DOCKER OS IMAGE 네트워크 안될때 - MTU 설정
* 최초 서버에 docker 설치 및 os image 를 연결 하게 되면 네트워크는 자동으로 잡히게 되는데 가상화 서버나 네트워크 스위치에서 MTU를 낮게 잡거나 높게 잡아 놓게 되면 docker 와 MTU 수치가 다르기 때문에 네트워크가 되지 않습니다.
* 해당 서버는 openstack apache webserver 에서 진행 했습니다.
[ 문제 발생 ] * eth0 과 docker0 의 mtu가 다른 상황입니다. MTU가 다를때는 옵션을 줘서 동일 값으로 셋팅합니다. [root@localhost]# ip link 1: lo:mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: mtu 1450 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether fa:16:3e:0a:b2:dc brd ff:ff:ff:ff:ff:ff 3: docker0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT link/ether 02:42:86:b8:b7:01 brd ff:ff:ff:ff:ff:ff
* docker MTU 기본값을 변경 합니다. [ centos7 ] [root@localhost]# vi /lib/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com After=network.target rhel-push-plugin.socket registries.service Wants=docker-storage-setup.service Requires=docker-cleanup.timer [Service] Type=notify NotifyAccess=all EnvironmentFile=-/run/containers/registries.conf EnvironmentFile=-/etc/sysconfig/docker EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/sysconfig/docker-network Environment=GOTRACEBACK=crash Environment=DOCKER_HTTP_HOST_COMPAT=1 Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin ExecStart=/usr/bin/dockerd-current \ --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \ --default-runtime=docker-runc \ --exec-opt native.cgroupdriver=systemd \ --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \ --seccomp-profile=/etc/docker/seccomp.json \ --mtu 1450 \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ $ADD_REGISTRY \ $BLOCK_REGISTRY \ $INSECURE_REGISTRY \ $REGISTRIES ExecReload=/bin/kill -s HUP $MAINPID LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity TimeoutStartSec=0 Restart=on-abnormal MountFlags=slave KillMode=process [Install] WantedBy=multi-user.target [ ubuntu 16.04] [root@localhost]# vi /lib/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network-online.target docker.socket firewalld.service Wants=network-online.target Requires=docker.socket [Service] Type=notify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart=/usr/bin/dockerd -H fd:// --mtu 1450 ExecReload=/bin/kill -s HUP $MAINPID LimitNOFILE=1048576 # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNPROC=infinity LimitCORE=infinity # Uncomment TasksMax if your systemd version supports it. # Only systemd 226 and above support this version. TasksMax=infinity TimeoutStartSec=0 # set delegate yes so that systemd does not reset the cgroups of docker containers Delegate=yes # kill only the docker process, not all processes in the cgroup KillMode=process # restart the docker process if it exits prematurely Restart=on-failure StartLimitBurst=3 StartLimitInterval=60s [Install] WantedBy=multi-user.target ~ [root@skhkil 04:41:22:/lib/systemd/system]# systemctl daemon-reload [root@skhkil 04:41:30:/lib/systemd/system]# service docker restart Redirecting to /bin/systemctl restart docker.service * centos7 ,ubuntu16.04 에서 MTU 값을 서버와 동일하게 셋팅하고, 재접속 또는 docker os 마운트해서 확인하면 mtu 변경 확인이 가능 합니다.
[root@localhost]# ip link 1: lo:mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: mtu 1450 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether fa:16:3e:0a:b2:dc brd ff:ff:ff:ff:ff:ff 3: docker0: mtu 1450 qdisc noqueue state UP mode DEFAULT link/ether 02:42:86:b8:b7:01 brd ff:ff:ff:ff:ff:ff 107: vethf134985@if106: mtu 1450 qdisc noqueue master docker0 state UP mode DEFAULT link/ether 42:82:96:46:44:b4 brd ff:ff:ff:ff:ff:ff link-netnsid 0
H
0 개의 댓글