永久关闭docker０网络的方案

 

sudo vim /etc/systemd/system/disable-docker0.service

 

[Unit]
Description=Disable docker0 bridge at boot
After=network.target docker.service
Wants=network.target

[Service]
Type=oneshot
ExecStart=/usr/sbin/ip link set docker0 down
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

[Unit]
Description=Disable docker0 bridge at boot
After=network.target docker.service
#Requires=docker.service
# 等待网络接口出现
Wants=network-online.target
After=network-online.target

[Service]
Type=oneshot
ExecStartPre=/bin/bash -c 'until [ -e /sys/class/net/docker0 ]; do sleep 1; done'
ExecStart=/usr/sbin/ip link set docker0 down
# 或者使用以下命令，即使docker0不存在也不会报错
# ExecStart=/bin/sh -c '/usr/sbin/ip link show docker0 >/dev/null 2>&1 && /usr/sbin/ip link set docker0 down || true'
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

 

sudo systemctl start disable-docker0

sudo systemctl enable disable-docker0 

这样每次启动后都会关闭这个网口