このコンテンツは選択した言語では利用できません。
Chapter 28. Configuring Native Container Routing
28.1. Network Overview
The following describes a general network setup:
- 11.11.0.0/16 is the container network.
- The 11.11.x.0/24 subnet is reserved for each node and assigned to the Docker Linux bridge.
- Each node has a route to the router for reaching anything in the 11.11.0.0/16 range, except the local subnet.
- The router has routes for each node, so it can be directed to the right node.
- Existing nodes do not need any changes when new nodes are added, unless the network topology is modified.
- IP forwarding is enabled on each node.
The following diagram shows the container networking setup described in this topic. It uses one Linux node with two network interface cards serving as a router, two switches, and three nodes connected to these switches.
28.2. Configure Native Container Routing
You can set up container networking using existing switches and routers, and the kernel networking stack in Linux.
As a network administrator, you must modify, or create a script to modify, the router or routers when new nodes are added to the cluster.
You can adapt this process to use with any type of router.
28.3. Setting up a Node for Container Networking
Assign an unused 11.11.x.0/24 subnet IP address to the Linux bridge on the node:
# brctl addbr lbr0 # ip addr add 11.11.1.1/24 dev lbr0 # ip link set dev lbr0 up
Modify the Docker startup script to use the new bridge. By default, the startup script is the
/etc/sysconfig/dockerfile:# docker -d -b lbr0 --other-options
Add a route to the router for the 11.11.0.0/16 network:
# ip route add 11.11.0.0/16 via 192.168.2.2 dev p3p1
Enable IP forwarding on the node:
# sysctl -w net.ipv4.ip_forward=1
28.4. Setting up a Router for Container Networking
The following procedure assumes a Linux box with multiple NICs is used as a router. Modify the steps as required to use the syntax for a particular router:
Enable IP forwarding on the router:
# sysctl -w net.ipv4.ip_forward=1
Add a route for each node added to the cluster:
# ip route add <node_subnet> via <node_ip_address> dev <interface through which node is L2 accessible> # ip route add 11.11.1.0/24 via 192.168.2.1 dev p3p1 # ip route add 11.11.2.0/24 via 192.168.3.3 dev p3p2 # ip route add 11.11.3.0/24 via 192.168.3.4 dev p3p2
