[原创]harbor自建网桥和办公网段冲突一例
一、前生后世
1.1、承上启下的分割线
由于包含不少代码,建议pc端阅览
之前办公网网段为192.168.0.0/16,后改成了172.17.0.0/16,harbor启动的时候,
没有走默认的docker0, 之前针对docker0的网络和办公网进行过区分,
而harbor自己创建的bridge网络也是172.17.0.0/16,
所以在办公网访问的时候harbor页面打不开,1.2、无例子无真相
[root@zhuima harbor]# docker-compose up -d
Creating network "harbor_default" with driver "bridge"
Creating harbor-log
Creating harbor-ui
Creating harbor-db
Creating harbor-jobservice
Creating registry
Creating nginx
[root@zhuima ~ ]# docker network ls
NETWORK ID NAME DRIVER SCOPE
65497ef7f76b bridge bridge local
b5fb2ccbec04 harbor_default bridge local
79a79bab4d5d host host local
34bb4691f5f5 none null local
[root@zhuima ~ ]# docker network inspect b5fb2ccbec04
[
{
"Name": "harbor_default",
"Id": "b5fb2ccbec04700885997e39f4343a5b39e93f1ffa298ba6fbd410737f163cbf",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1/16"
}
]
},
"Internal": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]二、这个问题如何解决
2.1、解决问题
有问题肯定第一时间去看github上是否已经有人提过issue了,果然是有的
https://github.com/vmware/harbor/issues/1403
但是,但是修改完之后依旧没反应
2.2、那该如何是好,黑人问好?
难道不用了,难道。。。。
三、修改docker-compose.yml文件
3.1、停止服务
docker-compose down -v # 会移除所有动作3.2、修改纪要
[root@zhuima harbor ]# diff docker-compose.yml docker-compose.yml.bak
11,12d10
< networks:
< - backend
31,32d28
< networks:
< - backend
48,49d43
< networks:
< - backend
67,68d60
< networks:
< - backend
85,86d76
< networks:
< - backend
106,115d95
< networks:
< - backend
<
< networks:
< backend:
< driver: bridge
< ipam:
< config:
< - subnet: 172.16.100.0/24
< gateway: 172.16.100.1
[root@yn-ops-docker harbor 11:07:31]#四、验证配置
4.1、启动服务
docker-compose up -d4.2、输出信息
[root@yn-ops-docker harbor 10:26:39]# docker-compose up -d
Creating network "harbor_backend" with driver "bridge"
Creating harbor-log
Creating harbor-ui
Creating harbor-db
Creating harbor-jobservice
Creating registry
Creating nginx
[root@yn-ops-docker harbor 10:26:48]# docker network ls4.3、查看docker网络
[root@zhuima ~ ]# docker network ls
NETWORK ID NAME DRIVER SCOPE
65497ef7f76b bridge bridge local
ed70db8ea3d2 harbor_backend bridge local
b5fb2ccbec04 harbor_default bridge local
79a79bab4d5d host host local
34bb4691f5f5 none null local
[root@zhuima ~ ]#
[root@zhuima harbor ]# docker network inspect ed70db8ea3d2
[
{
"Name": "harbor_backend",
"Id": "ed70db8ea3d2c6140068e7e5f48ea6cc490c6bf96e0370fee8f97077773baf0e",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.16.100.0/24",
"Gateway": "172.16.100.1"
}
]
},
"Internal": false,
"Containers": {
"4f8fda56eb678e5bb799b66843265f70543ee5e6e0765d044a02473a1e29a129": {
"Name": "nginx",
"EndpointID": "af18485ed874bfc39933f2b9abeab02185ba27366be2de19bb8a20056aef5ec5",
"MacAddress": "02:42:ac:10:64:07",
"IPv4Address": "172.16.100.7/24",
"IPv6Address": ""
},
"849c0f54205a39459f65e5a806dc456cc3c0d7b1bbf34233787edd84fe075054": {
"Name": "harbor-jobservice",
"EndpointID": "6ca1202c256fb823c3dc604a6b28ad6c6be2dd8daafc6694f55f43a186bc5d6b",
"MacAddress": "02:42:ac:10:64:05",
"IPv4Address": "172.16.100.5/24",
"IPv6Address": ""
},
"86e870d3dbb9d05869411add29ff2246e51ce8133b36e7486ba7a2a3d2444c3b": {
"Name": "harbor-log",
"EndpointID": "1e7375f7168b59b8e272cd52e1c2ff556fae5af49ec7d456463e7ee5d8d6d6b4",
"MacAddress": "02:42:ac:10:64:02",
"IPv4Address": "172.16.100.2/24",
"IPv6Address": ""
},
"c72eec9f88ae563b1174e116e7813f4d50aa265514362319e84ec4ea857b7516": {
"Name": "registry",
"EndpointID": "335529f53a904a5fadaa056efa8047deb8b0c7bae36003918be1b813e378abfc",
"MacAddress": "02:42:ac:10:64:06",
"IPv4Address": "172.16.100.6/24",
"IPv6Address": ""
},
"f458382832d4d42e48a1badbb0950e7e72655142ec3911167dd080de208e5b4c": {
"Name": "harbor-ui",
"EndpointID": "3a0e282c1ae6fc12f2f12f5f9190eb44428008129234e82c13bee70236ced78d",
"MacAddress": "02:42:ac:10:64:03",
"IPv4Address": "172.16.100.3/24",
"IPv6Address": ""
},
"f6c7a5b733e9a03b74c35cf29f61e80ddecdd1451782a121ac08263a69cd3e24": {
"Name": "harbor-db",
"EndpointID": "aaafafcdd050f4c565772025d7f502b29d82f1b4ea75414cd2e518ca3e9be253",
"MacAddress": "02:42:ac:10:64:04",
"IPv4Address": "172.16.100.4/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@zhuima harbor ]#4.4、验证容器获得的ip地址
[root@zhuima ~ ]# docker ps | awk 'NR>2{print $1,$NF}' | xargs -n2
c72eec9f88ae registry
849c0f54205a harbor-jobservice
f6c7a5b733e9 harbor-db
f458382832d4 harbor-ui
86e870d3dbb9 harbor-log
[root@zhuima ~ ]# docker ps | awk 'NR>2{print $1}' | xargs -n1 docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}'
172.16.100.6
172.16.100.5
172.16.100.4
172.16.100.3
172.16.100.2
[root@zhuima ~ ]#五、后记
5.1、后记
修改能满足我们现在的访问需求,但是有一点是这种实现方式很不优雅,很不优雅,读源码,
深刻了解实现原理比这个解决方式来的更优雅一点
哪位大佬有比较好的解决方案,可以一块讨论交流下本文参与 腾讯云自媒体同步曝光计划,分享自微信公众号。
原始发表:2017-11-05,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
腾讯云开发者
