Docker Networking With Plugin
Docker handles almost all the stuff. When it is about setting networking, docker works great. It creates a bridge when docker is set up. You can see it with ifconfig, it’s called Docker0 bridge.
Docker provides you network plugins to make your own configurations. Docker has an interface, you can edit this interface to make your own network plugin.
I’ve prepare a simple example to show usage of this interface. This plugin becomes very useful when you need to manage your networking with containers. You can get the example here.
I’ve first implemented all the functions and create my own Driver as MyDriver.
You can make any changes with your implementation.
I do not use docker’s bridge and create my own bridge to make configuration.
Firstly, we check docker existing networks
$ docker network ls
NETWORKID NAME DRIVER SCOPE
670db5asd122 bridge bridge local
670db5derfs2 host host local
670db5fqwer1 none null localThose are the default networks of Docker. We will create a new network driver and plugin to create new networks.
We create a json file and put it to the /etc/docker/plugins/. This file name is your network driver’s name.
I’ll call it mynetwork.json
file is like this:
{
“Name”: “mynetwork”,
“Addr”: “tcp://127.0.0.1:8010”
}This driver tells that, it will forward the docker requests to the localhost 8010 port. Now, we need to create a plugin to listen this this port.
You can get the project with
go get https://github.com/tugbadartici/docker-network-pluginYou need a plugin to listen this port.
Create a go file, you can find example here.
File should be like this
You need to run this file, so it will listen all the requests on 8010 port.
It’s time to test it!
Since this plugin uses system bridge, you need to create one.
$addbr br1
# set an ip to this bridge
$ifconfig br1 10.0.1.1
$ifconfig br1 upCreate new network, set subnet as 10.0.1.1. In this way, this containers cannot reach any other device outside of this subnet.
$docker network create -d mynetwork mynet -o bridge=br1 — ip-range=10.0.1.1/24 — subnet=10.0.1.1/24
asdfwert14asd8325c358a8035b6c12345663504c0710addce51be2998ddbf2asdd1This command will tell your plugin to create a new network.
The plugin checks as if br1 is actually exists, then it creates network.
You can check new network “mynet”
$docker network ls
NETWORKID NAME DRIVER SCOPE
670db5asd122 bridge bridge local
670db5derfs2 host host local
670db5df123z mynet mynetwork local
670db5fqwer1 none null localIn this example I return error, if bridge does not exist. If you do not return error, Docker will create network anyway.
Now, run a simple container and set the new network. Open shell of this container and type ifconfig to check networking.
$ docker run -ti -network=mynet ubuntu:14.04 bash
# root@63299e8c6c3f# ifconfig
eth0 Link encap:Ethernet HWaddr 71:22:x2:3z:5d:9c
inet addr:10.0.1.2The container takes an IP from our network plugin’s IP range.
If you check bridge interface you’ll see that veth pair is attached to the bridge.
$brctl show
bridge name bridge id STP enabled interfaces
br1 8000.dec30884df57 no veth-zXFvHb
docker0 8000.02422b5e9ca3 noIn this stage, mydriver plugin creates a veth pair and sets one of them to the host’s bridge, and other one to the container.
So, we are all set up to communicate with our container!
Test connection from host to container
$ ping 10.0.1.2
PING 10.0.1.2 (10.0.1.2) 56(84) bytes of data.
64 bytes from 10.0.1.2: icmp_seq=1 ttl=64 time=0.068 ms
64 bytes from 10.0.1.2: icmp_seq=2 ttl=64 time=0.056 msYou can reach to the container from host but another container that created with Docker default networking, cannot reach this container.
This driver plugin creates isolated networks. You might want to create isolated containers.
You can edit my example, or create your own driver from scratch.
Happy Dockering!
