Upload
james-jong-seog-ahn
View
233
Download
2
Embed Size (px)
Citation preview
(Docker) (v0.5)
Mar. 2017
NAIM Networks, [email protected]
2Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
3Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
4Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
5Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
6Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
7Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
8Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
9Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
10Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
11Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
12Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
13Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
14Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
15Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
16Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
17Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
18Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
19Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
20Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
21Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
docker 0
22Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
Port 8080
Ping 8.8.8.8
23Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
24Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
25Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
26Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
27Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
28Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
29Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
30Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
31Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
32Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
33Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
34Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
35Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
36Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
37Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
38Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
39Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
40Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
41Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
42Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
43Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
44Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
45Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
46Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
47Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
48Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
49Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
50Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
51Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
52Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
53Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
# macvlan$ docker network create -d macvlan \
--subnet=192.168.0.0/16 \—-ip-range=192.168.41.0/24 \--aux-address="favorite_ip_ever=192.168.41.2" \--gateway=192.168.41.1 \-o parent=eth0.41 macnet41
# , aux
# macvlan$ docker run --net=macnet41 -it --rm alpine /bin/sh
# (Docker Host) Frontend / Backend / Credit Card parent
, VLAN ID .
54Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
55Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
56Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
57Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
58Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
59Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
60Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
61Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
62Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
63Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
64Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
65Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
66Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
67Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
68Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
69Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
70Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
71Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
72Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
73Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
74Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
75Copyright ⓒ 2015 by NAIM Networks, Inc. All rights reserved.
76Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
77Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
78Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
79Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
80Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
81Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
82Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
83Copyright ⓒ 2016 by NAIM Networks, Inc. All rights reserved.
84Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
85Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
86Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
87Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
88Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
89Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
90Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
91Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
# ovs-vsctl add-br br0
# ovs-vsctl add-port br0 ovsbr0p1 -- set interface ovsbr0p1 type=internal
# ifconfig ovsbr0p1 192.168.50.1 netmask 255.255.255.0 up
# iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -j MASQUERADE
# ovs-vsctl add-br br0
# ovs-vsctl add-port br0 ovsbr0p1 -- set interface ovsbr0p1 type=internal
# ifconfig ovsbr0p1 192.168.50.1 netmask 255.255.255.0 up
# iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -j MASQUERADE
# docker run --name=c1 --net=none -d -i -t base /bin/bash# docker run --name=c1 --net=none -d -i -t base /bin/bash
92Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
# pid=`docker inspect --format '{{ .State.Pid }}' $1`
# ln -s /proc/$pid/ns/net /var/run/netns/c1
# pid=`docker inspect --format '{{ .State.Pid }}' $1`
# ln -s /proc/$pid/ns/net /var/run/netns/c1
# ip netns exec c1 ip link set dev peertapc1 name eth0
# ip netns exec c1 ip link set eth0 up
# ip netns exec c1 ip addr add 172.27.0.2/24 dev eth0
# ip netns exec c1 ip route add default via 172.27.0.1
# ip netns exec c1 ip link set dev peertapc1 name eth0
# ip netns exec c1 ip link set eth0 up
# ip netns exec c1 ip addr add 172.27.0.2/24 dev eth0
# ip netns exec c1 ip route add default via 172.27.0.1
# ip link add tapc1 type veth peer name peertapc1
# ip link set peertapc1 netns c1
# ip link add tapc1 type veth peer name peertapc1
# ip link set peertapc1 netns c1
# ifconfig tapc1 up
# ovs-vsctl add-port br0 tapc1
# ifconfig tapc1 up
# ovs-vsctl add-port br0 tapc1
93Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
94Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
95Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
96Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
ovs-vsctl add-br tech-br
ovs-vsctl add-port tech-brtep0 -- set interface tep0
type=internalovs-vsctl add-port sdn-br0 gre0 --
set interface gre0 type=greoptions:remote_ip:1.1.1.1
pipework sdn-br0 $container_id192.168.0.3/24
ovs-vsctl add-br sdn-br0
1.1.1.1/24 2.2.2.2/24
192.168.1.2/24
192.168.0.3/24192.168.0.2/24192.168.0.1/24 192.168.0.4/24
ifconfig tep0 192.168.1.1 netmask 255.255.255.0
pipework sdn-br0 $container_id192.168.0.4/24
192.168.1.1/24
ovs-vsctl set bridge sdn-br0 stp_enable=true
GRE /
97Copyright ⓒ 2017 by NAIM Networks, Inc. All rights reserved.
Copyright ⓒ 2015 by NAIM Networks, Inc. All rights reserved.
[email protected]+82-2-552-05555th Floor, Anam BLDG616 Yeondongdaero, Kanamgu, Seoul, Republic of Korea