[ovs.git] / INSTALL.Docker.md

How to Use Open vSwitch with Docker
====================================

This document describes how to use Open vSwitch with Docker 1.2.0 or
later.  This document assumes that you followed [INSTALL.md] or installed
Open vSwitch from distribution packaging such as a .deb or .rpm.  Consult
www.docker.com for instructions on how to install or .rpm.  Consult
www.docker.com for instructions on how to install Docker.

Limitations
-----------
Currently there is no native integration of Open vSwitch in Docker, i.e.,
one cannot use the Docker client to automatically add a container's
network interface to an Open vSwitch bridge during the creation of the
container.  This document describes addition of new network interfaces to an
already created container and in turn attaching that interface as a port to an
Open vSwitch bridge.  If and when there is a native integration of Open vSwitch
with Docker, the ovs-docker utility described in this document is expected to
be retired.

Setup
-----
* Create your container, e.g.:

```
% docker run -d ubuntu:14.04 /bin/sh -c \
"while true; do echo hello world; sleep 1; done"
```

The above command creates a container with one network interface 'eth0'
and attaches it to a Linux bridge called 'docker0'.  'eth0' by default
gets an IP address in the 172.17.0.0/16 space.  Docker sets up iptables
NAT rules to let this interface talk to the outside world.  Also since
it is connected to 'docker0' bridge, it can talk to all other containers
connected to the same bridge.  If you prefer that no network interface be
created by default, you can start your container with
the option '--net=none', e,g.:

```
% docker run -d --net=none ubuntu:14.04 /bin/sh -c \
"while true; do echo hello world; sleep 1; done"
```

The above commands will return a container id.  You will need to pass this
value to the utility 'ovs-docker' to create network interfaces attached to an
Open vSwitch bridge as a port.  This document will reference this value
as $CONTAINER_ID in the next steps.

* Add a new network interface to the container and attach it to an Open vSwitch
  bridge.  e.g.:

`% ovs-docker add-port br-int eth1 $CONTAINER_ID`

The above command will create a network interface 'eth1' inside the container
and then attaches it to the Open vSwitch bridge 'br-int'.  This is done by
creating a veth pair.  One end of the interface becomes 'eth1' inside the
container and the other end attaches to 'br-int'.

The script also lets one to add an IP address to the interface.  e.g.:

`% ovs-docker add-port br-int eth1 $CONTAINER_ID 192.168.1.1/24`

* A previously added network interface can be deleted.  e.g.:

`% ovs-docker del-port br-int eth1 $CONTAINER_ID`

All the previously added Open vSwitch interfaces inside a container can be
deleted.  e.g.:

`% ovs-docker del-ports br-int $CONTAINER_ID`

It is important that the same $CONTAINER_ID be passed to both add-port
and del-port[s] commands.

* More network control.

Once a container interface is added to an Open vSwitch bridge, one can
set VLANs, create Tunnels, add OpenFlow rules etc for more network control.
Please read the man pages of ovs-vsctl, ovs-ofctl, ovs-vswitchd,
ovsdb-server ovs-vswitchd.conf.db etc for more details.

Docker networking is quite flexible and can be used in multiple ways.  For more
information, please read:
https://docs.docker.com/articles/networking

Bug Reporting
-------------

Please report problems to bugs@openvswitch.org.

[INSTALL.md]:INSTALL.md
Commit	Line	Data
542cc9bb TG	1	How to Use Open vSwitch with Docker
542cc9bb TG	2	====================================
ec8f0f0c GS	3
ec8f0f0c GS	4	This document describes how to use Open vSwitch with Docker 1.2.0 or
9feb1017 TG	5	later. This document assumes that you followed [INSTALL.md] or installed
	6	Open vSwitch from distribution packaging such as a .deb or .rpm. Consult
	7	www.docker.com for instructions on how to install or .rpm. Consult
	8	www.docker.com for instructions on how to install Docker.
ec8f0f0c GS	9
	10	Limitations
	11	-----------
	12	Currently there is no native integration of Open vSwitch in Docker, i.e.,
	13	one cannot use the Docker client to automatically add a container's
	14	network interface to an Open vSwitch bridge during the creation of the
	15	container. This document describes addition of new network interfaces to an
	16	already created container and in turn attaching that interface as a port to an
62dbc5bd GS	17	Open vSwitch bridge. If and when there is a native integration of Open vSwitch
	18	with Docker, the ovs-docker utility described in this document is expected to
	19	be retired.
ec8f0f0c GS	20
	21	Setup
	22	-----
	23	* Create your container, e.g.:
	24
542cc9bb	25	```
ec8f0f0c GS	26	% docker run -d ubuntu:14.04 /bin/sh -c \
ec8f0f0c GS	27	"while true; do echo hello world; sleep 1; done"
542cc9bb	28	```
ec8f0f0c GS	29
	30	The above command creates a container with one network interface 'eth0'
	31	and attaches it to a Linux bridge called 'docker0'. 'eth0' by default
	32	gets an IP address in the 172.17.0.0/16 space. Docker sets up iptables
	33	NAT rules to let this interface talk to the outside world. Also since
	34	it is connected to 'docker0' bridge, it can talk to all other containers
	35	connected to the same bridge. If you prefer that no network interface be
	36	created by default, you can start your container with
	37	the option '--net=none', e,g.:
	38
542cc9bb	39	```
ec8f0f0c GS	40	% docker run -d --net=none ubuntu:14.04 /bin/sh -c \
ec8f0f0c GS	41	"while true; do echo hello world; sleep 1; done"
542cc9bb	42	```
ec8f0f0c GS	43
	44	The above commands will return a container id. You will need to pass this
	45	value to the utility 'ovs-docker' to create network interfaces attached to an
	46	Open vSwitch bridge as a port. This document will reference this value
	47	as $CONTAINER_ID in the next steps.
	48
	49	* Add a new network interface to the container and attach it to an Open vSwitch
	50	bridge. e.g.:
	51
542cc9bb	52	`% ovs-docker add-port br-int eth1 $CONTAINER_ID`
ec8f0f0c GS	53
	54	The above command will create a network interface 'eth1' inside the container
	55	and then attaches it to the Open vSwitch bridge 'br-int'. This is done by
	56	creating a veth pair. One end of the interface becomes 'eth1' inside the
	57	container and the other end attaches to 'br-int'.
	58
	59	The script also lets one to add an IP address to the interface. e.g.:
	60
542cc9bb	61	`% ovs-docker add-port br-int eth1 $CONTAINER_ID 192.168.1.1/24`
ec8f0f0c GS	62
	63	* A previously added network interface can be deleted. e.g.:
	64
542cc9bb	65	`% ovs-docker del-port br-int eth1 $CONTAINER_ID`
ec8f0f0c GS	66
	67	All the previously added Open vSwitch interfaces inside a container can be
	68	deleted. e.g.:
	69
542cc9bb	70	`% ovs-docker del-ports br-int $CONTAINER_ID`
ec8f0f0c GS	71
	72	It is important that the same $CONTAINER_ID be passed to both add-port
	73	and del-port[s] commands.
	74
	75	* More network control.
	76
	77	Once a container interface is added to an Open vSwitch bridge, one can
	78	set VLANs, create Tunnels, add OpenFlow rules etc for more network control.
	79	Please read the man pages of ovs-vsctl, ovs-ofctl, ovs-vswitchd,
	80	ovsdb-server ovs-vswitchd.conf.db etc for more details.
	81
	82	Docker networking is quite flexible and can be used in multiple ways. For more
	83	information, please read:
	84	https://docs.docker.com/articles/networking
	85
	86	Bug Reporting
	87	-------------
	88
	89	Please report problems to bugs@openvswitch.org.
9feb1017 TG	90
9feb1017 TG	91	[INSTALL.md]:INSTALL.md