将 Docker 容器连接到网络接口/设备而不是 IP 地址 [英] Connecting a Docker container to a network interface / device instead of an IP address
问题描述
经过仔细研究、测试和摆弄,我只能通过从 IP/端口转发将 Docker 容器连接到给定接口.这可以通过将 -p Host-IP:Host-Port:Container-Port 添加到 docker run 命令来完成.
After careful research, testing, and fiddling, I've only been able to find away to connect a Docker container to a given interface by forwarding from an IP/port. This can be accomplished by adding -p Host-IP:Host-Port:Container-Port to a docker run command.
我有一个侦听 UDP 广播 (255.255.255.255) 的应用程序,并且无法以这样一种方式配置转发,即我的容器将在不转发我关心的端口上的所有网络流量的情况下接收这些广播(无论通过哪个接口进来),即:-p Host-Port:Container-Port.
I have an app that listens for UDP broadcasts (255.255.255.255), and have been unable to configure forwarding in such a way that my container will receive those broadcasts without forwarding all network traffic on the port I care about (no matter through which interface it comes in), ie: -p Host-Port:Container-Port.
可以使用 --net=host 配置容器并编写我的代码以绑定到给定的接口,我已经完成并测试了,但这仍然违背了主要思想的一个容器.目标是让同一个应用的多个容器在不同的网络接口(如设备,而不是地址)上监听.
It's possible to configure the container with --net=host and just write my code to bind to a given interface, which I've done and tested, but that still goes against the main idea of a container. The goal is to have multiple containers of the same app listening on different network interfaces (as in devices, not addresses).
关于如何做到这一点的任何想法?
Any ideas on how I could do this?
编辑#1:再考虑一下之后,在所需接口上设置网桥可能就足够了,但我不相信操作系统会发送广播数据包超过它.请继续关注我进行更多测试.
EDIT #1: After thinking about this some more, it may be possible that setting up the bridge over the required interface is enough, but I don't trust the OS to send the broadcast packets over it. Stay tuned as I perform more tests.
编辑#2:数据包可以通过网桥发送.但是,网桥被配置为 Docker 默认网桥.我一直无法弄清楚如何在不同的网桥上运行容器.看到一些关于将网络设置为 --net=none 并通过 lxc 容器设置自行配置的注释.
EDIT #2: Packets are sent over a bridge just fine. However, the bridge is configured as the Docker default bridge. I haven't been able to figure out how to run containers on different bridges. Saw some notes that point towards setting the network to --net=none and configuring it yourself through lxc container settings.
推荐答案
默认情况下 docker run 命令会为 tcp 发布端口.尝试指定使用udp:
By default docker run command publishes ports for tcp. Try to specify use of udp:
docker run -p Host-Port:Container-Port/udb ...
这篇关于将 Docker 容器连接到网络接口/设备而不是 IP 地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
