]>
Commit | Line | Data |
---|---|---|
ec8f0f0c GS |
1 | How to Use Open vSwitch with Docker |
2 | ==================================== | |
3 | ||
4 | This document describes how to use Open vSwitch with Docker 1.2.0 or | |
5 | later. This document assumes that you followed INSTALL or installed | |
6 | Open vSwitch from distribution packaging such as a .deb or .rpm. | |
7 | Consult www.docker.com for instructions on how to install Docker. | |
8 | ||
9 | Limitations | |
10 | ----------- | |
11 | Currently there is no native integration of Open vSwitch in Docker, i.e., | |
12 | one cannot use the Docker client to automatically add a container's | |
13 | network interface to an Open vSwitch bridge during the creation of the | |
14 | container. This document describes addition of new network interfaces to an | |
15 | already created container and in turn attaching that interface as a port to an | |
16 | Open vSwitch bridge. | |
17 | ||
18 | Setup | |
19 | ----- | |
20 | * Create your container, e.g.: | |
21 | ||
22 | % docker run -d ubuntu:14.04 /bin/sh -c \ | |
23 | "while true; do echo hello world; sleep 1; done" | |
24 | ||
25 | The above command creates a container with one network interface 'eth0' | |
26 | and attaches it to a Linux bridge called 'docker0'. 'eth0' by default | |
27 | gets an IP address in the 172.17.0.0/16 space. Docker sets up iptables | |
28 | NAT rules to let this interface talk to the outside world. Also since | |
29 | it is connected to 'docker0' bridge, it can talk to all other containers | |
30 | connected to the same bridge. If you prefer that no network interface be | |
31 | created by default, you can start your container with | |
32 | the option '--net=none', e,g.: | |
33 | ||
34 | % docker run -d --net=none ubuntu:14.04 /bin/sh -c \ | |
35 | "while true; do echo hello world; sleep 1; done" | |
36 | ||
37 | The above commands will return a container id. You will need to pass this | |
38 | value to the utility 'ovs-docker' to create network interfaces attached to an | |
39 | Open vSwitch bridge as a port. This document will reference this value | |
40 | as $CONTAINER_ID in the next steps. | |
41 | ||
42 | * Add a new network interface to the container and attach it to an Open vSwitch | |
43 | bridge. e.g.: | |
44 | ||
45 | % ovs-docker add-port br-int eth1 $CONTAINER_ID | |
46 | ||
47 | The above command will create a network interface 'eth1' inside the container | |
48 | and then attaches it to the Open vSwitch bridge 'br-int'. This is done by | |
49 | creating a veth pair. One end of the interface becomes 'eth1' inside the | |
50 | container and the other end attaches to 'br-int'. | |
51 | ||
52 | The script also lets one to add an IP address to the interface. e.g.: | |
53 | ||
54 | % ovs-docker add-port br-int eth1 $CONTAINER_ID 192.168.1.1/24 | |
55 | ||
56 | * A previously added network interface can be deleted. e.g.: | |
57 | ||
58 | % ovs-docker del-port br-int eth1 $CONTAINER_ID | |
59 | ||
60 | All the previously added Open vSwitch interfaces inside a container can be | |
61 | deleted. e.g.: | |
62 | ||
63 | % ovs-docker del-ports br-int $CONTAINER_ID | |
64 | ||
65 | It is important that the same $CONTAINER_ID be passed to both add-port | |
66 | and del-port[s] commands. | |
67 | ||
68 | * More network control. | |
69 | ||
70 | Once a container interface is added to an Open vSwitch bridge, one can | |
71 | set VLANs, create Tunnels, add OpenFlow rules etc for more network control. | |
72 | Please read the man pages of ovs-vsctl, ovs-ofctl, ovs-vswitchd, | |
73 | ovsdb-server ovs-vswitchd.conf.db etc for more details. | |
74 | ||
75 | Docker networking is quite flexible and can be used in multiple ways. For more | |
76 | information, please read: | |
77 | https://docs.docker.com/articles/networking | |
78 | ||
79 | Bug Reporting | |
80 | ------------- | |
81 | ||
82 | Please report problems to bugs@openvswitch.org. |