Home > Others

Configuring a LAN network with pipework for Docker multi-container

Source: Internet
Author: User
Tags git clone docker run openvswitch
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Configuring a LAN network with pipework for Docker multi-container problem: Use the Pipework tool to specify the LAN IP address for the Docker container, the container cannot communicate with the LAN or the external network.

Pipework is a docker network configuration tool developed by Docker's engineer Jérôme Petazzoni. Docker's own network functions are relatively simple and can not meet many complex application scenarios. Therefore, there are many open source projects to improve the network functions of Docker, such as pipework, weave, flannel and so on.
Here, the author, in the process of referencing two books, encountered a problem when using pipework to configure Docker multi-container, as well as the final solution.

Operating procedure: 1). Download pipework from GitHub:

$ git clone https://github.com/jpetazzo/pipework 2). Open a container with no network mode designation (–net=none)

$ sudo docker run-it--rm--net=none--name cookbook ubuntu:14.04 bash
root@15afb0c398c5:/# ip-d link show
1:lo : <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN mode default group default 
    link/loopback 00:00:00 : 00:00:00 BRD 00:00:00:00:00:00 promiscuity 0 
root@15afb0c398c5:/# ifconfig
lo        Link encap:local Loopback  
          inet addr:127.0.0.1  mask:255.0.0.0
          Inet6 Addr::: 1/128 scope:host up
          LOOPBACK RUNNING  mtu:65536  metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0
          overruns:0 carrier:0 collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
3). Use Pipework to complete cookbook container configuration in another terminal window 
$ sudo pipework/pipework br0 cookbook 192.168.1.10/24@192.168.1.254 [sudo] password for mingchen: [mingchen:~] $ ip-d li NK Show 1:lo: <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN mode default group default Link/loo Pback 00:00:00:00:00:00 BRD 00:00:00:00:00:00 promiscuity 0 2:eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdi SC pfifo_fast State up mode default group default Qlen link/ether 64:51:06:5b:c1:7d BRD ff:ff:ff:ff:ff:ff Promisc Uity 0 3:ovs-system: <BROADCAST,MULTICAST> MTU qdisc noop State down mode default group default Link/eth  Er 6e:25:8c:28:2e:c2 brd ff:ff:ff:ff:ff:ff promiscuity 1 openvswitch 4:ovs0: <BROADCAST,UP,LOWER_UP> MTU 1500 Qdisc noqueue State UNKNOWN mode default group default Link/ether 52:c1:11:73:4b:49 BRD ff:ff:ff:ff:ff:ff promiscuit  Y 1 openvswitch 5:docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> MTU qdisc noqueue State down mode DEFAULT Group Default link/ether 02:42:ee:2d:8f:51 BRD ff:ff:ff:ff:ff:ff promiscuity 0 Bridge 6:br0: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc Noqueue State up mode default group default Link/ether 7e:09:d4:4a:a7:da BRD ff:ff:ff:ff:ff:ff Promisc  Uity 0 Bridge 8:veth1pl5035@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU qdisc pfifo_fast Master br0 State  Up mode default group default Qlen link/ether 7e:09:d4:4a:a7:da BRD ff:ff:ff:ff:ff:ff promiscuity 1
4). In the Container terminal window, check the interface eth1, and the routing rules 
root@15afb0c398c5:/# ip-d Link Show eth1 7:eth1@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc pfifo_fast s Tate up mode default group default Qlen link/ether 32:42:00:17:9d:d7 BRD ff:ff:ff:ff:ff:ff promiscuity 0 Vet    H root@15afb0c398c5:/# Route Kernel IP routing table Destination Gateway genmask Flags Metric Ref Use Iface default 192.168.1.254 0.0.0.0 UG 0 0 0 eth1 192.168.1.0 * 255 .255.255.0 U 0 0 0 eth1 root@15afb0c398c5:/# ifconfig eth1 Link encap:ethernet HWaddr 32:42:00:17:9d:d7 inet addr:192.168.1.10 bcast:0.0.0.0 mask:255.255.255.0 inet6 addr:fe80::3042:f F:FE17:9DD7/64 scope:link up broadcast RUNNING multicast mtu:1500 metric:1 RX packets:49 errors:0 Dr
          opped:0 overruns:0 frame:0 TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7980 (7.9 KB) TX bytes:690 (690.0 B) lo Link encap:local Loopback inet addr:127.0.0.1 mask:255.0. 0.0 inet6 Addr::: 1/128 scope:host up LOOPBACK RUNNING mtu:65536 metric:1 RX packets:0 Err
          ors:0 dropped:0 overruns:0 frame:0 
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0  (0.0 B) TX bytes:0
 (0.0 B)
5) List the network links on the host 
 $ ip-d Link Show 1:lo: <LOOPBACK,UP,LOWER_UP> MTU 65536 qdisc noqueue State UNKNOWN mode default group default Link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00 promiscuity 0 2:eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> m Tu qdisc pfifo_fast state up mode default group default Qlen link/ether 64:51:06:5b:c1:7d BRD ff:ff:ff:ff:ff 
    : FF promiscuity 0 3:ovs-system: <BROADCAST,MULTICAST> MTU qdisc noop State down mode default group default Link/ether 6E:25:8C:28:2E:C2 BRD ff:ff:ff:ff:ff:ff promiscuity 1 openvswitch 4:ovs0: &LT;BROADCAST,UP,LOWER_UP&G T MTU Qdisc noqueue State UNKNOWN mode default group default Link/ether 52:c1:11:73:4b:49 BRD FF:FF:FF:FF:FF:FF PR  Omiscuity 1 openvswitch 5:docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> MTU qdisc Noqueue State down mode Default group default Link/ether 02:42:ee:2d:8f:51 BRD ff:ff:ff:ff:ff:ff promiscuity 0 Bridge 6:br0: <broa Dcast,multicast,up,loWer_up> MTU Qdisc noqueue State up mode default group default Link/ether 7e:09:d4:4a:a7:da BRD ff:ff:ff:ff:ff : FF promiscuity 0 Bridge 8:VETH1PL5035@IF7: <BROADCAST,MULTICAST,UP,LOWER_UP> MTU Qdisc pfifo_fast maste 
    R br0 State up mode default group default Qlen link/ether 7e:09:d4:4a:a7:da BRD ff:ff:ff:ff:ff:ff promiscuity 1 
 Veth
6) Add the NAT masquerading rule on the host: 
[mingchen:~]
$ sudo iptables-t nat-a postrouting-s 192.168.0.0/16-j Masquerade
7) In the container ping outside the network and LAN are not 
root@15afb0c398c5:/# Ping 8.8.8.8
ping 8.8.8.8 (8.8.8.8) bytes of data.
From 192.168.1.10 icmp_seq=1 Destination host unreachable from
192.168.1.10 icmp_seq=2 Destination host unreachable< C7/>from 192.168.1.10 icmp_seq=3 Destination Host unreachable
^z
[1]+  Stopped                 Ping 8.8.8.8
root@15afb0c398c5:/# Ping 192.168.1.100
ping 192.168.1.100 (192.168.1.100) bytes of data.
From 192.168.1.10 icmp_seq=1 Destination host unreachable from
192.168.1.10 icmp_seq=2 Destination Host Unreachable From
192.168.1.10 icmp_seq=3 Destination Host Unreachable
cause of the problem:

Forget to configure the bridge Br0 Ip/mask, that is, configure the container IP and route network information in the route. If not configured, the inside of the container is not able to communicate through the Br0 bridge. In addition, Docker 1.9 supports the overlay network. Directly with HTTP://WWW.JIANSHU.COM/P/3EB7448ADEA0, you can communicate across hosts. How to resolve:

Need to solve: network does not pass the problem.

$ sysctl–w net.ipv4.ip_forward=1
$ sudo docker run-it--rm--net=none--name cookbook ubuntu:14.04 bash
$ sudo p Ipework/pipework br0 Cookbook 192.168.1.10/24@192.168.1.1
$ sudo apt-get install bridge-utils
$ sudo brctl  AddIf br0  eth0
$ ip addr Add 192.168.1.1/24 dev br0

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
lan network troubleshooting chat on lan network onboard gigabit lan network dish network a e a network security salary docker network host docker network diagram

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More