Docker容器在Macvlan网络中丢失数据包

Question

I'm trying to dockerize a project including python server that needs to communicate with several devices on local network. For that i'm using a user-defined macvlan network. Project also includes postgresql database and web application which communicate over default overlay network.

I created macvlan network using commands below:

    docker network create --config-only --subnet 10.10.10.0/24 --gateway 10.10.10.1 -o parent=eth0 macvlan_conf
    docker network create --config-from macvlan_conf --scope swarm -d macvlan public

Then I deployed our project using this .yml file

version: '3'

services:

  db:
    image: db_image
    environment:
      POSTGRES_PASSWORD: postgres
      POSTGRES_USER: postgres
      POSTGRES_DB: mt
    networks:
      - default
    ports:
      - 9432:5432

  mtwa:
    image: mtwa_image
    networks:
      - default
    ports:
      - 9090:8090

  mtrest:
    image: mtrest_image
    networks:
      - default
    ports:
      - 9091:8091

  mtss:
    image: mtss_image
    networks:
      - default
      - public
    ports:
      - 55555:55555

  nginx:
    image: nginx_image
    networks:
      - default
    ports:
      - 9080:80

networks:
  public:
    external:
       name: public

Problem is that from the container with python server (mtss) I have extreme packet loss (over 90%) when I try to ping any device on the local network.

The rest of communication between other containers or between devices on the local network is just fine.

Wierdest part is that if i restart the container with python server:

docker restart <Container ID>

Docker stops one container but then it starts two copies of python server where one of them still has poor connection but the second one works flawlessly.

I'm working on machine with Ubuntu 16.04 and Docker version 18.05.0-ce

Any ideas what could cause the problem?

Answer 1

Ok, so I found out that the problem was a conflict in IP addresses. Services in swarm mode connected to macvlan aren't able to use DHCP neither thay can be assigned a static IP address ( https://forums.docker.com/t/docker-swarm-1-13-static-ips-for-containers/28060/4 )

So I wrote a bash script that starts containers individually. Everything works now but i lost the extra functionality of swarm mode.

Hope this saves time to everyone facing similar problems.

Answer 2

That's how i solved the issue (Docker-CE 18.06). I have 3 manager nodes: host1 , host2 and host3

I created different config-only network at each node

host1 :

$ docker network create --opt parent=ens18 --subnet=10.19.10.0/23 --gateway=10.19.11.1 --ip-range=19.19.10.0/29 --config-only macvlan_conf

host2 :

$ docker network create --opt parent=ens18 --subnet=10.19.10.0/23 --gateway=10.19.11.1 --ip-range=19.19.10.8/29 --config-only macvlan_conf

host3 :

$ docker network create --opt parent=ens18 --subnet=10.19.10.0/23 --gateway=10.19.11.1 --ip-range=19.19.10.16/29 --config-only macvlan_conf

Then I created a swarm-scope network at host1:

$ docker network create --config-from=macvlan_conf --driver=macvlan --scope=swarm macvlan_net

So now docker IPAM driver isn't confused by the same ip-range on three nodes:

host2 | SUCCESS | rc=0 >>
d78f4fba4fcc
                    "IPAddress": "10.19.10.8",

host3 | SUCCESS | rc=0 >>
9ee40555f1c8
                    "IPAddress": "10.19.10.16",

host1 | SUCCESS | rc=0 >>
be76266d7180
                    "IPAddress": "10.19.10.2",
1052f0a8de1e
                    "IPAddress": "10.19.10.1",