當我在Ubuntu的泊塢窗容器中運行/sbin/ebtables --list,我得到的消息:如何在Docker中使用ebtables?
[email protected]:/core-release-4.8# /sbin/ebtables --list
modprobe: ERROR: ../libkmod/libkmod.c:557 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.43-boot2docker/modules.dep.bin'
The kernel doesn't support the ebtables 'filter' table.
我怎樣才能啓用泊塢ebtables?
默認情況下,docker不支持此功能。但是你可以通過以下參數同時發動泊塢窗容器支持Linux的能力:
--cap-add Add Linux capabilities
--cap-drop Drop Linux capabilities
對於網絡能力像的iptables,ebtables等必須添加NET_ADMIN能力,如:
docker run -it --cap-add=NET_ADMIN ubuntu bash
如果ebtables不包
sudo apt-get update
sudo apt-get install ebtables
然後列表EBT:安裝然後使用命令在容器安裝ebtables包ables:
/sbin/ebtables --list
Bridge table: filter
Bridge chain: INPUT, entries: 0, policy: ACCEPT
Bridge chain: FORWARD, entries: 0, policy: ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT