Linux docker shaper: Управление траффиком внутри контейнера
Материал из noname.com.ua
Ограничение траффика в контейнере
В примере 6142712b1eef это индентификатор контейнера
Получить PID процесса докера (внутри контейнера этот процесс будет иметь PID=1)
docker inspect -f '{{.State.Pid}}' "6142712b1eef"
export DOCKER_CONTAINER_UUID="6142712b1eef"
mkdir -p /var/run/netns
ln -sf /proc/$(docker inspect -f '{{.State.Pid}}' "${DOCKER_CONTAINER_UUID}")/ns/net "/var/run/netns/${DOCKER_CONTAINER_UUID}"
# ip netns 6142712b1eef (id: 6)
modprobe ifb numifbs=10
ip link set dev ifb0 netns ${DOCKER_CONTAINER_UUID}
ip link set dev ifb1 netns ${DOCKER_CONTAINER_UUID}
ip netns exec ${DOCKER_CONTAINER_UUID} bash
ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.255.5 netmask 255.255.255.0 broadcast 192.168.255.255
ether 02:42:c0:a8:ff:05 txqueuelen 0 (Ethernet)
RX packets 1680190 bytes 287513973 (287.5 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1094755 bytes 119082164 (119.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ifb0: flags=130<BROADCAST,NOARP> mtu 1500
ether b2:fa:b3:1f:cc:21 txqueuelen 32 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ifb1: flags=130<BROADCAST,NOARP> mtu 1500
ether ca:44:06:d0:6d:c9 txqueuelen 32 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
ip link set up dev ifb0 ip link set up dev ifb1
