堆栈内存溢出
  简体   繁体   English

使用Macvlan驱动程序时如何从同一网络上的不同主机访问容器

[英]How to access container from different host on same network when using macvlan driver

 原文  2018-11-02 16:29:32       docker/ docker-networking

问题描述

I've created my macvlan network as follows: 我创建了如下的macvlan网络: 

docker network create -d macvlan -o parent=eth0 \
--subnet 192.168.1.0/24 \
--gateway 192.168.1.1 \
--ip-range 192.168.1.192/27 \
--aux-address 'host=192.168.1.223' \
 mynet

I run my container as follows: 我按以下方式运行容器: 

docker run --name nginx -d --net mynet nginx

The container's IP is 192.168.1.192 容器的IP为192.168.1.192

I have two hosts that can ping each other both ways: 我有两个可以互相ping通的主机:

Host A: 192.168.1.98 (where Docker engine is running) 主机A:192.168.1.98(运行Docker引擎的地方)

Host B: 192.168.1.6 主机B:192.168.1.6

Because macvlan by definition doesn't allow host-to-container communication, I have created a sub-interface as follows to allow this communication: 由于macvlan按照定义不允许主机到容器的通信,因此我创建了一个如下所示的子接口来允许这种通信: 

ip link add mynet-shim link eth0 type macvlan  mode bridge

ip addr add 192.168.1.223/32 dev mynet-shim

ip link set mynet-shim up

ip route add 192.168.1.192/27 dev mynet-shim

I'm able to access the container from host A as when I run: 我可以在运行时从主机A访问容器:

curl 192.168.1.192:80 , I receive the nginx default html curl 192.168.1.192:80 ,我收到nginx默认html

I'm also able to ping the container from host A. 我还能够从主机A ping容器。

When I run docker logs nginx , it says: 当我运行docker logs nginx ,它说:

192.168.1.223 - - [02/Nov/2018:16:19:32 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

So it is working with the mynet-shim sub-interface. 因此,它正在使用mynet-shim子接口。

However, I'm unable to access the container from host B as both the curl and ping commands to the container fail from host B, even though it's in the same subnet as host A and the container 但是,我无法从主机B访问容器,因为从主机B到容器的curlping命令都失败了,即使它与主机A和容器位于同一子网中

Is there any additional configuration that I may have missed on host B? 我可能在主机B上错过了其他配置吗?

1 个解决方案

解决方案1
 0 已采纳  2018-11-12 12:38:29

The issue was VMWare's network settings. 问题是VMWare的网络设置。

On VMWare ESXi 6.5 (client version 1.2.3): 在VMWare ESXi 6.5(客户端版本1.2.3)上:

  1. Click "Networking" on the left hand pane 点击左侧窗格中的“网络”
  2. Click "Security" 点击“安全性”
  3. Choose "Accept" for "Promiscuous mode", "MAC address changes" and "Forged transmits" 为“混杂模式”,“ MAC地址更改”和“伪造的传输”选择“接受”
  4. Save

After this, I was able to access the container from a different host on the same network (ie Host B) 之后,我能够从同一网络上的其他主机(即主机B)访问该容器

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我如何使用macvlan网络从外部主机ping本地docker容器? - How can i ping a local docker container from an outside host using macvlan network? 无法通过 macvlan 网络从主机访问 docker 容器 - Unable to access docker containers from host over macvlan network Docker-compose:如何使用相同的网络地址从容器和主机访问 Localstack 资源 - Docker-compose: How to access Localstack resources both from container and host, using same network address Docker容器无法使用macvlan网络驱动程序访问或ping WAN - Docker container can't reach or ping WAN using macvlan network driver 使用 macvlan 的 docker 容器的网络路由 - Network routing for docker container using macvlan 容器内的 Docker Macvlan 网络无法连接到自己的主机 - Docker Macvlan network inside container is not reaching to its own host 从主机访问 VM 上不同网络中的 NGINX 容器 - Access NGINX container in a different network on VM from host machine 具有MACVLAN网络的Docker Swarm容器获得了错误的网关-无法访问互联网 - Docker Swarm container with MACVLAN network gets wrong gateway - no internet access 如何从主机外部(同一网络)连接到 docker 容器 [Windows] - How to connect to a docker container from outside the host (same network) [Windows] 使用network_mode时如何访问在容器中运行的网站:主机 - How to access a website running in a container when you´re using network_mode: host
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM