Docker-Compose启用IPv6

• 你如果没用使用Docker-Compose，就忽略配置，以了解为主，直接去看下面的docker配置。
  • docker-compose.yaml 文件必须使用 version: “2.*”，version: “3.*” 不支持 enable_ipv6 配置
  • 如果已有旧的容器在运行（网络配置发生了变化），则需要先销毁容器 docker-compose down 然后再重新创建 docker-compose up
  • 仅需在network下添加如下内容即可，其他信息正常配置。

networks:
      local_bridge:
        enable_ipv6: true
        driver: bridge
        ipam:
          config:
            - subnet: "2409:807e::/80"

启用ipv6

• 说明
  docker默认是不支持ipv6的，所以想要使用ipv6，就得单独开启这个功能。
• 前提条件
  主机需要具备ipv6地址并能正常使用，如下，2409开头的正规v6地址，而非fe80这种内部用的v6地址哈。

2: ens3:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether fa:16:3e:67:77:58 brd ff:ff:ff:ff:ff:ff
    inet 10.241.102.245/24 brd 10.241.102.255 scope global dynamic noprefixroute ens3
       valid_lft 63404sec preferred_lft 63404sec
    inet6 2409:807e:58cc:114::a2d/120 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe67:7758/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

• 执行vim /etc/docker/daemon.json 配置文件【没有这个配置文件是正常的】，写入如下内容"fixed-cidr-v6": "2409::/80",这个后面的ip是自定义的。

[root@xz-docker-tes-01 ~]# cat /etc/docker/daemon.json 
{
    "ipv6": true,
    "fixed-cidr-v6": "2409::/80",
    "experimental": true,
    "ip6tables": true
}
[root@xz-docker-tes-01 ~]# 

重启docker生效

• 重启不报错，实际上此时docker就能支持ipv6了。

[root@xz-docker-tes-01 ~]# systemctl restart docker
[root@xz-docker-tes-01 ~]# systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2023-12-01 11:40:31 CST; 9s ago
     Docs: https://docs.docker.com
 Main PID: 14470 (dockerd)
    Tasks: 13
   Memory: 47.3M
   CGroup: /system.slice/docker.service
           └─14470 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

创建一个ipv6的docker网络

• 这一步其实是不需要做的，因为，不使用这个网络的docker容器，也可以正常使用ipv6地址。我这多做一步是为了做测试而已。具体区别见下面测试说明。【测试后，我觉得这个没意义】

[root@xz-docker-tes-01 ~]# docker network create -d bridge --ipv6 --subnet "2409:807e::/80" ipv6_bridge
09663034b21493f64d2484dc21923a789bc8ac51c403d422e397435df74f204b
[root@xz-docker-tes-01 ~]#

• 创建好后的网络信息如下

[root@xz-docker-tes-01 ~]# docker network  list
NETWORK ID     NAME          DRIVER    SCOPE
bf1937081949   bridge        bridge    local
e98be3082c27   host          host      local
09663034b214   ipv6_bridge   bridge    local
7cee98cd58fe   none          null      local
[root@xz-docker-tes-01 ~]# 

创建容器测试v6地址

使用ipv6的网络创建容器

我这使用上面创建的一个ipv6的网络做测试测试

[root@xz-docker-tes-01 ~]# docker run -dit --name=v6 --restart=always --network=ipv6_bridge hub.c.163.com/library/centos:latest 
49af16d7dd9c63afd2a43b24b6dfdb8b39d70ef8e39c1d1c067dcbe28c242efa
[root@xz-docker-tes-01 ~]# 
[root@xz-docker-tes-01 ~]# docker ps
CONTAINER ID   IMAGE                                 COMMAND       CREATED         STATUS         PORTS     NAMES
49af16d7dd9c   hub.c.163.com/library/centos:latest   "/bin/bash"   3 seconds ago   Up 2 seconds             v6
[root@xz-docker-tes-01 ~]# 

容器内 ping其他v6地址和网关都能通，一切正常

[root@xz-docker-tes-01 ~]# docker exec -it v6 bash
[root@49af16d7dd9c /]# ls
anaconda-post.log  bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@49af16d7dd9c /]#
[root@49af16d7dd9c /]# ping6 2409:807e:58cc:114::a2d
PING 2409:807e:58cc:114::a2d(2409:807e:58cc:114::a2d) 56 data bytes
64 bytes from 2409:807e:58cc:114::a2d: icmp_seq=1 ttl=64 time=0.459 ms
64 bytes from 2409:807e:58cc:114::a2d: icmp_seq=2 ttl=64 time=0.093 ms
64 bytes from 2409:807e:58cc:114::a2d: icmp_seq=3 ttl=64 time=0.090 ms
^C
--- 2409:807e:58cc:114::a2d ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2058ms
rtt min/avg/max/mdev = 0.090/0.214/0.459/0.173 ms
[root@49af16d7dd9c /]# ping6 2409:807e:58cc:114::a01
PING 2409:807e:58cc:114::a01(2409:807e:58cc:114::a01) 56 data bytes
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=1 ttl=63 time=10.2 ms
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=2 ttl=63 time=2.04 ms
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=3 ttl=63 time=2.23 ms
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=4 ttl=63 time=2.35 ms
^C
--- 2409:807e:58cc:114::a01 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 2.048/4.208/10.200/3.461 ms
[root@49af16d7dd9c /]# 
[root@49af16d7dd9c /]# exit
exit
[root@xz-docker-tes-01 ~]# 

该容器的网络容器里面呢，也会有一个ipv6地址，主机虽然能ping通，但这个ip是容器专属的，

[root@xz-docker-tes-01 ~]# docker inspect v6 | grep "IPv6"
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPv6Addresses": null,
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPv6Gateway": "",
                    "IPv6Gateway": "2409:807e::1",
                    "GlobalIPv6Address": "2409:807e::2",
                    "GlobalIPv6PrefixLen": 80,
[root@xz-docker-tes-01 ~]# 
[root@xz-docker-tes-01 ~]# ping 2409:807e::2
PING 2409:807e::2(2409:807e::2) 56 data bytes
64 bytes from 2409:807e::2: icmp_seq=1 ttl=64 time=0.695 ms
64 bytes from 2409:807e::2: icmp_seq=2 ttl=64 time=0.090 ms
^C
--- 2409:807e::2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 50ms
rtt min/avg/max/mdev = 0.090/0.392/0.695/0.303 ms
[root@xz-docker-tes-01 ~]# 

容器内能ping通同样用这个网络创建的其他容器【但默认容器直接网络是隔离的哈】，具体这个v6地址的用途自行探索吧。

[root@xz-docker-tes-01 ~]# docker exec -it v6 bash
[root@49af16d7dd9c /]# ping6 2409:807e::3
PING 2409:807e::3(2409:807e::3) 56 data bytes
64 bytes from 2409:807e::3: icmp_seq=1 ttl=64 time=0.346 ms
64 bytes from 2409:807e::3: icmp_seq=2 ttl=64 time=0.108 ms
64 bytes from 2409:807e::3: icmp_seq=3 ttl=64 time=0.107 ms
^C
--- 2409:807e::3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2085ms
rtt min/avg/max/mdev = 0.107/0.187/0.346/0.112 ms
[root@49af16d7dd9c /]# 

使用普通网络创建容器测试

进入以后，能ping通网关和其他v6地址，没问题。

[root@xz-docker-tes-01 ~]# docker run --name=test1 -it hub.c.163.com/library/centos
[root@d866a511db84 /]# ping6 2409:807e:58cc:114::a17
PING 2409:807e:58cc:114::a17(2409:807e:58cc:114::a17) 56 data bytes
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=1 ttl=63 time=1.85 ms
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=2 ttl=63 time=0.782 ms
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=3 ttl=63 time=0.793 ms
64 bytes from 2409:807e:58cc:114::a17: icmp_seq=4 ttl=63 time=0.891 ms
^C
--- 2409:807e:58cc:114::a17 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3053ms
rtt min/avg/max/mdev = 0.782/1.080/1.855/0.449 ms
[root@d866a511db84 /]# 
[root@d866a511db84 /]# ping6 2409:807e:58cc:114::a01
PING 2409:807e:58cc:114::a01(2409:807e:58cc:114::a01) 56 data bytes
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=1 ttl=63 time=13.3 ms
64 bytes from 2409:807e:58cc:114::a01: icmp_seq=2 ttl=63 time=1.85 ms
^C
--- 2409:807e:58cc:114::a01 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.716/5.648/13.378/5.466 ms
[root@d866a511db84 /]# 

默认生成的，没有这个v6地址的，但不影响使用ipv6.

[root@xz-docker-tes-01 ~]# docker inspect test1 | grep "IP"
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "GlobalIPv6Address": "2409::242:ac11:2",
            "GlobalIPv6PrefixLen": 80,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "2409::1",
                    "IPAMConfig": null,
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "2409::1",
                    "GlobalIPv6Address": "2409::242:ac11:2",
                    "GlobalIPv6PrefixLen": 80,
[root@xz-docker-tes-01 ~]# 

创建一个nginx容器用ipv6地址访问测试

容器创建

先创建一个映射端口的nginx容器

[root@xz-docker-tes-01 ~]# docker run -dit --name=nginx --restart=always -p 80:80 --network=ipv6_bridge nginx
4a175fb0754961537b23111bab1251e9c9f36645e9936f07c5daeea28af4d898
[root@xz-docker-tes-01 ~]# netstat -ntlp | grep 80 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      16074/docker-proxy  
tcp6       0      0 :::80                   :::*                    LISTEN      16088/docker-proxy  
[root@xz-docker-tes-01 ~]#

我是指定了创建的ipv6网络的【其实不指定也一样，不影响外部访问的】

[root@xz-docker-tes-01 ~]# docker inspect nginx | grep "IPv6"
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPv6Addresses": null,
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPv6Gateway": "",
                    "IPv6Gateway": "2409:807e::1",
                    "GlobalIPv6Address": "2409:807e::3",
                    "GlobalIPv6PrefixLen": 80,
[root@xz-docker-tes-01 ~]#

ipv4地址验证

直接浏览器输入ipv4的地址，不报错就行【我下面显示ccx是因为我修改过nginx的默认文件内容了】

ipv6地址访问验证

验证ipv6地址之前，需要保证你测试的主机上已经配置有ipv6地址并且能正常使用

首先测试能否ping通目标ipv6地址【就上面搭建ipv6的主机v6地址，是主机，而非容器的啊】

然后网页直接输入v6地址【就上面搭建ipv6的主机v6地址，是主机，而非容器的啊】

• 访问格式[ipv6addr] 【注意，v6地址用中括号扩起来的】
• 其实下面内容就是nginx默认的内容，因为没有放任何东西，所以就会显示nginx界面，反正没报错就是正常的。

修改nginx容器网页内容

先进入nginx容器内部

[root@xz-docker-tes-01 ~]# docker exec -it nginx bash
root@4a175fb07549:/#

因为不知道容器的http默认文件在哪里，所以可以用find搜索

root@4a175fb07549:/# find / -name html
find: '/proc/32/map_files': Permission denied
find: '/proc/33/map_files': Permission denied
find: '/proc/34/map_files': Permission denied
find: '/proc/35/map_files': Permission denied
/usr/share/nginx/html
root@4a175fb07549:/#

通过搜索已知html路径为：/usr/share/nginx/html
那么就可以去修改了噻【懂了吧，想要显示啥内容，替换这个index.html文件就行了】

root@4a175fb07549:/usr/share/nginx/html# ls
50x.html  index.html
root@4a175fb07549:/usr/share/nginx/html# vi index.html 
bash: vi: command not found
root@4a175fb07549:/usr/share/nginx/html# vim index.html 
bash: vim: command not found
root@4a175fb07549:/usr/share/nginx/html# cat index.html 








Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.

For online documentation and support please refer to
nginx.org.

Commercial support is available at
nginx.com.

Thank you for using nginx.




root@4a175fb07549:/usr/share/nginx/html# cp index.html index.html.bak
root@4a175fb07549:/usr/share/nginx/html# echo ccx > index.html
root@4a175fb07549:/usr/share/nginx/html#     

如我上面，将ccx内容写入了index.html文件，那么正常情况，网页就只会显示ccx这3个字母

以上就是docker容器启用ipv6地址的方法流程的详细内容，更多关于docker启用ipv6地址的资料请关注其它相关文章！