请教一个 Docker IPv6 配置问题
資深大佬 : naoh1000 11
服务器以前一直是使用 Docker CLI 创建的网络,robbertkl/docker-ipv6nat 这个项目维护的 NAT,容器能通过 https 服务器公网 IPv6 地址 :8000 访问。最近开了 userns-remap,改用 Docker Compose 部署,发现怎么也无法通过 IPv6 访问,请大家帮忙看看。
Docker IPv6 配置方法:
sudo su echo '{ "userns-remap": "default", "ipv6": true, "fixed-cidr-v6": "fd00:0:0::/48" }' > /etc/docker/daemon.json exit sudo systemctl restart docker sudo ip6tables -t nat -A POSTROUTING -s fd00:0:0::/48 ! -o docker0 -j MASQUERADE sudo docker run --rm -t busybox ping6 -c 2 google.com sudo docker run -d --userns=host --name ipv6nat --privileged --network host --restart always -v /var/run/docker.sock:/var/run/docker.sock:ro -v /lib/modules:/lib/modules:ro robbertkl/ipv6nat docker-compose.yml 写法 1 (容器能访问外网 IPv6,外网不能通过主机 IPv6 访问容器,官网看到的写法,有人说 v3 不支持 IPv6 所以用了 v2 的配置)
version: '2.1' services: caddy: image: caddy restart: always ports: - 80:80 - 8000:443 volumes: - /var/volumes/caddy/configs:/etc/caddy - /var/volumes/caddy/data:/data/caddy - /var/volumes/caddy/certs:/etc/ssl/certs/caddy - /var/volumes/caddy/private:/etc/ssl/private/caddy - /var/volumes/caddy/logs:/var/log/caddy - /mnt/sda1/var/volumes/caddy/storage:/storage networks: app_net: ipv6_address: fd00:0:1::10 networks: app_net: enable_ipv6: true driver: bridge ipam: driver: default config: - subnet: fd00:0:1::/48 gateway: fd00:0:1::1 docker-compose.yml 写法 2 (容器不能访问外网 IPv6,外网不能通过主机 IPv6 访问容器,社区看到的写法)
version: '3.8' services: caddy: image: caddy restart: always ports: - 80:80 - 8000:443 volumes: - /var/volumes/caddy/configs:/etc/caddy - /var/volumes/caddy/data:/data/caddy - /var/volumes/caddy/certs:/etc/ssl/certs/caddy - /var/volumes/caddy/private:/etc/ssl/private/caddy - /var/volumes/caddy/logs:/var/log/caddy - /var/volumes/caddy/storage:/storage networks: app_net: network: app_net: ipam: driver: default config: - subnet: "10.0.1.0/24" - subnet: "fd00:0:1::/48" 期望效果:容器能访问外网 IPv6,外网能通过主机 IPv6+端口访问容器。 折腾三天还没实现,请问有大佬有思路吗,谢谢。
大佬有話說 (2)