开发服务器（IP范围为10.xxx），基本 docker0 网络地址开始于 172.17.0.0 。

When we deploy our compose environment to a development server (IP range 10.x.x.x), the base docker0 network address starts at 172.17.0.0.

对于每个后续部署，地址都会递增（即 172.18.0.0 ，然后是 172.19.0.0 ）-这是预期的。

For every subsequent deployment, the address is incremented, (i.e. 172.18.0.0, and then 172.19.0.0) - this is expected.

我的问题是，当守护程序用完要分配的地址时，会发生什么？流程只是从 172.17.0.0 重新开始？还是发生其他事情？我无法在文档中找到任何此类信息。

My question is, what happens when the daemon runs out of addresses to allocate, does the process just start back over at 172.17.0.0? Or does something else occur? I have been unable to find any of this information in the documentation.

基本上，我想知道这是否是我应该主动采取的措施，而不是在出现问题时采取被动措施。

Basically, I want to know if this is something I should be proactive about, rather than reactive when a problem occurs.

谢谢！

推荐答案

对于遇到此问题的任何人将来，似乎在使用网桥网络时，守护程序会从默认池中随机选择一个网络。除非没有清理网络，否则应该没有问题。对于我的特殊情况，默认网络使用的是默认名称。因此，每次都用相同的名称替换网络-此时，先前的网络地址将被释放，因为它们不再被使用。

For anyone coming across this in the future, it appears that while using the bridge network, the daemon picks a network from the default pool at random. There should be no issue, unless the networks are not cleaned up. For my particular case, the default network is being used with a default name. Therefore, the network gets replaced every time but under the same name - at this point, the prior network addresses are released as they are no longer being used.

Docker的网络实用程序， utils.go ：
https://github.com/docker/libnetwork/blob/a79d3687931697244b8e03485bf7b2042f8ec6b6/ipamutils/utils.go

Docker's Networking utils, utils.go: https://github.com/docker/libnetwork/blob/a79d3687931697244b8e03485bf7b2042f8ec6b6/ipamutils/utils.go

来自 utils.go 包含在下面：

var (
    // PredefinedLocalScopeDefaultNetworks contains a list of 31 IPv4 private networks with host size 16 and 12
    // (172.17-31.x.x/16, 192.168.x.x/20) which do not overlap with the networks in `PredefinedGlobalScopeDefaultNetworks`
    PredefinedLocalScopeDefaultNetworks []*net.IPNet
    // PredefinedGlobalScopeDefaultNetworks contains a list of 64K IPv4 private networks with host size 8
    // (10.x.x.x/24) which do not overlap with the networks in `PredefinedLocalScopeDefaultNetworks`
    PredefinedGlobalScopeDefaultNetworks []*net.IPNet
    mutex                                sync.Mutex
    localScopeDefaultNetworks            = []*NetworkToSplit{{"172.17.0.0/16", 16}, {"172.18.0.0/16", 16}, {"172.19.0.0/16", 16},
        {"172.20.0.0/14", 16}, {"172.24.0.0/14", 16}, {"172.28.0.0/14", 16},
        {"192.168.0.0/16", 20}}
    globalScopeDefaultNetworks = []*NetworkToSplit{{"10.0.0.0/8", 24}}
)

上面的默认网络是硬编码的，并且似乎在每个部署中都选择了其中之一。

The default networks above are hard coded in, and it appears one of these is selected on every deployment.

这篇关于当Docker守护程序用尽网络IP地址以在部署撰写环境时分配时会发生什么情况？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！