Resource icon

How to run docker with Corral-like (macvlan) networking

Moved from https://forums.freenas.org/index.ph...-rc-with-corral-like-bridge-networking.54539/.

I spent some time trying to figure out how to get each of my Docker containers to have its own IP and be open to the rest of the network today, so I thought I'd write it up here to save others some time.

First you need to download and install CentOS 7. Create a VM with at least 2 cores and 1500MiB RAM. Download the CentOS minimal iso, and add a CD-ROM device to the VM (with the iso), and it will boot. VNC in and follow the GUI (you need to enable the network interface specifically in the install GUI). As explained in this thread, CentOS will boot after installation without any special modification, unlike Ubuntu / Debian etc.

You'll need to VNC in, login as root and run visudo if you want to grant your own account root privileges. I'd recommend doing this, and completing the rest of the installation by SSH as you can copy and paste.

Once booted in CentOS, do
Code:
yum -y update
to update all packages. Then run the following as root (sudo -i) to install and enable Docker on the VM (source):
Code:
yum install -y yum-utils
yum-config-manager \
	--add-repo \
	https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install -y docker-ce
systemctl enable docker
systemctl start docker


Now Docker is up and running. Try running:
Code:
docker run hello-world
If you get an error, you may need to add your user to the docker group:
Code:
usermod -a -G docker <username>

Now onto the networking. By default Docker's bridge network will put your containers behind NAT and you will have to expose ports manually. This method will allow you to expose your containers as individual machines connected directly to the network (with all ports connected). Create a new macvlan Docker network (replacing 10.0.0.0/8 with your network IP and subnet in CIDR notation):
Code:
docker network create -d macvlan --subnet=10.0.0.0/8 --gateway=10.0.0.1 -o parent=eth0 my_macvlan

Now you can create a new Docker container with a bridged network like this:
Code:
docker run --net=my_macvlan --ip=10.0.0.5 nginx
To verify that this works, go to the IP you specified and you should see the nginx welcome page.
  • Like
Reactions: Matt Platte
Author
microbug
Views
3,020
First release
Last update
Rating
0.00 star(s) 0 ratings
Top