MACvLan problems

jtschoche · March 31, 2020, 6:23am

Hello,

I try to setup a server with photon OS.
My goal is to setup the containers with a own static ip address in there own network subnet (public not internal subnet on the machine)

For the Containers I created a subnet with following specs:

172.25.30.0 - 172.24.31.254
Subnet Mask: 255.255.254.0/23

Router: 172.25.30.1
Reserved IPs: 172.25.30.0 - .20
PhotonOS: 172.25.30.10 (inside the network)

So i created a config template:

docker network create
–config-only
–subnet=172.25.30.0/23
–ip-range=172.25.30.21/23
–gateway=172.25.30.1
–aux-address=“core-switch1=172.25.30.2”
–aux-address=“core-switch2=172.25.30.3”
–aux-address=“core-switch3=172.25.30.4”
–aux-address=“core-switch4=172.25.30.5”
–aux-address=“core-switch5=172.25.30.6”
–aux-address=“core-switch6=172.25.30.7”
–aux-address=“core-switch7=172.25.30.8”
docker-network-config

And the network:
docker network create --attachable -d bridge --scope=swarm --config-from docker-network-config docker-network

After that i created a testcontainer with
docker run -it --rm --net=docker-network --ip=172.25.30.31 alpine /bin/sh

So i test the ip address inside with ip a
it showed the 172.25.30.11 (not my static ip)

A ping from server and from a other host to the container both fails - the ip is not available.

Why that? Can somebody help my? What is wrong?

meyay · March 31, 2020, 4:58pm

Afaik, the bridge driver does not establish multi node communication.
You will need the overlay driver to have establish multi node communication.

jtschoche · April 1, 2020, 9:14am

With macvlan overlay?

docker network create --attachable -d overlay --scope=swarm --config-from docker-network-config docker-network

I tried it now with:
docker network create --attachable -d macvlan --scope=swarm --config-from docker-network-config docker-network

Nothing changed - the promiscuous mode is also enabled in vsphere for the virtual switch.

meyay · April 1, 2020, 8:08pm

Even though the thread title includes MACvLan, your initial post does not mention it at all. Whatever you tried, it was not creating a swarm aware macvlan network (though it would explain why you first create a config template and use it to create a final network, which kind of didn’t make sense with bridged network).

If you follow Docker 17.06 Swarm Mode: Now with built-in MacVLAN & Node-Local Networks support – Collabnix, you should be able sort out your problem.

Does the router 172.25.30.1 exist outside of docker?

jtschoche · April 2, 2020, 5:56am

Yes, I follow it. Sorry i saw my issuse - but with the -d macvlan driver, it dosen’t work too. When i create two containers then i can ping the other container, but not from a other non-docker host. Yes the router exist outside docker.

The network is created in vsphere and the router configured - the docker hosts network adapter is assigned to this network.