单节点通信

Host1

1. 开启混杂模式

[root@host1 ~]# ip link set ens33 promisc on
root@host1 ~]# ip link show 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 00:0c:29:9b:45:46 brd ff:ff:ff:ff:ff:ff
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether 52:54:00:3d:c1:1d brd ff:ff:ff:ff:ff:ff
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT group default qlen 1000
    link/ether 52:54:00:3d:c1:1d brd ff:ff:ff:ff:ff:ff
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default 
    link/ether 02:42:36:fb:61:60 brd ff:ff:ff:ff:ff:ff

2. 创建macvlan网络

[root@host1 ~]# docker network create -d macvlan --subnet=172.16.86.0/24 --gateway=172.16.86.1 -o parent=ens33 mac_net1
a8e232b4f35839db539b5fea8656f79bd9b8e2535094c041bcf3dcf419a4806d
# 列出所有网络
[root@host1 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
d866fc80f8fb        bridge              bridge              local
9a6b9395aede        host                host                local
a8e232b4f358        mac_net1            macvlan             local
63f713da5f76        none                null                local

3. 创建容器,并指定IP、指定网络

[root@host1 ~]# docker run -itd --name bbox1 --ip=172.16.86.10 --network mac_net1 busybox
804382eb4a24977fa741eedc9056b423a380ab1d7d732c231ec128ee84a82815

Host2

4. 创建macvlan网络

[root@host2 ~]# docker network create -d macvlan --subnet=172.16.86.0/24 --gateway=172.16.86.1 -o parent=ens33 mac_net1
6543acf5fa52f3be9ce3b6356bcd67c8facac36f61ad2696fcbdc78650dc1fe5

5. 创建容器,并指定IP、指定网络

[root@host2 ~]# docker run -itd --name bbox2 --ip=172.16.86.11 --network mac_net1 busybox
c8db11eddfa72f6696b88b92d4254b74a25d4fcda2b4f2c9943add257570bdd3

6. 测试连通性

[root@host2 ~]# docker exec bbox2 ping -c 3 172.16.86.10
PING 172.16.86.10 (172.16.86.10): 56 data bytes
64 bytes from 172.16.86.10: seq=0 ttl=64 time=0.536 ms
64 bytes from 172.16.86.10: seq=1 ttl=64 time=0.520 ms
64 bytes from 172.16.86.10: seq=2 ttl=64 time=0.488 ms

多节点通信

由于macvlan会独占主机的网卡,一个网卡只能创建一个macvlan网络,macvlan不仅可以连接到interface,也可以连接到sub-interface上(enss33.x)。
linux网卡支持vlan,同一个interface可以收发多个vlan的数据包,前提需要创建vlan的sub-interface

两台主机都需要相同操作
host1、host2

1. 导入8021q模块

[root@host1 ~]# modprobe 8021q
# 查看8021q信息
[root@host1 ~]# modinfo 8021q
filename:       /lib/modules/3.10.0-957.10.1.el7.x86_64/kernel/net/8021q/8021q.ko.xz
version:        1.8
license:        GPL
alias:          rtnl-link-vlan
retpoline:      Y
rhelversion:    7.6
srcversion:     3D84ADCA65536B17FD7DCEC
depends:        mrp,garp
intree:         Y
vermagic:       3.10.0-957.10.1.el7.x86_64 SMP mod_unload modversions
signer:         CentOS Linux kernel signing key
sig_key:        17:EA:5F:B9:16:4B:C2:26:55:5C:00:43:FA:D4:E5:86:CC:E8:A2:05
sig_hashalgo:   sha256

2. 创建两个子接口

[root@host1 ~]# cd /etc/sysconfig/network-scripts/
[root@host1 network-scripts]# vim ifcfg-ens33.1
BOOTPROTO=none
NAME=ens33.1
DEVICE=ens33.1
ONBOOT=yes
IPADDR=192.168.1.10
PREFIX=24
NETWORK=192.168.1.0
VLAN=yes
[root@host1 network-scripts]# vim ifcfg-ens33.2
BOOTPROTO=none
NAME=ens33.2
DEVICE=ens33.2
ONBOOT=yes
IPADDR=192.168.2.10
PREFIX=24
NETWORK=192.168.2.0
VLAN=yes
# 查看一下创建好的子接口配置信息
[root@host1 network-scripts]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
ether 02:42:36:fb:61:60  txqueuelen 0  (Ethernet)
RX packets 0  bytes 0 (0.0 B)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 0  bytes 0 (0.0 B)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
inet 192.168.1.11  netmask 255.255.255.0  broadcast 192.168.1.255
inet6 fe80::b0d4:bd14:f86e:84e8  prefixlen 64  scopeid 0x20<link>
ether 00:0c:29:9b:45:46  txqueuelen 1000  (Ethernet)
RX packets 11872  bytes 1092464 (1.0 MiB)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 599  bytes 58695 (57.3 KiB)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
inet 192.168.1.10  netmask 255.255.255.0  broadcast 192.168.1.255
inet6 fe80::20c:29ff:fe9b:4546  prefixlen 64  scopeid 0x20<link>
ether 00:0c:29:9b:45:46  txqueuelen 1000  (Ethernet)
RX packets 2  bytes 113 (113.0 B)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 35  bytes 4431 (4.3 KiB)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33.2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
inet 192.168.2.10  netmask 255.255.255.0  broadcast 192.168.2.255
inet6 fe80::20c:29ff:fe9b:4546  prefixlen 64  scopeid 0x20<link>
ether 00:0c:29:9b:45:46  txqueuelen 1000  (Ethernet)
RX packets 2  bytes 113 (113.0 B)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 35  bytes 4459 (4.3 KiB)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
inet 127.0.0.1  netmask 255.0.0.0
inet6 ::1  prefixlen 128  scopeid 0x10<host>
loop  txqueuelen 1000  (Local Loopback)
RX packets 93  bytes 8571 (8.3 KiB)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 93  bytes 8571 (8.3 KiB)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
ether 52:54:00:3d:c1:1d  txqueuelen 1000  (Ethernet)
RX packets 0  bytes 0 (0.0 B)
RX errors 0  dropped 0  overruns 0  frame 0
TX packets 0  bytes 0 (0.0 B)
TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

3. 将创建好的子接口加入vlan

[root@host1 network-scripts]# ifup ifcfg-ens33.1
[root@host1 network-scripts]# ifup ifcfg-ens33.2

4. 创建网卡macvlan(指定子接口)

[root@host1 network-scripts]# docker network create -d macvlan --subnet 192.168.10.0/24 --gateway 192.168.10.1 -o parent=ens33.1 macnet_10
4b48d52d5271638bf9320a51cbc14afd519955326afa9e68d5cd7c3c883ccb2c
[root@host1 network-scripts]# docker network create -d macvlan --subnet 192.168.20.0/24 --gateway 192.168.20.1 -o parent=ens33.2 macnet_20
1aa4a87e73597998fd5bca6ab3564dc3a2210cc472ea26ffa00d7d200b23574a
# 列出所有网络
[root@host1 network-scripts]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
0cb17c485be8        bridge              bridge              local
9a6b9395aede        host                host                local
961af31e9c0f        mac_net1            macvlan             local
4b48d52d5271        macnet_10           macvlan             local
1aa4a87e7359        macnet_20           macvlan             local
63f713da5f76        none                null                local

5. 启动容器并加入网络

[root@host1 network-scripts]# docker run -itd --name bbox10 --network macnet_10 --ip 192.168.10.2 busybox
d45fccfa87c8bcb7a6a864e67c318d0eed62279e433c20fde745b0cf7229c2a1
[root@host1 network-scripts]# docker run -itd --name bbox20 --network macnet_20 --ip 192.168.20.2 busybox
3564a1a8f4aeb548702e8a908916595adc0aa99997276be1e6f2b4722bc3a651

6. 添加虚拟网卡

[root@host1 network-scripts]# docker network connect macnet_10 bbox20
[root@host1 network-scripts]# docker network connect macnet_20 bbox10

7. 测试连通性

[root@host1 network-scripts]# docker exec -it bbox10 /bin/sh
/ # ping -c 2 192.168.10.2
PING 192.168.10.2 (192.168.10.2): 56 data bytes
64 bytes from 192.168.10.2: seq=0 ttl=64 time=0.058 ms
64 bytes from 192.168.10.2: seq=1 ttl=64 time=0.054 ms

--- 192.168.10.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.054/0.056/0.058 ms
/ #
/ # ping -c 2 192.168.20.2
PING 192.168.20.2 (192.168.20.2): 56 data bytes
64 bytes from 192.168.20.2: seq=0 ttl=64 time=0.064 ms
64 bytes from 192.168.20.2: seq=1 ttl=64 time=0.081 ms

--- 192.168.20.2 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.064/0.072/0.081 ms
Last modification:July 23rd, 2020 at 11:27 pm
如果觉得我的文章对你有用,请随意赞赏