{"id":7428,"date":"2022-10-08T20:15:57","date_gmt":"2022-10-08T12:15:57","guid":{"rendered":"https:\/\/egonlin.com\/?p=7428"},"modified":"2022-10-29T08:42:09","modified_gmt":"2022-10-29T00:42:09","slug":"01-%e5%ae%b9%e5%99%a8%e7%bd%91%e7%bb%9c%e6%95%85%e9%9a%9c%e5%88%86%e6%9e%90%e6%96%b9%e6%b3%95","status":"publish","type":"post","link":"https:\/\/egonlin.com\/?p=7428","title":{"rendered":"01 \u5bb9\u5668\u7f51\u7edc\u6545\u969c\u5206\u6790\u65b9\u6cd5"},"content":{"rendered":"

\u4e00 \u4e86\u89e3\u6574\u4e2a\u901a\u4fe1\u6d41\u7a0b<\/h1>\n

\u6211\u4eec\u5148\u6765\u521b\u5efa\u4e00\u4e2a\u6ca1\u6709\u7f51\u7edc\u7684\u5bb9\u5668\uff0c\u7136\u540e\u624b\u52a8\u4e3a\u5bb9\u5668\u6784\u5efa\u51fa\u5b8c\u6574\u7684\u7f51\u7edc\u901a\u4fe1\u6d41\u7a0b\uff0c\u4ee5\u6b64\u6765\u4e86\u89e3\u6574\u4f53\u7684\u901a\u4fe1\u6d41\u7a0b<\/p>\n

\u7b2c\u4e00\u6b65\uff1a\u521b\u5efa\u4e00\u4e2a\u5bb9\u5668\uff0c\u6ca1\u6709\u7f51\u7edc\uff0c\u6b64\u65f6\u5bb9\u5668\u91cc\u53ea\u6709\u4e00\u4e2alo\u7f51\u5361\uff0c\u5185\u90e8\u7684\u6570\u636e\u5305\u6839\u672c\u65e0\u6cd5\u53d1\u51fa\u53bb<\/p>\n

[root@test04 ~]# docker container run -d --network none --name test centos:7 tail -f \/dev\/null\n\n[root@test04 ~]# docker inspect test |grep -i -w pid\n            "Pid": 44951,\n\n[root@test04 ~]# nsenter -t 44951 -n ip a # \u53ea\u6709\u4e00\u4e2a\u672c\u5730lo\n1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000\n    link\/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00\n    inet 127.0.0.1\/8 scope host lo\n       valid_lft forever preferred_lft forever\n<\/code><\/pre>\n
\"\"<\/div><\/p>\n
\u7b2c\u4e8c\u6b65\uff1a\u5bb9\u5668\u60f3\u5bf9\u5916\u53d1\u9001\u6570\u636e\u5305\uff0c\u5fc5\u987b\u5148\u628a\u6570\u636e\u5305\u9001\u5230\u5bbf\u4e3b\u673a\uff0c\u7136\u540e\u7531\u5bbf\u4e3b\u673a\u505a\u8f6c\u53d1\u624d\u884c\uff0c\u6240\u4ee5\u63a5\u4e0b\u6765\u6211\u4eec\u9700\u8981\u8ba9\u5bb9\u5668\u80fd\u591f\u628a\u5305\u53d1\u9001\u5230\u5bbf\u4e3b\u673a<\/p>\n
\u521b\u5efaveth\u5bf9<\/p>\n
veth \u5c31\u662f\u4e00\u4e2a\u865a\u62df\u7684\u7f51\u7edc\u8bbe\u5907\uff0c<\/p>\n
\u4e00\u822c\u90fd\u662f\u6210\u5bf9\u521b\u5efa\uff0c\u800c\u4e14\u8fd9\u5bf9\u8bbe\u5907\u662f\u76f8\u4e92\u8fde\u63a5\u7684\u3002\u5f53\u6bcf\u4e2a\u8bbe\u5907\u5728\u4e0d\u540c\u7684 Network<\/p>\n
Namespaces \u7684\u65f6\u5019\uff0cNamespace \u4e4b\u95f4\u5c31\u53ef\u4ee5\u7528\u8fd9\u5bf9 veth \u8bbe\u5907\u6765\u8fdb\u884c\u7f51\u7edc\u901a\u8baf\u4e86\u3002<\/p>\n
# \u4e00\u3001\u8bf4\u660e\uff1aip netns\u9ed8\u8ba4\u4f1a\u53bb\/var\/run\/netns\/\u76ee\u5f55\u4e0b\u627e\u540d\u79f0\u7a7a\u95f4\u7684pid\u53f7\n\u4f60\u5fc5\u987b\u7528ip netns\u521b\u5efa\u8fc7\u540d\u79f0\u7a7a\u95f4\uff0c\u624d\u4f1a\u751f\u6210\u76ee\u5f55\/var\/run\/netns\/\nip netns add xxx\nls \/var\/run\/netns  # \u53ef\u4ee5\u770b\u5230\u6709\u4e00\u4e2a\u540d\u4e3axxx\u7684\u6587\u4ef6\n\n# \u6240\u4ee5\u6211\u4eec\u8981\u60f3\u501f\u52a9ip nets\u64cd\u4f5c\u6211\u4eec\u7684\u5bb9\u5668\u540d\u79f0\u7a7a\u95f4\uff0c\u5fc5\u987b\u628a\u5bb9\u5668\u540d\u79f0\u7a7a\u95f4\u94fe\u63a5\u5230\u6307\u5b9a\u76ee\u5f55\u4e0b\u624d\u884c\npid=$(docker inspect test |grep -i -w pid| awk '{print $2}' |cut -d, -f1)\nln -s \/proc\/$pid\/ns\/net \/var\/run\/netns\/$pid\n\n# \u4e8c\u3001\u521b\u5efaveth\u5bf9\nip link add name veth_host type veth peer name veth_container\n\n\u53ef\u4ee5\u5728\u5bbf\u4e3b\u673a\u4e0a\u67e5\u770b\uff0c\u5df2\u7ecf\u521b\u5efa\u597d\u4e86\u4e00\u4e2aveth\u5bf9\uff1aip link list |grep veth_<\/code><\/pre>\n
\u7b2c\u4e09\u6b65\uff1a<\/p>\n
veth\u5bf9\u5c31\u60f3\u4e00\u6839\u7f51\u7ebf\uff0c\u5982\u4e0a\u56fe\u6240\u793a\uff0c\u6211\u4eec\u628a\u7f51\u7ebf\u7684\u4e00\u7aef\u63a5\u5230\u4e86\u5bb9\u56681\u4e0a\uff0c\u63a5\u4e0b\u6765\u9700\u8981\u505a\u7684\u5c31\u628a\u53e6\u4e00\u7aef\u63a5\u5230\u4e00\u53f0\u4ea4\u6362\u673a\u4e0a\uff0c\u8fd9\u53f0\u4ea4\u6362\u673a\u5c31\u662f\u5bbf\u4e3b\u673a\u4e0a\u7684docker0\u7f51\u6865<\/p>\n
[root@test04 ~]# ifconfig docker0\ndocker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500\n        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255\n        inet6 fe80::42:81ff:fe51:48a  prefixlen 64  scopeid 0x20<link>\n        ether 02:42:81:51:04:8a  txqueuelen 0  (Ethernet)\n        RX packets 9081  bytes 446105 (435.6 KiB)\n        RX errors 0  dropped 0  overruns 0  frame 0\n        TX packets 16786  bytes 26134922 (24.9 MiB)\n        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0<\/code><\/pre>\n
\u5904\u7406veth\u5bf9\uff1a\u5bb9\u5668\u7aef<\/p>\n
# \u628aveth\u5bf9\u4e2d\u7684\u4e00\u4e2a\u653e\u5230\u5bb9\u5668\u7684\u540d\u79f0\u7a7a\u95f4\u91cc\nip link set veth_container netns $pid\n\n\u6b64\u65f6\u53ef\u4ee5\u67e5\u770b\u5bb9\u5668\u540d\u79f0\u7a7a\u95f4\u91cc\uff0c\u53d1\u73b0\u591a\u4e86\u4e00\u4e2a\u7f51\u5361\uff0c\u5bb9\u5668\u91cc\u6ca1\u6709ip\u547d\u4ee4\u7684\u8bdd\uff0c\u6211\u4eec\u5728\u5bbf\u4e3b\u673a\u7528nsenter\u547d\u4ee4\u6267\u884c\n[root@test04 ~]# nsenter -t 44951 -n ip a  # \u7528ifconfig\u547d\u4ee4\u770b\u4e0d\u5230\uff0c\u9700\u8981\u7528ip a\u547d\u4ee4\u624d\u884c\n1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000\n    link\/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00\n    inet 127.0.0.1\/8 scope host lo\n       valid_lft forever preferred_lft forever\n21: veth_container@if22: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000\n    link\/ether 12:6a:b6:19:d7:10 brd ff:ff:ff:ff:ff:ff link-netnsid 0\n\n# \u63a5\u4e0b\u6765\u6211\u4eec\u628a\u5bb9\u5668\u91cc\u7684\u90a3\u4e2a\u7f51\u5361\u540d\u5b57\u6539\u7684\u597d\u542c\u4e00\u4e9b\uff0c\u5e76\u4e14\u8bbe\u7f6e\u4e00\u4e0bip\u5730\u5740\nip netns exec $pid ip link set veth_container name eth0 \n\n# \u4e3a\u5bb9\u5668\u914d\u7f6eip\u5730\u5740\u4e0e\u9ed8\u8ba4\u8def\u7531,\u4e0e\u7f51\u6865\u7684ip\u5730\u5740\u543b\u5408\nip netns exec $pid ip link set eth0 up \nip netns exec $pid ip addr add 172.17.1.2\/16 dev eth0  \nip netns exec $pid ip route add default via 172.17.0.1 \n\n\u5982\u679c\u5bb9\u5668\u5185\u6ca1\u6709ip\u547d\u4ee4\uff0c\u5219\u53ef\u4ee5\u7528nsenter\u547d\u4ee4\nnsenter -t $pid -n ip addr add 172.17.1.2\/16 dev eth0 \nnsenter -t $pid -n ip link set eth0 up \nnsenter -t $pid -n ip route add default via 172.17.0.1 # \u7f51\u683c\u6307\u5411docker0\n\nnsenter -t $pid -n ip a\nnsenter -t $pid -n route -n<\/code><\/pre>\n
\u5904\u7406veth\u5bf9\u53e6\u5916 \u4e00\u7aef\uff1a\u5bbf\u4e3b\u673a\u4e0a\u7684veth_host<\/p>\n
# veth_host\u672c\u8eab\u5c31\u662f\u5b58\u5728\u4e8e\u5bbf\u4e3b\u673a\u4e0a\u7684\uff0c\u76f4\u63a5up\u5c31\u53ef\u4ee5\nip link set veth_host up<\/code><\/pre>\n
\u6d4b\u8bd5\uff1a\u6b64\u65f6\u6211\u4eec\u7ed9veth_host\u52a0\u4e00\u4e2aip\u5730\u5740\uff0c\u5c31\u53ef\u4ee5\u8ba9\u5bb9\u5668\u4e0e\u5bbf\u4e3b\u673a\u901a\u4fe1\u4e86\uff0c\u56e0\u4e3aveth\u5bf9\u7684\u4e00\u7aef\u5728\u5bb9\u5668\u5185\uff0c\u53e6\u5916\u4e00\u7aef\u4e5f\u5c31\u662fveth_host\u5b58\u5728\u4e8e\u5bbf\u4e3b\u673a\u4e0a\uff0c\u76f8\u5f53\u4e8e\u6709\u4e00\u6839\u7f51\u7ebf\u5c06\u5bb9\u5668\u4e0e\u5bbf\u4e3b\u673a\u76f4\u8fde\u4e86\u8d77\u6765<\/p>\n
ip addr add 172.17.1.1\/16 dev veth_host\n\n# \u7136\u540e\u6211\u4eec\u7528\u5bb9\u5668\u53bbping\u901a\u5bbf\u4e3b\u673a\u7684veth_host\n[root@test04 ~]# nsenter -t $pid -n ping 172.17.1.1\nPING 172.17.1.1 (172.17.1.1) 56(84) bytes of data.\nFrom 172.17.1.2 icmp_seq=1 Destination Host Unreachable\n\n# \u5982\u679c\u53d1\u73b0ping\u4e0d\u901a\uff0c\u53ef\u4ee5\u6253\u5f00\u53e6\u5916\u4e00\u4e2a\u7ec8\u7aef\uff0c\u6293\u5305\u5206\u6790\uff0c\u53d1\u73b0veth_host\u4e0d\u54cd\u5e94arp\n[root@test04 ~]# tcpdump -i veth_host -nnv\ntcpdump: listening on veth_host, link-type EN10MB (Ethernet), capture size 262144 bytes\n09:19:43.759305 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 172.17.1.1 tell 172.17.1.2, length 28\n\n# \u89e3\u51b3\u529e\u6cd5\n\u5982\u679c\u4f60\u7684veth\u5bf9\u662f\u975e172.17.0.0\/16\u6bb5\u7684\uff0c\u6839\u672c\u4e0d\u4f1a\u51fa\u73b0\u4e0a\u8ff0\u95ee\u9898\n\u4e0a\u8ff0\u95ee\u9898\u662f\u56e0\u4e3adocker0\u76f8\u5f53\u4e8e\u4e00\u4e2a\u865a\u62df\u673a\u4ea4\u6362\u673a\uff0c\u4e00\u65e6\u53d1\u9001\u7ed9\u5bbf\u4e3b\u673a\u3001\u76ee\u6807\u5730\u5740\u4e3a172.17.0.0\/16\u6bb5\u7684\u6570\u636e\u5305\uff0c\u90fd\u4f1a\u88abdocker0\u63a5\u6536\u6765\u8fdb\u884carp\u5e7f\u64ad\uff0c\u5b83\u5e7f\u64ad\u7684\u8fc7\u7a0b\u4e2d\u4f1a\u53d1\u73b0\u6ca1\u6709\u4efb\u4f55veth\u5bf9\u63a5\u5230\u5b83\u8eab\u4e0a\uff0c\u5f53\u7136\u4f1a\u62a5\u65e0\u6cd5\u54cd\u5e94\n\n\u4f60\u8981\u77e5\u9053\uff0c\u867d\u7136\u4f60\u7684\u5bbf\u4e3b\u673a\u4e0a\u7531veth_host\uff0c\u4f46\u662f\u5b83\u6ca1\u6709\u5173\u8054\/\u63d2\u5230\u865a\u62df\u673a\u4ea4\u6362\u673a\u4e0adocker0\u4e0a\uff0c\u800cdocker0\u662f\u4e13\u95e8\u5904\u7406172.17.0.0\/16\u6570\u636e\u5305\u7684\uff0c\u6240\u6709\u8fd9\u4e2a\u6bb5\u7684\u5305\u90fd\u5f52\u5b83\u8f6c\u53d1\uff0c\u5f53\u7136\u5b83\u53ea\u4f1a\u8f6c\u53d1\u7ed9\u5173\u8054\u5230\u81ea\u5df1\u8eab\u4e0a\u7684\u63a5\u53e3\n\n\u6682\u65f6\u89e3\u51b3\u8be5\u95ee\u9898\uff0c\u53ef\u4ee5\u8fd9\u4e48\u505a\uff0c\u4e34\u65f6\u6682\u65f6\u5173\u6389docker0\u5c31\u53ef\u4ee5\u4e86\uff0c\u8fd9\u6837\u76ee\u6807\u5730\u5740\u4e3a172.17.0.0\/16\u6bb5\u7684\u6570\u636e\u5305\u5c31\u4e0d\u4f1a\u88abdocker0\u622a\u80e1\u4e86\nifconfig docker0 down\n\n# \u7136\u540e\u6d4b\u8bd5\u4f60\u4f1a\u53d1\u73b0\u76f4\u63a5\u53ef\u4ee5ping\u901a\uff0c\u6d4b\u8bd5\u5b8c\u6bd5\u540e\uff0c\u8981\u8bb0\u5f97\u628aveth_host\u7684ip\u5730\u5740\u6e05\u7406\u6389\nip link addr del 172.17.1.1\/16 dev veth_host<\/code><\/pre>\n
\"\"<\/div><\/p>\n
\u7b2c\u56db\u6b65\uff1a\u628aveth_host\u63d2\u5230\u865a\u62df\u673a\u4ea4\u6362\u673adocker0\u4e0a<\/p>\n
ip link set veth_host master docker0\n\n# \u4f60\u4e5f\u53ef\u4ee5\u4e0d\u7528docker0\uff0c\u800c\u7528\u547d\u4ee4brctl addif br0 A\u81ea\u5df1\u521b\u5efa\u4e00\u4e2a\uff0c\u60f3\u7528brctl\u547d\u4ee4\u9700\u8981yum install bridge-utils -y <\/code><\/pre>\n
\u5982\u4e0b\u56fe<\/p>\n
\"\"<\/div><\/p>\n
\u6b64\u65f6\u5bb9\u5668\u53ef\u4ee5ping\u901adocker0<\/p>\n
[root@test04 ~]# nsenter -t $pid -n ping 172.17.0.1\nPING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.\n64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.045 ms<\/code><\/pre>\n
\u7b2c\u4e94\u6b65\uff1a\u6dfb\u52a0docker0\u5230ense32\u7684\u8f6c\u53d1\uff0c\u8ba9\u5bb9\u5668\u7684\u5305\u53ef\u4ee5\u51fa\u53bb<\/p>\n
# \u5bbf\u4e3b\u673a\u5f00\u542f\u8def\u7531\u8f6c\u53d1\u529f\u80fd\necho 1 > \/proc\/sys\/net\/ipv4\/ip_forward\n\niptables -P FORWARD ACCEPT\n# \u9632\u706b\u5899\u8f6c\u53d1\u89c4\u5212\u4e0d\u7528\u52a0\uff0c\u5982\u679c\u4f60\u4f7f\u7528\u7684\u662f\u9ed8\u8ba4\u7684docker0\u7f51\u6865\uff0cdocker\u5f15\u64ce\u9ed8\u8ba4\u90fd\u52a0\u4e86<\/code><\/pre>\n
\"\"<\/div><\/p>\n
# \u6d4b\u8bd5\n[root@test04 ~]# nsenter -t $pid -n ping www.baidu.com\nPING www.baidu.com (36.152.44.96) 56(84) bytes of data.\n64 bytes from 36.152.44.96 (36.152.44.96): icmp_seq=1 ttl=54 time=9.91 ms<\/code><\/pre>\n
\u4e8c \u7f51\u7edc\u6545\u969c\u6392\u67e5\u6b65\u9aa4<\/h1>\n
\u5bb9\u5668\u7684eth0<\/p>\n
nsenter -t $pid -n tcpdump -i eth0 host www.baidu.com -nnv<\/code><\/pre>\n
\u5bbf\u4e3b\u673a\u4e0a\u7684veth_host<\/p>\n
tcpdump -i veth_host host www.baidu.com -nnv<\/code><\/pre>\n
\u5bbf\u4e3b\u673a\u4e0a\u7684docker0<\/p>\n
tcpdump -i docker0 host www.baidu.com -nnv<\/code><\/pre>\n
\u5bbf\u4e3b\u673a\u7684\u7269\u7406\u7f51\u5361ens32<\/p>\n
tcpdump -i ens32 host www.baidu.com -nnv<\/code><\/pre>\n
\u5bbf\u4e3b\u673a\u7684\u8f6c\u53d1\u89c4\u5219<\/p>\n
iptables -t nat -L -n<\/code><\/pre>\n
\u5bbf\u4e3b\u673a\u662f\u5426\u5f00\u542f\u8def\u7531\u8f6c\u53d1<\/p>\n
cat \/proc\/sys\/net\/ipv4\/ip_forward # \u7ed3\u679c\u5e94\u8be5\u4e3a1\u624d\u5bf9<\/code><\/pre>\n
\u8865\u5145\uff1a<\/p>\n
1\u3001\u540c\u4e00\u5bbf\u4e3b\u673a\u4e0a\u7684\u591a\u4e2a\u5bb9\u5668\u901a\u4fe1\uff0c\u76f4\u63a5\u8d70\u4e8c\u5c42<\/p>\n
\"\"<\/div><\/p>\n
2\u3001\u5982\u679c\u662f\u8de8\u8282\u70b9\u7684\u5bb9\u5668\u901a\u4fe1\uff0c\u5c31\u9700\u8981\u7528\u5230overlay\u7f51\u7edc<\/p>\n
\u5f53\u7136\uff0c\u5982\u679c\u4ec5\u4ec5\u53ea\u662f\u4e3a\u4e86\u8ba9\u5916\u90e8\u8bbf\u95ee\u8005\u80fd\u591f\u8bbf\u95ee\u5230\u5bbf\u4e3b\u673a\u4e0a\u7684\u67d0\u4e00\u4e2a\u5bb9\u5668\uff0c\u53ef\u4ee5\u8fd9\u4e48\u505a<\/p>\n
iptables -t nat -A PREROUTING -d \u3010\u5bbf\u4e3b\u673aip\u3011 -p tcp -m tcp --dport \u3010\u5bbf\u4e3b\u673a\u6620\u5c04\u7aef\u53e3\u3011 -j DNAT --to-destination \u3010\u5bb9\u5668ip\u3011:\u3010\u5bb9\u5668\u7aef\u53e3\u3011<\/code><\/pre>\n
3\u3001\u5bb9\u5668\u4e0e\u5916\u90e8\u901a\u4fe1\u9700\u8981\u901a\u8fc7veth\u5bf9\uff0c\u5230\u8fbe\u865a\u62df\u4ea4\u6362\u673adocker0\uff0c\u7136\u540e\u518d\u901a\u8fc7nat\u6216\u8005route\u8f6c\u53d1\u7ed9\u7269\u7406\u673a\u7684eth0\u7f51\u5361\uff0c\u7136\u540e\u624d\u80fd\u53d1\u5230\u5916\u90e8\u53bb<\/p>\n
\u8fd9\u6bd4\u5bbf\u4e3b\u673a\u76f4\u63a5\u4e0e\u5916\u90e8\u901a\u4fe1\u589e\u52a0\u4e86\u5f88\u591a\u6d41\u7a0b\uff0c\u5fc5\u7136\u5e26\u6765\u4e00\u4e9b\u7f51\u7edc\u5ef6\u8fdf\u95ee\u9898\uff0c\u53ef\u4ee5\u91c7\u7528macvlan\u6216ipvlan\u6765\u4ee3\u66ffveth\u5bf9\u7684\u65b9\u6848\uff0c\u5bf9\u4e8e macvlan\uff0c\u6bcf\u4e2a\u865a\u62df\u7f51\u7edc\u63a5\u53e3\u90fd\u6709\u81ea\u5df1\u72ec\u7acb\u7684 mac \u5730\u5740\uff1b\u800c ipvlan \u7684\u865a\u62df\u7f51\u7edc\u63a5\u53e3\u662f\u548c\u7269\u7406\u7f51\u7edc\u63a5\u53e3\u5171\u4eab\u540c\u4e00\u4e2a mac \u5730\u5740\uff0cmacvlan\u53caipvlan\u4e0eveth\u5bf9\u4e0d\u540c\u7684\u662f\uff0c\u5bb9\u5668\u7684\u865a\u62df\u7f51\u7edc\u63a5\u53e3\u76f4\u63a5\u94fe\u63a5\u5728\u5bbf\u4e3b\u673a\u7684\u7269\u7406\u7f51\u7edc\u63a5\u53e3\u4e0a\uff0c\u5f62\u6210\u4e00\u4e2a\u4e8c\u5c42\u7f51\u7edc\u94fe\u63a5\uff0c\u51cf\u5c11\u4e86\u8f6c\u53d1\u8def\u5f84<\/p>\n
\"\"<\/div><\/p>\n
\u865a\u62df\u7f51\u7edc\u4ecb\u7ecd\u8be6\u89c1\uff1ahttps:\/\/egonlin.com\/?p=7245<\/a><\/p>\n
\u5bf9\u4e8e\u7f51\u7edc\u5b9e\u65f6\u6027\u8981\u6c42\u8f83\u9ad8\u7684\u5e94\u7528\u53ef\u4ee5\u8003\u8651\u91c7\u7528macvlan\u6216ipvlan\uff0c\u4f46\u7531\u4e8e\u5b83\u4fe9\u90fd\u662f\u5c06\u7f51\u7edc\u63a5\u53e3\u76f4\u63a5\u6302\u5230\u4e86\u7269\u7406\u7f51\u7edc\u63a5\u53e3\u4e0a\uff0c\u4f60\u65e0\u6cd5\u4e3a\u5bf9\u4e0d\u540c\u7684\u5bb9\u5668\u5b9a\u5236\u5355\u72ec\u7684iptables\u89c4\u5219\uff0c\u800c\u8fd9\u5374\u662fk8s\u4e2d\u7684svc\u8d56\u4ee5\u8fd0\u884c\u7684\u6839\u672c\u3002<\/p>\n
\u53ef\u4ee5\u7528netperf\uff1a\u5de5\u5177\u6765\u8fdb\u6d4b\u8bd5\uff0c\u5b83\u662f\u4e00\u4e2a\u6d4b\u8bd5\u7f51\u7edc\u6027\u80fd\u7684\u5de5\u5177\uff0c\u63d0\u4f9b\u5355\u9879\u541e\u5410\u91cf\u548c\u7aef\u5230\u7aef\u7684\u5ef6\u8fdf\u6d4b\u8bd5\uff0c \u5728unix\u7cfb\u7edf\u4e2d\uff0c\u53ef\u4ee5\u76f4\u63a5\u8fd0\u884c\u53ef\u6267\u884c\u7a0b\u5e8f\u6765\u542f\u52a8netserver\u3002\u6d4b\u8bd5\u7684\u65f6\u5019\uff0c\u5fc5\u987b\u5728\u4e24\u53f0\u673a\u5668\u4e0a\u540c\u65f6\u5b89\u88c5netperf,\u5f53netserver\u5728server\u7aef\u542f\u52a8\u4ee5\u540e\uff0c\u5c31\u53ef\u4ee5\u5728client\u7aef\u8fd0\u884cnetperf\u6765\u6d4b\u8bd5\u7f51\u7edc\u7684\u6027\u80fd\u3002<\/p>\n
https:\/\/hewlettpackard.github.io\/netperf\/<\/a><\/p>\n
https:\/\/centos.pkgs.org\/7\/lux\/netperf-2.7.0-1.el7.lux.x86_64.rpm.html<\/a><\/p>\n
\u5b89\u88c5<\/p>\n
wget http:\/\/repo.iotti.biz\/CentOS\/7\/x86_64\/netperf-2.7.0-1.el7.lux.x86_64.rpm\n\nrpm -ivh netperf-2.7.0-1.el7.lux.x86_64.rpm<\/code><\/pre>\n
\u547d\u4ee4\u4ecb\u7ecd<\/p>\n
\u6839\u636e\u4f5c\u7528\u8303\u56f4\u7684\u4e0d\u540c\uff0cnetperf\u7684\u547d\u4ee4\u884c\u53c2\u6570\u53ef\u4ee5\u5206\u4e3a\u4e24\u5927\u7c7b\uff1a\u5168\u5c40\u547d\u4ee4\u884c\u53c2\u6570\u3001\u6d4b\u8bd5\u76f8\u5173\u7684\u5c40\u90e8\u53c2\u6570\uff0c\u4e24\u8005\u4e4b\u95f4\u4f7f\u7528--\u5206\u9694\uff1a\nNetperf [global options] \u2013-[test-specific options]\n\u5176\u4e2d\uff1a\n\u5168\u5c40\u547d\u4ee4\u884c\u53c2\u6570\u5305\u62ec\u5982\u4e0b\u9009\u9879\uff1a\n-H host \uff1a\u6307\u5b9a\u8fdc\u7aef\u8fd0\u884cnetserver\u7684server IP\u5730\u5740\u3002\n-l testlen\uff1a\u6307\u5b9a\u6d4b\u8bd5\u7684\u65f6\u95f4\u957f\u5ea6\uff08\u79d2\uff09\n-t testname\uff1a\u6307\u5b9a\u8fdb\u884c\u7684\u6d4b\u8bd5\u7c7b\u578b\uff0c\u5305\u62ecTCP_STREAM\uff0cUDP_STREAM\uff0cTCP_RR\uff0cTCP_CRR\uff0cUDP_RR\n\n\u6d4b\u8bd5\u76f8\u5173\u7684\u5c40\u90e8\u53c2\u6570\u5305\u62ec\u5982\u4e0b\u9009\u9879\uff1a\n-s size \u8bbe\u7f6e\u672c\u5730\u7cfb\u7edf\u7684socket\u53d1\u9001\u4e0e\u63a5\u6536\u7f13\u51b2\u5927\u5c0f\n-S size \u8bbe\u7f6e\u8fdc\u7aef\u7cfb\u7edf\u7684socket\u53d1\u9001\u4e0e\u63a5\u6536\u7f13\u51b2\u5927\u5c0f\n-m size \u8bbe\u7f6e\u672c\u5730\u7cfb\u7edf\u53d1\u9001\u6d4b\u8bd5\u5206\u7ec4\u7684\u5927\u5c0f\n-M size \u8bbe\u7f6e\u8fdc\u7aef\u7cfb\u7edf\u63a5\u6536\u6d4b\u8bd5\u5206\u7ec4\u7684\u5927\u5c0f\n-D \u5bf9\u672c\u5730\u4e0e\u8fdc\u7aef\u7cfb\u7edf\u7684socket\u8bbe\u7f6eTCP_NODELAY\u9009\u9879<\/code><\/pre>\n
\u5f00\u542f\u670d\u52a1\u7aef<\/p>\n
netserver -4 -L 0.0.0.0 -p 9991\n# \u6216\u8005\npython -m SimpleHTTPServer 8080<\/code><\/pre>\n
\u5bb9\u5668\u91cc\u6d4b\u8bd5<\/p>
<\/div>
\u67e5\u770b\u66f4\u591a<\/h2>
\u8054\u7cfb\u7ba1\u7406\u5458\u5fae\u4fe1tutu19192010\uff0c\u6ce8\u518c\u8d26\u53f7<\/p>\n<\/div>
<\/div>
<\/td><\/tr>
<\/td><\/tr><\/tbody><\/table>
<\/td><\/tr><\/tbody><\/table><\/form>
Register<\/a><\/div>
Forgotten username or password?<\/a><\/div>
<\/div><\/div><\/div>
<\/div>","protected":false},"excerpt":{"rendered":"
\u4e00 \u4e86\u89e3\u6574\u4e2a\u901a\u4fe1\u6d41\u7a0b \u6211\u4eec\u5148\u6765\u521b\u5efa\u4e00\u4e2a\u6ca1\u6709\u7f51\u7edc\u7684\u5bb9\u5668\uff0c\u7136\u540e\u624b\u52a8\u4e3a\u5bb9\u5668\u6784\u5efa\u51fa\u5b8c\u6574\u7684\u7f51\u7edc\u901a\u4fe1\u6d41\u7a0b\uff0c\u4ee5\u6b64\u6765\u4e86\u89e3\u6574\u4f53\u7684 […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[427,422],"tags":[],"_links":{"self":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/posts\/7428"}],"collection":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7428"}],"version-history":[{"count":0,"href":"https:\/\/egonlin.com\/index.php?rest_route=\/wp\/v2\/posts\/7428\/revisions"}],"wp:attachment":[{"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7428"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7428"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/egonlin.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}