将OpenWrt制作为Docker镜像

安装Docker

• 按照Docker官网的教程，我们首先卸载所有冲突的包，apt-get可能会提示没有安装这些包

  Ubuntu

  for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
  

  Debian

  for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
  

• 设置Docker的apt储存库

  Ubuntu

  # Add Docker's official GPG key:
  sudo apt-get update
  sudo apt-get install ca-certificates curl
  sudo install -m 0755 -d /etc/apt/keyrings
  sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
  sudo chmod a+r /etc/apt/keyrings/docker.asc
  
  # Add the repository to Apt sources:
  echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
    $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
    sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  sudo apt-get update
  

  Debian

  # Add Docker's official GPG key:
  sudo apt-get update
  sudo apt-get install ca-certificates curl
  sudo install -m 0755 -d /etc/apt/keyrings
  sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
  sudo chmod a+r /etc/apt/keyrings/docker.asc
  
  # Add the repository to Apt sources:
  echo \
    "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
    $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
    sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
  sudo apt-get update
  

• 安装Docker

  sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
  

编译

编译就不多说了，使用GitHub云编译，编译完成后在Release中能找到 openwrt-x86-64-generic-rootfs.tar.gz文件，我们把它下载下来制作成Docker镜像。

制作为Docker镜像

这一步其实也完全并入GitHub Actions中，我暂时先手动制作，等有时间了再更新GitHub Actions。

• 制作Dockerfile

  FROM scratch
  ADD openwrt-x86-64-generic-rootfs.tar.gz /
  WORKDIR /
  CMD ["/sbin/init"]
  

• 制作Docker镜像

  docker build -t openwrt:latest .
  

在Linux上部署

由于macvlan限制了宿主机和Docker容器之间的通信，我执行完这些命令之后还是无法ping通OpenWrt的IP地址，以下内容仅作为个人记录。

• 假设我的lan口为enp0s1，开启混杂模式

  ip link set enp0s1 promisc on
  

• 设置macvlan

  docker network create -d macvlan \
      --subnet=192.168.2.0/24 \
      --gateway=192.168.2.1 \
      -o parent=enp0s1 \
      wrt_lan
  

• 启动OpenWrt镜像

  docker run -d --name openwrt \
      --net wrt_lan \
      --ip 192.168.2.66 \
      --privileged \
      openwrt /sbin/init
  

• 进入OpenWrt容器内将LAN口修改为静态IP地址

  docker exec -it openwrt sh
  

  然后编辑/etc/config/network

  vi /etc/config/network
  

  修改为以下内容

  config interface 'lan'
          option type 'bridge'
          option ifname 'eth0'
          option proto 'static'
          option netmask '255.255.255.0'
          option ip6assign '60'
          option ipaddr '192.168.2.66'	# OpenWrt的IP地址
          option gateway '192.168.2.1'	# 局域网主路由
          option dns '192.168.2.1'		# 局域网主路由
  

• 重启OpenWrt网络服务

  /etc/init.d/network restart