Reputation: 3244
What's wrong with my macvlan settings with docker?
I'm studying "docker with macvlan". Below is my settings:
G 192.168.1.1, gateway(physical)
W 192.168.1.2, windows 10, ether-net card(physical)
V 192.168.1.5, virtualbox+centos7, bridged network
c1 192.168.1.10, docker container in macnet
c2 192.168.1.11, docker container in macnet
macnet is created by
docker network create -d macvlan --subnet=192.168.1.0/24 --gateway=192.168.1.1 -o parent=enp0s3 macnet
c1 and c2 is created by
docker run -it --net=macnet --ip=192.168.1.10 -h=c1 anapsix/alpine-java bash
docker run -it --net=macnet --ip=192.168.1.11 -h=c2 anapsix/alpine-java bash
docker version is 17.06.0-ce
I'm expecting all below work but only the first works (-> means ping):
c1 <--> c2 OK
c1 <--> V Fail
c1 <--> W Fail
c1 --> G Fail
Is there anything wrong with above steps?
By the way, could someone help to create the tag "macvlan" and "ipvlan"?
Upvotes: 3
Views: 5888
Answers (2)
Reputation: 675
this is an expected behavior as the network you have created using macvlan is not having any connectivity between you VM and the macvlan bridge (by default docker create macvlan network in bridge mode). where the containers you have create C1 and C2 are having their interface attached to the macvlan bridge. that is why C1 and C2 able to ping each other, but from VM(guest) you are not able to ping C1 and C2 and hence from the Host.
to connect from VM to containers C1 and C2, create a interface of type bridge and assign a ip. command below: (there commands can have side effects. you may completely loose connectivity to your VM. if you connected via ssh make sure you have 2 interfaces to your VM and ssh to the VM not with interface having ip in network 192.168.1.0/24)
- remove ip of interface having ip in network 192.168.1.0/24
- ip addr delete (ip_of_interface) dev (interface eg-eth0)
- ip link add mymacvlan1 link (VM interface name eg. - eth0) type macvlan mode bridge
- ip link set mymacvlan1 up
- ip addr add 192.168.1.20/24 dev mymacvlan1
- ping your container - ping (C1 ip) -I mymacvlan1
please note these changes are not boot persistent
to be able to ping from Host machine, you need to make sure the VM interface has promiscuous mode true in virtual box VM network setting.
Upvotes: 3
Reputation: 717
I have the same setup as you. I mean a VBox and two containers running on top of Ubuntu. I don't know whether you have a specific purpose or just testing docker networking. If it's the latter, then why not use bridge as the driver. Below command created a network for me:
docker network create -d bridge -o parent=enp0s3 skynet
Then I created two containers out of it.
~$ docker run -itd --net=skynet --name container2 myimage bash
~$ docker run -itd --net=skynet --name container1 myimage bash
And checked both the containers can ping each other as well as localhost and external network (like google.com or yahoo.com).
Lemme know if this was of any help.
N.B: To your query there's nothing wrong with your setup. If the driver is macvlan it's expected you can't reach out of the containers.
Upvotes: 0
Related Questions
- docker macvlan - no route to host (container)
- Unable to access docker containers from host over macvlan network
- Mapped ports + macvlan woes
- Docker Macvlan network inside container is not reaching to its own host
- Docker macvlan network, unable to access internet
- Docker MACVLAN only works Outbound
- Run Docker container on host network
- Docker network macvlan driver: gateway unreachable
- Docker container can't reach or ping WAN using macvlan network driver
- iptables not working on macvlan traffic in container