我正在尝试让一个标准的 unifi-controller 容器在我的网络上运行,并为从我的服务器计算机到我的工作站计算机的 unifi-controller 网站提供服务,但没有成功。
浏览到
https://192.168.1.33:8443https://192.168.1.81:8443郑重声明,我花了几个小时在谷歌上搜索。我可以在无根 podman 中运行容器并查看网站,但 unifi 交换机和 AP 没有被采用。现在我试图将容器直接放在网络上,但看不到网站。我的设置:
cockpit-podman/mantic,mantic,now 77-1 all [installed]
containerd/mantic 1.7.2-0ubuntu2 amd64
containernetworking-plugins/mantic-updates,mantic-security,now 1.1.1+ds1-3ubuntu0.23.10.2 amd64 [installed,automatic]
containers-storage/mantic-updates,mantic-security 1.43.0+ds1-8ubuntu0.1 amd64
podman-compose/mantic,mantic,now 1.0.6-1 all [installed]
podman-docker/mantic-updates 4.3.1+ds1-8ubuntu1 amd64
podman-toolbox/mantic 0.0.99.3+git20230118+446d7bfdef6a-2 amd64
podman/mantic-updates,now 4.3.1+ds1-8ubuntu1 amd64 [installed]
# /etc/containers/containers.conf
[network]
network_backend = "cni"
我的服务器机器是192.168.1.33。旧的 unifi-controller 是 192.168.1.81,所以我尝试让容器使用相同的 .81 地址。我的工作站是192.168.1.244。网关是 192.168.1.1 我尝试通过 grub 在服务器 (.33) 上禁用 IPv6。
服务器上的防火墙已关闭.33
$ firewall-cmd --state
not running
这是 tcpdump 的一部分,显示了 .33 和 .81 与我的工作站 .244 之间的握手:
sudo tcpdump -n -i any tcp port 8443
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
21:30:37.096764 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [F.], seq 1557719450, ack 2685731664, win 2058, options [nop,nop,TS val 2316513246 ecr 3266976863], length 0
21:30:37.098009 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:30:37.098039 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53246: Flags [.], ack 1, win 505, options [nop,nop,TS val 3266987045 ecr 2316513246], length 0
21:30:47.130507 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:30:47.130553 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53246: Flags [.], ack 1, win 505, options [nop,nop,TS val 3266997078 ecr 2316513246], length 0
21:30:57.132178 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:30:57.132225 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53246: Flags [.], ack 1, win 505, options [nop,nop,TS val 3267007080 ecr 2316513246], length 0
21:31:07.139262 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:31:07.139309 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53246: Flags [.], ack 1, win 505, options [nop,nop,TS val 3267017087 ecr 2316513246], length 0
21:31:17.144584 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:31:17.144631 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53246: Flags [.], ack 1, win 505, options [nop,nop,TS val 3267027092 ecr 2316513246], length 0
21:31:27.148244 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:31:27.148291 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53246: Flags [.], ack 1, win 505, options [nop,nop,TS val 3267037096 ecr 2316513246], length 0
21:31:37.101692 enp4s11 In IP 192.168.1.244.53246 > 192.168.1.33.8443: Flags [R.], seq 1, ack 1, win 2058, length 0
21:31:55.067438 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [S], seq 1606975559, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 4188130363 ecr 0,sackOK,eol], length 0
21:31:55.067509 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [S.], seq 678511076, ack 1606975560, win 65160, options [mss 1460,sackOK,TS val 3267065015 ecr 4188130363,nop,wscale 7], length 0
21:31:55.067736 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, options [nop,nop,TS val 4188130363 ecr 3267065015], length 0
21:31:55.068322 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [P.], seq 1:640, ack 1, win 2058, options [nop,nop,TS val 4188130364 ecr 3267065015], length 639
21:31:55.068348 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267065016 ecr 4188130364], length 0
21:32:05.069258 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:32:05.069301 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267075017 ecr 4188130364], length 0
21:32:15.069316 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:32:15.069362 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267085017 ecr 4188130364], length 0
21:32:25.535317 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:32:25.535365 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267095483 ecr 4188130364], length 0
21:32:35.536163 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:32:35.536209 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267105483 ecr 4188130364], length 0
21:32:40.736487 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [F.], seq 640, ack 1, win 2058, options [nop,nop,TS val 4188176031 ecr 3267105483], length 0
21:32:40.778233 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 641, win 505, options [nop,nop,TS val 3267110726 ecr 4188176031], length 0
21:32:50.778397 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:32:50.778444 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 641, win 505, options [nop,nop,TS val 3267120726 ecr 4188176031], length 0
21:33:00.779838 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:33:00.779872 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 641, win 505, options [nop,nop,TS val 3267130727 ecr 4188176031], length 0
21:33:10.780264 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:33:10.780310 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 641, win 505, options [nop,nop,TS val 3267140728 ecr 4188176031], length 0
21:33:20.795752 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:33:20.795798 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 641, win 505, options [nop,nop,TS val 3267150743 ecr 4188176031], length 0
21:33:30.900778 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:33:30.900824 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53249: Flags [.], ack 641, win 505, options [nop,nop,TS val 3267160848 ecr 4188176031], length 0
21:33:40.779916 enp4s11 In IP 192.168.1.244.53249 > 192.168.1.33.8443: Flags [R.], seq 641, ack 1, win 2058, length 0
21:35:12.292258 enp4s11 In IP 192.168.1.244.53264 > 192.168.1.33.8443: Flags [S], seq 504360939, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 1219540159 ecr 0,sackOK,eol], length 0
21:35:12.292330 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53264: Flags [S.], seq 399464650, ack 504360940, win 65160, options [mss 1460,sackOK,TS val 3267262240 ecr 1219540159,nop,wscale 7], length 0
21:35:12.292552 enp4s11 In IP 192.168.1.244.53264 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, options [nop,nop,TS val 1219540159 ecr 3267262240], length 0
21:35:12.293229 enp4s11 In IP 192.168.1.244.53264 > 192.168.1.33.8443: Flags [P.], seq 1:640, ack 1, win 2058, options [nop,nop,TS val 1219540160 ecr 3267262240], length 639
21:35:12.293263 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53264: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267262241 ecr 1219540160], length 0
21:35:22.354150 enp4s11 In IP 192.168.1.244.53264 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:35:22.354191 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53264: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267272301 ecr 1219540160], length 0
21:35:32.355579 enp4s11 In IP 192.168.1.244.53264 > 192.168.1.33.8443: Flags [.], ack 1, win 2058, length 0
21:35:32.355626 enp4s11 Out IP 192.168.1.33.8443 > 192.168.1.244.53264: Flags [.], ack 640, win 505, options [nop,nop,TS val 3267282303 ecr 1219540160], length 0
21:35:35.051804 enp4s11 P IP 192.168.1.244.53265 > 192.168.1.81.8443: Flags [S], seq 3983566077, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 483007314 ecr 0,sackOK,eol], length 0
21:35:35.051853 enp4s11 Out IP 192.168.1.81.8443 > 192.168.1.244.53265: Flags [R.], seq 0, ack 3983566078, win 0, length 0
21:35:37.026911 enp4s11 P IP 192.168.1.244.53266 > 192.168.1.81.8443: Flags [S], seq 53347100, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 1561994109 ecr 0,sackOK,eol], length 0
21:35:37.026973 enp4s11 Out IP 192.168.1.81.8443 > 192.168.1.244.53266: Flags [R.], seq 0, ack 53347101, win 0, length 0
21:35:38.319988 enp4s11 P IP 192.168.1.244.53267 > 192.168.1.81.8443: Flags [S], seq 586945380, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 2120761900 ecr 0,sackOK,eol], length 0
21:35:38.320050 enp4s11 Out IP 192.168.1.81.8443 > 192.168.1.244.53267: Flags [R.], seq 0, ack 586945381, win 0, length 0
我尝试使用两组不同的指令进行设置,是的,我在尝试另一组之前删除了其中一组的网络。
我在这里找到并遵循说明:https://community.ui.com/questions/How-To-Unifi-Controller-and-Podman/c2ca3cbc-3317-4454-995d-41f2156f6d7b和https://community .ui.com/questions/How-To-Unifi-Contoller-Docker-home-network/fc6a9441-94b0-48b0-801a-6f38e2d4bb21
这是 cni 网络:
# /etc/cni/net.d/90-unifinet.conflist
{
"cniVersion": "0.4.0",
"name": "unifinet",
"plugins": [
{
"type": "macvlan",
"master": "enp4s11",
"ipam": {
"type": "static",
"addresses": [
{
"address": "192.168.1.81/24",
"gateway": "192.168.1.1"
}
],
"routes": [
{
"dst": "0.0.0.0/0"
}
],
"dns": {
"nameservers": [
"192.168.1.1"
]
}
}
}
]
}
这是我启动容器的方式:
# sudo ~/projects/unifi-controller/startup_unifinet.sh
podman run \
-d \
--privileged \
--name unifi-controller \
--network unifinet \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=America/NewYork \
-p 3478:3478/udp \
-p 10001:10001/udp \
-p 8080:8080 \
-p 8081:8081 \
-p 8443:8443 \
-p 8843:8843 \
-p 8880:8880 \
-p 6789:6789 \
-v /home/robert/projects/unifi-controller/config:/config \
--restart unless-stopped \
docker.io/linuxserver/unifi-controller:amd64-5.13.32-ls72
我还发现并关注了这个博客:https://blog.carroarmato0.be/2020/05/08/exusing-podman-container-on-the-network/
所以 cni 配置是:
# /etc/cni/net.d/90-host-local.conflist
{
"cniVersion": "0.4.0",
"name": "host_local",
"plugins": [
{
"type": "macvlan",
"master": "enp4s11",
"ipam": {
"type": "host-local",
"ranges": [
[
{
"subnet": "192.168.1.0/24",
"rangeStart": "192.168.1.80",
"rangeEnd": "192.168.1.84",
"gateway": "192.168.1.1"
}
]
],
"routes": [
{
"dst": "0.0.0.0/0"
}
]
}
},
{
"type": "tuning",
"capabilities": {
"mac": true
}
}
]
}
启动是:
# sudo ~/projects/unifi-controller/startup_host_local.sh
podman run \
-d \
--privileged \
--name unifi-controller \
--dns 192.168.1.1 \
--dns-search lan \
--net host_local \
--ip 192.168.1.81 \
--mac-address 2A:7C:AA:ED:A2:AF \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=America/NewYork \
-p 3478:3478/udp \
-p 10001:10001/udp \
-p 8080:8080 \
-p 8081:8081 \
-p 8443:8443 \
-p 8843:8843 \
-p 8880:8880 \
-p 6789:6789 \
-v /home/robert/projects/unifi-controller/config:/config \
--restart unless-stopped \
docker.io/linuxserver/unifi-controller:amd64-5.13.32-ls72
有什么想法吗? TIA
ps。我原来的 unifi-controller 机器坏了,我让事情搁置了几年。现在我正在尝试使用容器来恢复控制器。这就是为什么 unifi-controller 版本这么旧的原因。
好吧,这很尴尬......点击unifi网站,登录,点击将我重定向到https://192.168.1.81:8443......然后我得到了登录页面!仅供参考,这是第二个示例,主机本地网络有效。另外,我选择使用 CNI 网络而不是 netavark,因为一两篇文章指出 netavark 直到 podman 4.5 才完全正常工作?也许这只是 dhcp 功能?我将把这个问题留给下一个试图弄清楚如何让 podman 工作的人。最后,我不需要从托管计算机访问容器 UI,这与其他几个问题不同。第一篇博客讨论了解决该问题的方法,我在 stackexchange 上没有见过。