Ubuntu通过Docker部署OpenWRT

硬件信息：N5095+8G2666MHz+512GM.2
系统信息： Ubuntu 22.04.1 LTS
以下内容默认Ubuntu已经安装最新版Docker，如未安装需先安装Docker
部署通过纯命令行进行，无需图形界面

一、环境配置

使用官方安装脚本，并使用阿里云镜像加速，防止无法访问Docker原网站导致访问超时：
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
或
curl -sSL https://get.daocloud.io/docker | sh

使用MobaXterm终端连接Ubuntu，使用ifconfig命令查看当前正在使用的网卡。找到正在启动的网卡名称后，开启网卡的混杂模式

 <span class="token function">ip</span> <span class="token function">link</span> <span class="token builtin class-name">set</span> enp3s0 promisc on 
 <span class="token function">ip</span> <span class="token function">link</span> <span class="token builtin class-name">set</span> enp3s0 promisc on 
 ip link set enp3s0 promisc on 

随后配置MACVLAN，其中注意：192.168.0.0和192.168.0.1根据实际情况进行替换
例如：当使用上述ifconfig命令发现设备的IP地址为192.168.1.112，则需要将192.168.0.0和192.168.0.1替换为192.168.1.0和192.168.1.1。

<span class="token function">docker</span> network create <span class="token parameter variable">-d</span> macvlan <span class="token parameter variable">--subnet</span><span class="token operator">=</span><span class="token number">192.168</span>.0.0/24 <span class="token parameter variable">--gateway</span><span class="token operator">=</span><span class="token number">192.168</span>.0.1 <span class="token parameter variable">-o</span> <span class="token assign-left variable">parent</span><span class="token operator">=</span>enp3s0 macnet 
<span class="token function">docker</span> network create <span class="token parameter variable">-d</span> macvlan <span class="token parameter variable">--subnet</span><span class="token operator">=</span><span class="token number">192.168</span>.0.0/24 <span class="token parameter variable">--gateway</span><span class="token operator">=</span><span class="token number">192.168</span>.0.1 <span class="token parameter variable">-o</span> <span class="token assign-left variable">parent</span><span class="token operator">=</span>enp3s0 macnet 
docker network create -d macvlan --subnet=192.168.0.0/24 --gateway=192.168.0.1 -o parent=enp3s0 macnet 

创建好网络后，可以使用以下命令查看设置好的网络，其中第三个NAME为macnet即为我们刚才创建网络：

<span class="token function">docker</span> network <span class="token function">ls</span> NETWORK ID NAME DRIVER SCOPE ef157b2f1695 bridge bridge <span class="token builtin class-name">local</span> 9e6448a30c4d <span class="token function">host</span> <span class="token function">host</span> <span class="token builtin class-name">local</span> a4fcd62a3fcb macnet macvlan <span class="token builtin class-name">local</span> 7482e50ca32b none null <span class="token builtin class-name">local</span> 
<span class="token function">docker</span> network <span class="token function">ls</span> NETWORK ID NAME DRIVER SCOPE ef157b2f1695 bridge bridge <span class="token builtin class-name">local</span> 9e6448a30c4d <span class="token function">host</span> <span class="token function">host</span> <span class="token builtin class-name">local</span> a4fcd62a3fcb macnet macvlan <span class="token builtin class-name">local</span> 7482e50ca32b none null <span class="token builtin class-name">local</span> 
docker network ls NETWORK ID NAME DRIVER SCOPE ef157b2f1695 bridge bridge local 9e6448a30c4d host host local a4fcd62a3fcb macnet macvlan local 7482e50ca32b none null local 

宿主机的网络配置完成后，现在对OpenWRT的网络进行配置：

 <span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /home/docker/openwrt  <span class="token function">vim</span> /home/docker/openwrt/network 
 <span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /home/docker/openwrt  <span class="token function">vim</span> /home/docker/openwrt/network 
 mkdir -p /home/docker/openwrt  vim /home/docker/openwrt/network 

network 配置文件如下：

config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option packet_steering '1' config interface 'lan' option type 'bridge' option ifname 'eth0' option proto 'static' option netmask '255.255.255.0' option ip6assign '60' option ipaddr '192.168.0.3' option gateway '192.168.0.1' option dns '192.168.0.1' config interface 'vpn0' option ifname 'tun0' option proto 'none' 
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option packet_steering '1' config interface 'lan' option type 'bridge' option ifname 'eth0' option proto 'static' option netmask '255.255.255.0' option ip6assign '60' option ipaddr '192.168.0.3' option gateway '192.168.0.1' option dns '192.168.0.1' config interface 'vpn0' option ifname 'tun0' option proto 'none' 
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option packet_steering '1' config interface 'lan' option type 'bridge' option ifname 'eth0' option proto 'static' option netmask '255.255.255.0' option ip6assign '60' option ipaddr '192.168.0.3' option gateway '192.168.0.1' option dns '192.168.0.1' config interface 'vpn0' option ifname 'tun0' option proto 'none' 

其中option ipaddr '192.168.0.3'需要将IP地址设置为你想要给OpenWRT分配的网络地址；option gateway '192.168.0.1'和option gateway '192.168.0.1'需要设置为路由器的地址

二、Docker配置

使用docker命令拉取镜像并运行

<span class="token function">docker</span> run <span class="token parameter variable">--restart</span> always <span class="token parameter variable">--name</span> openwrt <span class="token parameter variable">-d</span> <span class="token parameter variable">--network</span> macnet <span class="token parameter variable">--privileged</span> <span class="token parameter variable">--ip</span> <span class="token number">192.168</span>.0.3 <span class="token parameter variable">-v</span> /home/docker/openwrt/network:/etc/config/network registry.cn-shanghai.aliyuncs.com/suling/openwrt:x86_64 /sbin/init 
<span class="token function">docker</span> run <span class="token parameter variable">--restart</span> always <span class="token parameter variable">--name</span> openwrt <span class="token parameter variable">-d</span> <span class="token parameter variable">--network</span> macnet <span class="token parameter variable">--privileged</span> <span class="token parameter variable">--ip</span> <span class="token number">192.168</span>.0.3 <span class="token parameter variable">-v</span> /home/docker/openwrt/network:/etc/config/network registry.cn-shanghai.aliyuncs.com/suling/openwrt:x86_64 /sbin/init 
docker run --restart always --name openwrt -d --network macnet --privileged --ip 192.168.0.3 -v /home/docker/openwrt/network:/etc/config/network registry.cn-shanghai.aliyuncs.com/suling/openwrt:x86_64 /sbin/init 

命令中的192.168.0.3需要替换为刚刚option ipaddr '192.168.0.3'中设置的IP地址
如果运行命令后提示WARNING: IPv4 forwarding is disabled. Networking will not work则需要进行如下配置：

<span class="token function">vim</span> /etc/sysctl.conf  <span class="token function">sysctl</span> <span class="token parameter variable">-p</span> /etc/sysctl.conf 
<span class="token function">vim</span> /etc/sysctl.conf  <span class="token function">sysctl</span> <span class="token parameter variable">-p</span> /etc/sysctl.conf 
vim /etc/sysctl.conf  sysctl -p /etc/sysctl.conf 

再次执行上面命令即可

三、OpenWRT配置

可以使用docker ps命令看到容器正常运行后，登录刚刚配置的ipaddr的IP地址，进行OpenWRT的后台页面
用户名：root
密码：password
进入后台页面可以根据需要配置Clash、SmartDNS等服务实现科学上网或广告屏蔽等功能

四、OpenWRT高级服务使用

To Be Continued…

参考文档：

原文链接：https://blog.csdn.net/weixin_43620111/article/details/127831692?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522171836883916800184138762%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fblog.%2522%257D&request_id=171836883916800184138762&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~blog~first_rank_ecpm_v1~times_rank-5-127831692-null-null.nonecase&utm_term=docker%E9%83%A8%E7%BD%B2