Docker Use Openvswitch Network Bridge

Last Update:2018-07-13 Source: Internet

Author: User

Tags docker run openvswitch

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Docker by default is the Linux with the Network Bridge implementation, in fact, the Openvswitch project as a mature virtual switch implementation, with a richer function. Personally, the future Docker will necessarily support Openvswitch as its default network bridge implementation. Interested students welcome the following steps to the taste. Environment

Test in the Ubuntu 14.04 system. The operation process also applies to Redhat/centos series systems, but few commands and configuration files may be slightly different. Install Docker

Install the most recent version of Docker and start the service.

$ sudo apt-get install Apt-transport-https
$ sudo apt-key adv--keyserver hkp://keyserver.ubuntu.com:80--recv-keys 3 6a1d7869245c8950f966e92d8576a8ba88d21e9
$ sudo bash-c "Echo Deb Https://get.docker.io/ubuntu Docker main >/etc/ Apt/sources.list.d/docker.list "
$ sudo apt-get update
$ sudo apt-get install lxc-docker
$ sudo service Docker start

At this point, the Docker service creates a default Docker0 bridge, which, as the local network bridge for the connection container, can be viewed by the following command:

$ sudo brctl show bridge
name Bridge     ID               STP enabled     interfaces
Docker0         8000.000000000000       No

The default address for the Network Bridge DOCKER0 internal interface is 172.17.42.1.

$ ifconfig Docker0
docker0   Link encap:ethernet  hwaddr  56:84:7a:fe:97:99 inet addr:172.17.42.1 bcast:0.0.0.0  mask:255.255.0.0
          Broadcast multicast  mtu:1500  metric:1
          RX packets:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0<
          C12/>rx bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Install Openvswitch

Install Openvswitch with the following command.

$ sudo aptitude install Openvswitch-switch

Test Add a network Bridge br0 and view it.

$ sudo ovs-vsctl add-br br0
$ sudo ovs-vsctl show
20d0b972-e323-4e3c-9e66-1d8bb57c7ff5 Bridge
    ovs-br
        Port OVS-BR
            Interface br0
                type:internal
    ovs_version: "2.0.2"

Configure the container to connect to the Openvswitch Network Bridge

At present, the Openvswitch Network Bridge can not support the Mount container directly, and it is necessary to manually create the virtual network port on the Openvswitch Bridge and mount it in the container. Create a port-free container

Start an Ubuntu container and specify that you do not create the network, and then we add the network manually. Newer versions of Docker do not allow you to modify the network configuration within the container by default, and you need to specify parameter--privileged=true when run.

$ sudo docker run--net=none--privileged=true-it ubuntu:14.04 bash
root@298bbb17c244:/#

Remember that the ID of the container here is 298bbb17c244.

When you view the network information in the container, you can see only one local network card lo.

root@298bbb17c244:/# ifconfig
lo        Link encap:local loopback  
          inet
          addr:127.0.0.1 mask:255.0.0.0 Inet6 addr::: 1/128 scope:host up
          loopback RUNNING  mtu:65536  metric:1
          RX packets:0 errors:0 dropped : 0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

to manually add a network to a container

Download the secondary script Ovs-docker provided by the Openvswitch project to support the Docker container.

$ wget https://github.com/openvswitch/ovs/raw/master/utilities/ovs-docker
$ sudo chmod a+x ovs-docker

Add a network card to the container and mount it to the br0, and the command is

$ sudo./ovs-docker add-port br0 eth0 298bbb17c244

After the success of the addition, in the container to view network information, more than a new network card added eth0, but the default does not have an IP address.

root@298bbb17c244:/# ifconfig
eth0      Link encap:ethernet  hwaddr 7e:df:97:ac:1a:6a inet6  
          : : 7CDF:97FF:FEAC:1A6A/64 scope:link up
          broadcast RUNNING multicast  mtu:1500
          RX metric:1 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3197 (3.1 KB)  TX bytes:508 (508.0 B)

lo        Link encap:local loopback  
          inet addr:127.0.0.1  mask:255.0.0.0
          inet6 addr:: 1/128 scope:host up
          loopback RUNNING mtu:65536  metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0
          dropped:0 overruns:0 collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Manually add one to it, such as 172.17.0.2/16, and view it.

 root@298bbb17c244:/# ifconfig eth0 172.17.0.2/16 root@298bbb17c244:/# ifconfig eth0 Link encap:ethernet hwaddr Ae:3d:75:2c:18:ba inet addr:172.17.0.2 bcast:172.17.255.255 mask:255.255.0.0 Inet6 3D:75FF:FE2C:18BA/64 scope:link up broadcast RUNNING multicast mtu:1500 metric:1 RX packets:187 Erro
          rs:0 dropped:2 overruns:0 frame:0 TX packets:11 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:33840 (33
          .8 KB) TX bytes:1170 (1.1 KB) Lo Link encap:local loopback inet addr:127.0.0.1 mask:255.0.0.0 Inet6 addr::: 1/128 scope:host up loopback RUNNING mtu:65536 metric:1 RX packets:0 errors:0 Drop
          ped:0 overruns:0 frame:0 
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 RX bytes:0  (0.0 B) TX bytes:0 (0.0 B)

Outside the container, the Openvswitch Network Bridge BR0 Internal interface address is 172.17.42.2/16 (as long as it is within the same subnet as the mounted container IP).

$ sudo ifconfig br0 172.17.42.2/16

Test Connectivity

After the above steps, the container is connected to the Network Bridge Br0, as shown in the following topology.

Container (172.17.0.2/16) <--> br0 Network Bridge <--> br0 Internal Port (172.17.42.2/16)

At this time, in the container can test whether connected to the bridge br0.

root@298bbb17c244:/# Ping 172.17.42.2
ping 172.17.42.2 (172.17.42.2) bytes of data.
Bytes from 172.17.42.2:icmp_seq=1 ttl=64 time=0.874 ms

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More