将Docker容器连接到网络接口/设备而不是IP地址 [英] Connecting a Docker container to a network interface / device instead of an IP address
问题描述
经过仔细的研究,测试和调试,我只能通过从IP /端口转发,找到将Docker容器连接到给定接口。这可以通过将 -p Host-IP:Host-Port:Container-Port 添加到 docker run 命令来实现
我有一个应用程序可以监听UDP广播(255.255.255.255),并且无法配置转发,使得我的容器将收到这些广播,而不会在我关心的端口上转发所有网络流量(无论通过哪个接口),即: -p主机端口:容器端口。
可以使用 - net = host 配置容器,只需将我的代码绑定到给定的接口,已经做了测试,但仍然违背了一个容器的主要思想。目标是让同一个应用程序的多个容器在不同的网络接口(如设备,而不是地址)中进行监听。
有什么想法可以这样做? / p>
编辑#1 :在考虑了这一点之后,可能通过所需的界面设置桥梁就足够了,但是不要信任操作系统通过它发送广播数据包。请继续关注我执行更多的测试。
编辑#2 :数据包是通过一个网桥发送的。但是,该桥被配置为Docker默认网桥。我不知道如何在不同的桥梁上运行集装箱。看到一些注释指向将网络设置为 - net = none 并通过lxc容器设置自行配置。
默认情况下docker run命令发布tcp的端口。
尝试指定使用udp:
docker run -p主机端口:容器端口 / udb ...
After careful research, testing, and fiddling, I've only been able to find away to connect a Docker container to a given interface by forwarding from an IP/port. This can be accomplished by adding -p Host-IP:Host-Port:Container-Port to a docker run command.
I have an app that listens for UDP broadcasts (255.255.255.255), and have been unable to configure forwarding in such a way that my container will receive those broadcasts without forwarding all network traffic on the port I care about (no matter through which interface it comes in), ie: -p Host-Port:Container-Port.
It's possible to configure the container with --net=host and just write my code to bind to a given interface, which I've done and tested, but that still goes against the main idea of a container. The goal is to have multiple containers of the same app listening on different network interfaces (as in devices, not addresses).
Any ideas on how I could do this?
EDIT #1: After thinking about this some more, it may be possible that setting up the bridge over the required interface is enough, but I don't trust the OS to send the broadcast packets over it. Stay tuned as I perform more tests.
EDIT #2: Packets are sent over a bridge just fine. However, the bridge is configured as the Docker default bridge. I haven't been able to figure out how to run containers on different bridges. Saw some notes that point towards setting the network to --net=none and configuring it yourself through lxc container settings.
By default docker run command publishes ports for tcp. Try to specify use of udp:
docker run -p Host-Port:Container-Port/udb ...
这篇关于将Docker容器连接到网络接口/设备而不是IP地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
