Docker network

Submitted by Lizhe on Wed, 05/18/2016 - 15:09

$ docker run -i -t --rm --net=none base /bin/bash

root@63f36fc01b5f:/#

 

# At another shell, learn the container process ID

# and create its namespace entry in /var/run/netns/

# for the "ip netns" command we will be using below

 

$ docker inspect -f '{{.State.Pid}}' 63f36fc01b5f

2778

$ pid=2778

$ sudo mkdir -p /var/run/netns

$ sudo ln -s /proc/$pid/ns/net /var/run/netns/$pid

 

# Check the bridge's IP address and netmask

 

$ ip addr show docker0

21: docker0: ...

inet 172.17.42.1/16 scope global docker0

...

 

# Create a pair of "peer" interfaces A and B,

# bind the A end to the bridge, and bring it up

 

$ sudo ip link add A type veth peer name B

$ sudo brctl addif docker0 A

$ sudo ip link set A up

 

# Place B inside the container's network namespace,

# rename to eth0, and activate it with a free IP

 

$ sudo ip link set B netns $pid

$ sudo ip netns exec $pid ip link set dev B name eth0

$ sudo ip netns exec $pid ip link set eth0 address 12:34:56:78:9a:bc

$ sudo ip netns exec $pid ip link set eth0 up

$ sudo ip netns exec $pid ip addr add 172.17.42.99/16 dev eth0

$ sudo ip netns exec $pid ip route add default via 172.17.42.1