Requirements: I want to assign an independent LAN IP address to the Docker container through the DHCP service of the router, so that the developed ASP.NET Core application can be deployed to multiple servers (the application needs to be deployed to multiple servers to achieve high availability), and then they can be transferred to each other.
Some applications, especially legacy applications or those that monitor network traffic, expect to connect directly to the physical network. In this case, you can use the macvlan network driver to assign a MAC address to each container's virtual network interface, making it look like a physical network interface that connects directly to the physical network. In this case, you need to specify a physical interface on your Docker host for macvlan. And. subnets and gateways of Macvlan. You can even isolate your network with a different physical network interface.
First, you need to set the physical NIC of the host machineAllows "promiscuous mode" modeFor example, using ESXI as an example, set up a virtual switch as follows:
The system environment is as follows:
CentOS Linux release 7.9.2009 (Core)
Docker version 20.10.20, build 9fdeb9c
Install the Docker service on the CentOS 7 host. (omitted)
Set upnet.ipv4.ip_forward = 1, you can view the current configuration through sysctl -a, if it is not 1, please modify it to 1, the tutorial is omitted. The main purpose is to determine whether the information received by one network card can be passed to other network cards when the Linux host has multiple network cards, and if it is set to 1, packet forwarding can be carried out.
When the Docker service is installed, create a macvlan network with the following command:
--ip-range: Decided to assign the subset to Docker 192.168.50.192/27, which is a range of 32 addresses starting at 192.168.50.192 and ending at 192.168.50.223.
--gateway: Set the gateway address, usually the router IP address, please set it according to your actual situation
-o parent: The parent interface, which is the name of the host's physical NIC card, can be viewed through IP A according to the actual situation.
After the creation is completed, you can view it with the following command:
Try starting a busybox container and setting up a network with the newly created macvlan with the following command:
Tip: If needed, give the containerTo set the IP address, use the --ip parameter, for example: --ip=192.168.50.210
You can view the IP address of a container by using the following command:
Of course, you can also go inside the container to view it, with the following command:
WeUsing other machines on the LAN, try pinging the IP address of the container, you can find that you can ping, as shown in the figure below:
Looking at the router's IP and MAC mapping table, you can see that the MAC/IP address of the docker container is the same as the one on the router, as shown in the figure below:
Try starting a Redis container again and setting up the new MacVLAN network with the following command:
The CentOS host itself also has a redis application running and is also using port 6379, and we create a redis container application that also uses port 6379, that isThe same host port 6379 is listened to by two different IPs, try to see if it works.
The test results are all working normally, as shown in the figure below:
Resources
The hyperlink login is visible.
|
Posted on 11/19/2022 12:01:56 PM
|
|
|
|
Posted on 11/28/2022 7:30:39 PM
|
