在树莓派上使用Dockers运行Openwrt并作为主路由器的旁路由

开启网卡混杂模式

sudo ip link set eth0 promisc on

首先需要新建一个/etc/rc.local并添加可执行权限

sudo touch /etc/rc.local
sudo chmod +x /etc/rc.local

内容如下：

#!/bin/sh -e
#/etc/rc.local
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

# Print the IP address
_IP=$(hostname -I) || true
if [ "$_IP" ]; then
  printf "My IP address is %s\n" "$_IP"
fi

ip link set eth0 promisc on
ip link add link eth0 dev mynet type macvlan mode bridge
ifconfig mynet 192.168.2.149/24
route add 192.168.2.100 dev mynet
sleep 18
route add default gw 192.168.2.100 dev mynet

exit 0

添加systemd程序

sudo vim /etc/systemd/system/rc-local.service

内容如下：

[Unit]
 Description=/etc/rc.local Compatibility
 ConditionPathExists=/etc/rc.local
 After=network.target

[Service]
 Type=forking
 ExecStart=/etc/rc.local start
 TimeoutSec=0
 RemainAfterExit=yes

[Install]
 WantedBy=multi-user.target

启动systemd程序

sudo systemctl enable rc-local
sudo systemctl start rc-local.service
sudo systemctl status rc-local.service

安装Openwrt

创建网络

docker network create -d macvlan --subnet=192.168.0.0/24 --gateway=192.168.0.1 -o parent=eth0 macnet
docker network ls

拉取镜像：

arch # 查看系统内核架构，最好拉取和系统架构相符合的镜像
# 拉取镜像，可以从https://hub.docker.com/r/sulinggg/openwrt查看
docker pull registry.cn-shanghai.aliyuncs.com/suling/openwrt:rpi4

启动镜像

启动命令如下

sudo docker run --restart always --name openwrt -d --network macnet --privileged registry.cn-shanghai.aliyuncs.com/suling/openwrt:rpi4 /sbin/init

--restart always参数表示容器退出时始终重启，使服务尽量保持始终可用；

--name openwrt参数定义了容器的名称；

-d参数定义使容器运行在 Daemon 模式；

--network macnet参数定义将容器加入 maxnet网络；

--privileged 参数定义容器运行在特权模式下；

registry.cn-shanghai.aliyuncs.com/suling/openwrt:armv8为 Docker 镜像名，因容器托管在阿里云 Docker 镜像仓库内，所以在镜像名中含有阿里云仓库信息；

/sbin/init定义容器启动后执行的命令。

docker container ps -a

修改容器相关参数

进入容器

docker exec -it openwrt bash

vim /etc/config/network
config interface 'lan'
        option ifname 'eth0'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.2.100' #修改一个静态地址，可以通过这个地址访问到树莓派
        option gateway '192.168.2.1' #修改为路由器地址
        option dns '192.1682.1'     #修改为路由器地址

/etc/init.d/network restart

解决在docker中运行openwrt宿主机无法通信的问题

ip link set eth0 promisc on
ip link add link eth0 dev mynet type macvlan mode bridge
ifconfig mynet 192.168.2.149/24
route add 192.168.2.100 dev mynet
sleep 18
route add default gw 192.168.2.100 dev mynet