055、创建macvlan网络 (2019-03-22 周五)
创建macvlan网络,需要指定使用哪块物理网卡进行通信
-o parent=ens192
创建macvlan网络,需要指定网络环境已经存在的网关,因为macvlan并不提供网关功能
--gateway 172.16.86.1
因为网关是我们网络环境中存在的,所以我们也需要指定一个与网关匹配的网络地址
--subnet 172.16.86.0/24
在下面的实验中可以看到:
1、macvlan不提供网关服务
2、macvlan不提供dns服务
3、macvlan属于本地网络类型,所以两台host上的macvlan网络是相互独立的
4、macvlan不提供自动分配IP地址的服务,创建容器时需要手动指定容器IP,还要与其他host上的macvlan避免IP冲突
root@host1:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@host1:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
9e26e05efc49 bridge bridge local
bb03f7574aa2 host host local
11e39328a6d1 none null local
root@host1:~# docker network create -d macvlan --subnet 172.16.86.0/24 --gateway 172.16.86.1 -o parent=ens192 mac_net1
d60df792c93636940d01eaae0ede35491c0ff0592cfd374b06b5579baf6770d4
root@host1:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
9e26e05efc49 bridge bridge local
bb03f7574aa2 host host local
d60df792c936 mac_net1 macvlan local
11e39328a6d1 none null local
root@host1:~# docker run -itd --name bbox1 --ip 172.16.86.11 --network mac_net1 busybox
b56e6cd9876e7d3fa477918281f6db1c04446733c99d32bbd08028be8acefd3b
root@host1:~# docker exec bbox1 ip r
default via 172.16.86.1 dev eth0
172.16.86.0/24 dev eth0 scope link src 172.16.86.11
root@host1:~# docker exec bbox1 ping -c 2 bbox2
ping: bad address 'bbox2'
root@host1:~# docker exec bbox1 ping -c 2 172.16.86.12
PING 172.16.86.12 (172.16.86.12): 56 data bytes
64 bytes from 172.16.86.12: seq=0 ttl=64 time=0.548 ms
64 bytes from 172.16.86.12: seq=1 ttl=64 time=0.267 ms
--- 172.16.86.12 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.267/0.407/0.548 ms
root@host1:~# docker exec bbox1 ping -c 2 172.16.86.1
PING 172.16.86.1 (172.16.86.1): 56 data bytes
--- 172.16.86.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
root@host2:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@host2:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
65563241b1ff bridge bridge local
cf4c89650a1f host host local
2f7d79e0114d none null local
root@host2:~# docker network create -d macvlan --subnet 172.16.86.0/24 --gateway 172.16.86.1 -o parent=ens192 mac_net1
39f1aab9f5b8aba4491b50d080bb263d5a184658b31828fc2e40a1d28563f321
root@host2:~# docker network ls
NETWORK ID NAME DRIVER SCOPE
65563241b1ff bridge bridge local
cf4c89650a1f host host local
39f1aab9f5b8 mac_net1 macvlan local
2f7d79e0114d none null local
root@host2:~# docker run -itd --name bbox3 --ip 172.16.86.12 --network mac_net1 busybox
43406891a16236b17028f0d4e1983accdd79c47cea63f91948fd4de6f17dba41
root@host2:~# docker rm -f bbox3
bbox3
root@host2:~# docker run -itd --name bbox2 --ip 172.16.86.12 --network mac_net1 busybox
55e101449753d0ed5e5da4315e99b16fc807d7110a19ea5117a958e7d62effed
root@host2:~# docker exec bbox2 ip r
default via 172.16.86.1 dev eth0
172.16.86.0/24 dev eth0 scope link src 172.16.86.12