Ana*_*tel 7 linux sysadmin ubuntu networking docker
Docker 为它创建的每个容器创建一个veth连接到bridge(docker0)的接口.
http://docs.docker.io/use/networking/
我想限制这些新veth接口的带宽.我找到了一种方法来做奇迹.但是我想自动化这个.
有没有办法在每次veth连接新接口时都有一个运行脚本的钩子?
我已经考虑过添加脚本/etc/network/if-up.d/,但是veth只在启动时添加脚本时它们才会运行.
以下是我试图收到通知的一些系统日志.我知道我可以拖尾这些日志,但这种方法看起来有点hacky,必须有办法通过操作系统获得有关此事件的通知.
May 2 23:28:41 ip-10-171-7-2 kernel: [22170163.565812] netlink: 1 bytes leftover after parsing attributes.
May 2 23:28:42 ip-10-171-7-2 kernel: [22170163.720571] IPv6: ADDRCONF(NETDEV_UP): veth5964: link is not ready
May 2 23:28:42 ip-10-171-7-2 kernel: [22170163.720587] device veth5964 entered promiscuous mode
May 2 23:28:42 ip-10-171-7-2 avahi-daemon[1006]: Withdrawing workstation service for vethdc8c.
May 2 23:28:42 ip-10-171-7-2 kernel: [22170163.743283] IPv6: ADDRCONF(NETDEV_CHANGE): veth5964: link becomes ready
May 2 23:28:42 ip-10-171-7-2 kernel: [22170163.743344] docker0: port 27(veth5964) entered forwarding state
May 2 23:28:42 ip-10-171-7-2 kernel: [22170163.743358] docker0: port 27(veth5964) entered forwarding state
May 2 23:28:48 ip-10-171-7-2 kernel: [22170170.518670] docker0: port 26(vethb06a) entered forwarding state
May 2 23:28:57 ip-10-171-7-2 kernel: [22170178.774676] docker0: port 27(veth5964) entered forwarding state
您应该编写一个自定义udev规则,以便在每次添加新接口时运行您的脚本。这就是 Debian 处理接口“hotplug”的方法。
/etc/udev/rules.d/90-my-networking.rules:
SUBSYSTEM=="net", RUN+="/usr/local/bin/my-networking-agent.sh"
/usr/local/bin/my-networking-agent.sh:
#!/bin/sh
logger "hey I just got interface ${INTERFACE} with action ${ACTION}"
编辑
您可以通过以下方法进行测试:
# modprobe dummy0
# ifconfig dummy0 up
# tail -n1 /var/log/syslog
May 3 01:48:06 ernst logger: hey I just got interface dummy0 with action add