Arch Linux - Docker Node - Network - ( Part II )
I will use MACVLAN to deploy containers. It worth to mention that containers should not have IP addresses directly attached to it but some services like a pihole DNS server has to be seen as if directly attached to the network and we can achieve it with MACVLAN.
docker network create -d macvlan \
> --subnet=192.168.55.0/24 \
> --gateway=192.168.55.1 \
> --opt parent=ens18.55 \
> macvlan55[root@docker0 vlan.55-pihole]# docker network ls
NETWORK ID NAME DRIVER SCOPE
1e0cc00dd141 bridge bridge local
1567bbd600cb host host local
c848bfb101a1 macvlan55 macvlan local
3f7b6cc3c82a none null local[root@docker0 vlan.55-pihole]# ip -c l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 5a:a4:8c:e9:00:83 brd ff:ff:ff:ff:ff:ff
altname enp0s18
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:32:86:1d:e8 brd ff:ff:ff:ff:ff:ff
4: ens18.55@ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 5a:a4:8c:e9:00:83 brd ff:ff:ff:ff:ff:ffDocker will automatically create the sub interface set as the parent for our macvlan.
[root@docker0 vlan.55-pihole]# ip -c l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 5a:a4:8c:e9:00:83 brd ff:ff:ff:ff:ff:ff
altname enp0s18
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:32:86:1d:e8 brd ff:ff:ff:ff:ff:ff
4: ens18.55@ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 5a:a4:8c:e9:00:83 brd ff:ff:ff:ff:ff:ff
[root@docker0 vlan.55-pihole]# docker network ls
NETWORK ID NAME DRIVER SCOPE
1e0cc00dd141 bridge bridge local
1567bbd600cb host host local
c848bfb101a1 macvlan55 macvlan local
3f7b6cc3c82a none null local[root@docker0 vlan.55-pihole]# docker network inspect macvlan55[
{
"Name": "macvlan55",
"Id": "c848bfb101a117911423c59c024bf7e8a916dc81e6e182b968e252deec2314d9",
"Created": "2021-09-22T20:00:38.805589932+01:00",
"Scope": "local",
"Driver": "macvlan",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.55.0/24",
"Gateway": "192.168.55.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"36dcaad5bf68578e4d9a54bd00dd13df250eed9790cdac8ea02c77aa871cb47b": {
"Name": "pihole",
"EndpointID": "04aeab43079dae4a75d64251b06bc978c143ecf290c334e025909323dbe5f4d0",
"MacAddress": "02:42:c0:a8:37:0a",
"IPv4Address": "192.168.55.10/24",
"IPv6Address": ""
}
},
"Options": {
"parent": "ens18.55"
},
"Labels": {}
}
]Resources
Use macvlan networks
All about using macvlan to make your containers appear like physical machines on the network
Networking using a macvlan network
Tutorials for networking using a macvlan bridge network and 802.1q trunk bridge network
Introduction to Linux interfaces for virtual networking | Red Hat Developer
This post provides a brief introduction to Linux virtual interfaces, focusing on frequently used interfaces and some interfaces that can be easily confused with one another.
libnetwork/macvlan.md at master · moby/libnetwork
networking for containers. Contribute to moby/libnetwork development by creating an account on GitHub.