I'm trying to use docker with weave, and I'd like to keep interfaces in container clean. That is: I want the only attached interfaces to be weave's and localhost. Currently docker also binds its bridge.
Is it possible to attach only to overlay network in Docker?
$ docker run -ti --net none busybox ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
but
eth1 Link encap:Ethernet HWaddr 02:42:AC:12:00:02
inet addr:172.18.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe12:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:90 (90.0 B) TX bytes:270 (270.0 B)
ethwe0 Link encap:Ethernet HWaddr 52:E6:28:21:75:9A
inet addr:10.0.0.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::50e6:28ff:fe21:759a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1410 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:508 (508.0 B) TX bytes:258 (258.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
The network needs to be created with -internal flag, see:
https://github.com/docker/docker/issues/18854
Related
I'm running a docker container (running a cloudera image in which I can't modify the networks settings) in my windows 10 pc and I want to connect to it from my browser using the assigned IP (i.e. 172.17.0.2) instead of localhost.
Is there a way to do it? How?
(I've found this post and I've tried to use the --net=host option but the docker0 IP assigned is still 172.17.0.1.)
Below the "ifconfig" output:
[root#quickstart /]# ifconfig
cni0 Link encap:Ethernet HWaddr 6A:6A:D3:6A:CB:82
inet addr:10.1.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::686a:d3ff:fe6a:cb82/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12920 errors:0 dropped:0 overruns:0 frame:0
TX packets:13154 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:884288 (863.5 KiB) TX bytes:3946860 (3.7 MiB)
docker0 Link encap:Ethernet HWaddr 02:42:65:2D:65:6C
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:65ff:fe2d:656c/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:154 errors:0 dropped:0 overruns:0 frame:0
TX packets:215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10104 (9.8 KiB) TX bytes:185370 (181.0 KiB)
docker_gwbridge Link encap:Ethernet HWaddr 02:42:FF:2D:D6:CD
inet addr:172.18.0.1 Bcast:172.18.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:ffff:fe2d:d6cd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:339368 errors:0 dropped:0 overruns:0 frame:0
TX packets:339368 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:63421670 (60.4 MiB) TX bytes:63421670 (60.4 MiB)
eth0 Link encap:Ethernet HWaddr 02:50:00:00:00:01
inet addr:192.168.65.3 Bcast:192.168.65.15 Mask:255.255.255.240
inet6 addr: fe80::50:ff:fe00:1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:131024 errors:0 dropped:0 overruns:0 frame:0
TX packets:76313 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:157839066 (150.5 MiB) TX bytes:8175888 (7.7 MiB)
hvint0 Link encap:Ethernet HWaddr 00:15:5D:CD:11:09
inet addr:10.0.75.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::215:5dff:fecd:1109/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:257 errors:0 dropped:53 overruns:0 frame:0
TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:21003 (20.5 KiB) TX bytes:1358 (1.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:339368 errors:0 dropped:0 overruns:0 frame:0
TX packets:339368 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:63421670 (60.4 MiB) TX bytes:63421670 (60.4 MiB)
veth535bb6e Link encap:Ethernet HWaddr 16:E5:EC:F3:76:BC
inet6 addr: fe80::14e5:ecff:fef3:76bc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:31 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:2318 (2.2 KiB)
vethc291b186 Link encap:Ethernet HWaddr 72:3A:FE:9F:40:7A
inet6 addr: fe80::703a:feff:fe9f:407a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6296 errors:0 dropped:0 overruns:0 frame:0
TX packets:6441 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:518245 (506.0 KiB) TX bytes:1959228 (1.8 MiB)
vethc0969f7 Link encap:Ethernet HWaddr F2:9E:81:04:9B:69
inet6 addr: fe80::f09e:81ff:fe04:9b69/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:74394 errors:0 dropped:0 overruns:0 frame:0
TX packets:129442 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8037110 (7.6 MiB) TX bytes:157544590 (150.2 MiB)
vethdba5d116 Link encap:Ethernet HWaddr 26:D1:6D:9B:28:8E
inet6 addr: fe80::24d1:6dff:fe9b:288e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6262 errors:0 dropped:0 overruns:0 frame:0
TX packets:6457 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:516002 (503.9 KiB) TX bytes:1960294 (1.8 MiB)
vethf1ece51f Link encap:Ethernet HWaddr 72:A3:6A:C9:70:37
inet6 addr: fe80::70a3:6aff:fec9:7037/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:362 errors:0 dropped:0 overruns:0 frame:0
TX packets:351 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:30921 (30.1 KiB) TX bytes:34060 (33.2 KiB)
I guess you have some misunderstanding for docker network.
Docker use veth pair as the default bridge technology to communicate between host & container, see next diagram:
So, 172.17.0.1 is just a bridge between your host's network card & containers' network card, you couldn't use it direclty. Meanwhile, you should not use container's ip from your host's browser to visit it as it's in a private network which setup by docker, what you could do is use -p to publish your internal network service to external.
And, when you visit localhost, it in fact just visit host's network, and docker use iptables to pass your network traffic to container's port through docker0 bridge. So, for your case, if you do not want to use localhost, then you could use host's ip instead, that is 192.168.65.3 in your case.
My setup is:
Ubuntu server 16.04 running on headless appliance (host)
Windows server 2016 KVM (guest) running on top of the host.
Network type between host and guest is NAT. The whole thing is behind corp. proxy.
The host is getting static IP from the corp gateway.
On the KVM I'm running docker container app that is listening on port 15417 from inside and outside (docker ps: 0.0.0.0:15417 -> 15417/tcp)
The container IP address is 192.168.122.35, while the KVM IP address from NAT is: 192.168.122.82
The app running on the docker container is exposing an API that should be accessed from the linux host on kvm_ip:15417/api
The facts:
Port 15417 is opened on the windows FW for inbound TCP connection.
There is a working ping from the host to kvm IP (192.168.122.82)
The app api can be accessed on 192.168.122.35:15417/api
docker logs, displays logs so the app is up and running.
The problems:
The API cannot be accessed from the KVM on localhost:15417/api or 127.0.0.1:15417/api, the response I get for curl localhost:15417/api is:
Destination host unreachable
The API cannot be accessed from 192.168.122.82:15417/api (KVM_IP) on host, same response on curl 192.168.122.82:15417/api as on the kvm powershell.
No telnet to 192.168.122.82 15417 from host or telnet 127.0.0.1 15417 from guest, while telnet to other ports like RDP (3389) or vnc (5900) is working fine, meaning the ports are all open.
Here's my host 'ifconfig':
br0 Link encap:Ethernet HWaddr 00:90:0b:67:e3:4c
inet addr:172.28.69.86 Bcast:172.28.69.87 Mask:255.255.255.248
inet6 addr: fe80::290:bff:fe67:e34c/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:597 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:89816 (89.8 KB) TX bytes:648 (648.0 B)
br-ef89294aca4b Link encap:Ethernet HWaddr 02:42:3d:dc:07:b1
inet addr:172.20.0.1 Bcast:172.20.255.255 Mask:255.255.0.0
inet6 addr: fe80::42:3dff:fedc:7b1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:80271 errors:0 dropped:0 overruns:0 frame:0
TX packets:51030 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:98712118 (98.7 MB) TX bytes:4318906 (4.3 MB)
docker0 Link encap:Ethernet HWaddr 02:42:ea:f9:4a:a6
inet addr:172.17.0.1 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
enp2s0 Link encap:Ethernet HWaddr 00:90:0b:67:e3:4b
inet addr:172.28.69.84 Bcast:172.28.69.255
Mask:255.255.255.248
inet6 addr: fe80::290:bff:fe67:e34b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:43437560 errors:0 dropped:0 overruns:0 frame:0
TX packets:28285024 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:50031414909 (50.0 GB) TX bytes:5610346118 (5.6 GB)
Memory:df800000-df8fffff
enp3s0 Link encap:Ethernet HWaddr 00:90:0b:67:e3:4c
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Memory:dfe00000-dfe7ffff
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2528921 errors:0 dropped:0 overruns:0 frame:0
TX packets:2528921 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:3180228446 (3.1 GB) TX bytes:3180228446 (3.1 GB)
veth38444b2 Link encap:Ethernet HWaddr b2:43:0f:a2:0e:34
inet6 addr: fe80::b043:fff:fea2:e34/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1728 (1.7 KB) TX bytes:816 (816.0 B)
veth55c3534 Link encap:Ethernet HWaddr 52:e3:a5:c0:54:84
inet6 addr: fe80::50e3:a5ff:fec0:5484/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4329603 errors:0 dropped:0 overruns:0 frame:0
TX packets:4447953 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1018418030 (1.0 GB) TX bytes:1107337021 (1.1 GB)
vetha9c713b Link encap:Ethernet HWaddr 02:96:67:47:1c:72
inet6 addr: fe80::96:67ff:fe47:1c72/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:175785 errors:0 dropped:0 overruns:0 frame:0
TX packets:124544 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:45484242 (45.4 MB) TX bytes:22613601 (22.6 MB)
vethcfde2a8 Link encap:Ethernet HWaddr ca:ab:04:da:b6:98
inet6 addr: fe80::c8ab:4ff:feda:b698/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:990878 errors:0 dropped:0 overruns:0 frame:0
TX packets:1367424 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:212266708 (212.2 MB) TX bytes:287696403 (287.6 MB)
vethd045150 Link encap:Ethernet HWaddr 42:b0:0f:df:b3:ec
inet6 addr: fe80::40b0:fff:fedf:b3ec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:431061 errors:0 dropped:0 overruns:0 frame:0
TX packets:423829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:102897883 (102.8 MB) TX bytes:91172674 (91.1 MB)
vethe3e3d6f Link encap:Ethernet HWaddr 76:21:a7:44:81:7d
inet6 addr: fe80::7421:a7ff:fe44:817d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1598 errors:0 dropped:0 overruns:0 frame:0
TX packets:1924 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:597484 (597.4 KB) TX bytes:350579 (350.5 KB)
vethf34ccaa Link encap:Ethernet HWaddr 76:a9:29:e3:b5:2c
inet6 addr: fe80::74a9:29ff:fee3:b52c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2674 errors:0 dropped:0 overruns:0 frame:0
TX packets:3783 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4805257 (4.8 MB) TX bytes:689076 (689.0 KB)
virbr0 Link encap:Ethernet HWaddr 52:54:00:17:94:ca
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:23845306 errors:0 dropped:0 overruns:0 frame:0
TX packets:31454109 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1454280991 (1.4 GB) TX bytes:48875445867 (48.8 GB)
vnet0 Link encap:Ethernet HWaddr fe:54:00:fc:b7:f1
inet6 addr: fe80::fc54:ff:fefc:b7f1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4512098 errors:0 dropped:0 overruns:0 frame:0
TX packets:4084521 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:580069804 (580.0 MB) TX bytes:2979706156 (2.9 GB)
And my KVM (guest) networking default config:
<network>
<name>default</name>
<uuid>9f80b5ad-b4fa-4c7e-a559-d27c23328347</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:17:94:ca'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>
And finally the KVM network interface configuration is:
<interface type='network'>
<mac address='52:54:00:fc:b7:f1'/>
<source network='default' bridge='virbr0'/>
<target dev='vnet0'/>
<model type='rtl8139'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
I struggling while trying to find out what is interrupting ,me from accessing the app on KVM from the host.
When I run ifconfig command on host machine(ubuntu) I see following interfaces
docker0 Link encap:Ethernet HWaddr 02:42:af:2d:7b:4e
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:afff:fe2d:7b4e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:17372371 errors:0 dropped:0 overruns:0 frame:0
TX packets:18910860 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3877362521 (3.8 GB) TX bytes:5648219155 (5.6 GB)
eth0 Link encap:Ethernet HWaddr 00:50:56:bd:6d:6c
inet addr:9.113.140.176 Bcast:9.113.140.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:febd:6d6c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:22690545 errors:0 dropped:10 overruns:0 frame:0
TX packets:4168167 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5364157575 (5.3 GB) TX bytes:398826434 (398.8 MB)
eth1 Link encap:Ethernet HWaddr 00:50:56:a3:7f:17
inet addr:9.113.140.166 Bcast:9.113.140.255 Mask:255.255.255.0
inet6 addr: fe80::11ff:7a9c:83ed:f11f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16962121 errors:0 dropped:10 overruns:0 frame:0
TX packets:2690 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1214246465 (1.2 GB) TX bytes:515223 (515.2 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:605048269 errors:0 dropped:0 overruns:0 frame:0
TX packets:605048269 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:137424265344 (137.4 GB) TX bytes:137424265344 (137.4 GB)
Where as when I check inside the container I find this
[AppConnect-Container#772840b42460 /]: ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:05
inet addr:172.17.0.5 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16966 errors:0 dropped:0 overruns:0 frame:0
TX packets:12819 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14565227 (14.5 MB) TX bytes:10658766 (10.6 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:984571 errors:0 dropped:0 overruns:0 frame:0
TX packets:984571 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:187746811 (187.7 MB) TX bytes:187746811 (187.7 MB)
I want even the eth1 network interface to be available inside the container. Please let me know how to achieve this
Launch the container with --net=host option, and you'll have your host interfaces in the container.
I'm trying to configure a Docker network using the macvlan driver, but my containers can't reach the gateway or the WAN.
The network is set up like so:
docker network create -d macvlan --subnet=10.1.1.0/24 --ip-range=10.1.1.160/28 --gateway=10.1.1.1 -o parent=ens160 pub_net
The host OS is Ubuntu 16.04, which itself is a VM running on ESXi (lots of layers, I know). The ens160 interface is connected to an ESXi vSwitch ("LAN"). The gateway (10.1.1.1) is a pfSense VM on the same machine, and connected to the same "LAN" vSwitch. The pfSense VM is also connected to a "WAN" vSwitch which physically connects to the upstream network. The Ubuntu host OS has an IP and full WAN connectivity, but the Docker container does not.
Some details about the Ubuntu host:
host$ ifconfig
docker0 Link encap:Ethernet HWaddr aa:bb:cc:00:e2:77
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ens160 Link encap:Ethernet HWaddr aa:bb:cc:9b:be:f2
inet addr:10.1.1.22 Bcast:10.1.1.255 Mask:255.255.255.0
inet6 addr: fe80::c7b7:d64c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:64642 errors:0 dropped:0 overruns:0 frame:0
TX packets:1881 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:19190911 (19.1 MB) TX bytes:169266 (169.2 KB)
ens192 Link encap:Ethernet HWaddr aa:bb:cc:9b:be:fc
inet addr:10.2.2.22 Bcast:10.2.2.255 Mask:255.255.255.0
inet6 addr: fe80::bb15:267d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:294 errors:0 dropped:10 overruns:0 frame:0
TX packets:515 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:57996 (57.9 KB) TX bytes:63258 (63.2 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2637 errors:0 dropped:0 overruns:0 frame:0
TX packets:2637 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:204727 (204.7 KB) TX bytes:204727 (204.7 KB)
host$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.2.2.1 0.0.0.0 UG 100 0 0 ens192
0.0.0.0 10.1.1.1 0.0.0.0 UG 101 0 0 ens160
10.1.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens160
10.2.2.0 0.0.0.0 255.255.255.0 U 100 0 0 ens192
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 ens192
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
Switching to the Docker container, and details there:
host$ sudo docker run --net=pub_net -it alpine /bin/sh
container$ ifconfig
eth0 Link encap:Ethernet HWaddr AA:BB:CC:01:01:A0
inet addr:10.1.1.160 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:1a0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:15 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1789 (1.7 KiB) TX bytes:634 (634.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:224 (224.0 B) TX bytes:224 (224.0 B)
container$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.1.1.1 0.0.0.0 UG 0 0 0 eth0
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
As mentioned, if I ping 10.1.1.1 (or any other external IP) from within the container I get no response. If I ping another Docker container on the same host I do get a response.
What do I need to change so that the container can reach the WAN?
You need to turn on promiscuous mode and allow forged transmits for your LAN vSwitch. This is because macvlan mode requires the guest to be listening for the falsified MAC addresses as well as be able to falsify MAC addresses.
VMware Knowledge Base article on promiscuous mode
VMware documentation on forged transmits
I am struggling to ssh into a container. After executing
docker run -p 22:22 --network=host -it ubuntu:14.04 after adduser admin and installing ssh in my ubuntu based image i opened a new docker terminal and fired ssh username#${hostip} but connection is refused for my added user. thanks for your help
Edited
docker0 Link encap:Ethernet HWaddr 02:42:fe:c4:aa:ea
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:feff:fec4:aaea/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:536573 errors:0 dropped:0 overruns:0 frame:0
TX packets:596145 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:21717921 (21.7 MB) TX bytes:945577957 (945.5 MB)
eth0 Link encap:Ethernet HWaddr 08:00:27:4e:1a:70
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe4e:1a70/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1674522 errors:0 dropped:0 overruns:0 frame:0
TX packets:781497 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1431596796 (1.4 GB) TX bytes:47605814 (47.6 MB)
eth1 Link encap:Ethernet HWaddr 08:00:27:c7:b0:50
inet addr:192.168.99.106 Bcast:192.168.99.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fec7:b050/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6326489 errors:0 dropped:0 overruns:0 frame:0
TX packets:1012444 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8806794970 (8.8 GB) TX bytes:1868661107 (1.8 GB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:94 errors:0 dropped:0 overruns:0 frame:0
TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:14064 (14.0 KB) TX bytes:14064 (14.0 KB)
docker ps Output
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6851d647642c ubuntu:14.04 "/bin/bash" About an hour ago Up 31 minutes stoic_jang
Also i installed ssh using apt-get install ssh not sure if it's the right package.