n1 armbian系统安装docker、openwrt-aarch64
## 安装docker和docker compose
安装必要依赖
```bash
sudo apt update
sudo apt install -y ca-certificates curl gnupg lsb-release
使用官方安装脚本
curl -fsSL https://get.docker.com | sudo sh
设置开机自启
sudo systemctl enable docker
sudo systemctl start docker
安装openwrt-aarch64
前往dockerHub中搜索“openwrt-aarch64”选一个合适的镜像,这里选择了“piaoyizy/openwrt-aarch64”。
打开网卡混杂模式
sudo ip link set eth0 promisc on
创建网络(配置好网卡的网段和网关)
docker network create -d macvlan \
--subnet=192.168.8.0/24 \
--gateway=192.168.8.1 \
-o parent=eth0 \
macnet
拉取镜像
- 先直接尝试拉取
docker pull piaoyizy/openwrt-aarch64:latest
- 如果连不上,尝试配置docker的镜像
sudo nano /etc/docker/daemon.json
粘贴以下内容(ctrl+X 保存)
{
"registry-mirrors": [
"https://registry.docker-cn.com",
"https://docker.mirrors.ustc.edu.cn",
"https://hub-mirror.c.163.com",
"https://mirror.baidubce.com",
"https://ccr.ccs.tencentyun.com"
]
}
然后重启docker服务
sudo systemctl daemon-reexec
# 或 sudo systemctl daemon-reload
sudo systemctl restart docker
# 再次尝试拉取
docker pull piaoyizy/openwrt-aarch64:latest
- 我到这里仍然失败了,没办法,我只能使用科学大法了
# 干掉docker的镜像配置
sudo rm /etc/docker/daemon.json
# 重启
sudo systemctl daemon-reexec
sudo systemctl restart docker
# 设置代理
export http_proxy=http://192.168.8.181:7890
export https_proxy=http://192.168.8.181:7890
docker内代理配置
sudo mkdir -p /etc/systemd/system/docker.service.d
sudo nano /etc/systemd/system/docker.service.d/http-proxy.conf
内容
[Service]
Environment="HTTP_PROXY=http://192.168.8.181:7890"
Environment="HTTPS_PROXY=http://192.168.8.181:7890"
重启
sudo systemctl daemon-reexec
sudo systemctl restart docker
此时再拉取镜像 docker pull piaoyizy/openwrt-aarch64:latest就没问题了。
取消代理
unset http_proxy
unset https_proxy
unset HTTP_PROXY
unset HTTPS_PROXY
sudo rm /etc/systemd/system/docker.service.d/http-proxy.conf
# 重启
sudo systemctl restart docker
# 验证
echo $http_proxy
echo $https_proxy
docker info | grep -i proxy
启动镜像openwrt-aarch64
准备docker-compose
mkdir -p ~/openwrt
cd ~/openwrt
touch docker-compose.yml
docker-compose.yml内容
services:
openwrt:
image: piaoyizy/openwrt-aarch64:latest
container_name: openwrt
privileged: true
restart: always
networks:
macnet:
ipv4_address: 192.168.8.100
tty: true
networks:
macnet:
external: true
启动
docker compose up -d
修改网络, 复制网络配置出来
docker cp openwrt:/etc/config/network ./network_config
然后修改里面的内容
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd5e:1c0e:3bbf::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.8.100' # 改成你想要的地址
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '192.168.8.1' # 网关
option dns '192.168.8.1' # dns可选
增加docker-compose.yml中的挂载配置
services:
openwrt:
image: piaoyizy/openwrt-aarch64:latest
container_name: openwrt
privileged: true
restart: always
volumes: # 挂载
- ./network_config:/etc/config/network
networks:
macnet:
ipv4_address: 192.168.8.100
tty: true
networks:
macnet:
external: true
重新启动容器
# 停止容器
docker compose down
# 以后正常情况下使用docker compose stop !!! 不要用down!
# 启动
docker compose up -d
登录面板 192.168.8.100, 默认账号 root 密码 password
旁路由配置
网络 -> 接口
不出意外应该只有一个Lan
点击编辑
点击"DHCP服务器" -> 常规设置 -> 忽略此接口(不在此接口提供 DHCP 服务) 勾选
高级设置 -> 动态 DHCP 取消勾选
IPv6设置 -> 全部禁用
openclash的代理好像默认启用了账号密码, 关闭入口在"覆写配置" -> "设置 SOCKS5/HTTP(S) 认证信息"