TheRiver | blog

You have reached the world's edge, none but devils play past here

0%

centos8虚拟机双网卡+docker配置本地环境

最近公司网络策略变更,云服务器之间访问变得严格了,需要申请策略流程比较繁琐。所以想着在本地装一个虚拟机,用pc端的内网代理实现访问测试环境,再搞个docker把自己服务器镜像过来,配置过程还是有不少坑的,这篇文章记录下。

配置虚拟机环境

以前个人用过vmware,但是公司环境考虑到版权问题,这个软件也没有内部license,所以只好用virtualbox。使用下来这个开源的东西确实不好用,凑活吧。

这里本地找到了一个原来下载的centos8的iso,就直接用了,网络策略使用双网卡,一个nat用来访问外网,一个host only用来本地ssh访问。一般的配置如下:

一开始安装通过光驱启动,安装完之后,启动方式改为硬盘启动。然后进去linux后,配置下网卡,/etc/sysconfig/network-scripts/里面把2个网卡的ONBOOT都改成yes,然后把host only的BOOTPROTO改成静态,便于ssh登录,参考:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=*.*.*.*
NETMASK=255.255.255.0
DNS1=8.8.8.8
DNS2=114.114.114.114
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=no
IPV6_DEFROUTE=no
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp0s8
UUID=*************************
DEVICE=enp0s8
ONBOOT=yes
HWADDR=***************

由于是centos8,不能用systemctl restart network了,这里需要

1
2
3
nmcli connecttion reload
nmcli device reapply enp0s8
nmcli device reapply enp0s3

然后就可以本地iterm2用ssh登陆了

配置ssh

加个私钥和alias用起来方便

1
2
3
4
5
6
7
8
9
10
// local
ssh-keygen -t rsa -C river -f localvm

cat localvm.pub

// remote
echo pub >> ~/.ssh/authorized_keys

// local
echo "alias dev@local='ssh -i ~/.ssh/localvm -p 22 root@0.0.0.0'" >> ~/.zshrc

关闭图形界面:

1
2
3
4
5
6
7
systemctl get-default

// 设置为图形界面
systemctl set-default graphical.target

// 不开启图形界面
systemctl set-default multi-user.target

配置yum源

我这里没有墙,就不配源了

配置docker启动环境

yum install -y yum-utils device-mapper-persistent-data lvm2

yum-config-manager –add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum install docker-ce docker-ce-cli containerd.io

上面最后一步会报错Problem 1: problem with installed package podman-1.6.4-10.module_el8.2.0+305+5e198a41.x86_6,是因为centos8默认的podman会和docker冲突,这里可以选择卸载podman

1
2
3
4
// 参考:https://www.cnblogs.com/891288436xiaoyu/p/14092383.html
dnf remove podman

yum erase podman buildah

sudo systemctl enable docker

sudo systemctl start docker

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
[root@localhost ~]# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:9ade9cc2e26189a19c2e8854b9c8f1e14829b51c55a630ee675a5a9540ef6ccf
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/

For more examples and ideas, visit:
https://docs.docker.com/get-started/

安装容器镜像

这里我是内网的仓库,具体就不记录了,记录下基本命令

docker login ***

docker pull ***

ok之后执行:

docker run -itd ****:tagid /bin/bash

docker container ls

docker exec -it **** bash

大功告成

参考

https://yeasy.gitbook.io/docker_practice/install/centos

https://developer.aliyun.com/article/753261

https://rqsir.github.io/2019/05/23/VirtualBox-%E7%BD%91%E7%BB%9C%E6%A8%A1%E5%BC%8F%E6%80%BB%E7%BB%93/

----------- ending -----------