docker容器桥接到ovs并划分vlan

##1. ovs安装

参见 https://my.oschina.net/u/1791060/blog/689939

##2.docker及pipework安装

参见 https://my.oschina.net/u/1791060/blog/826166

##3.使用ovs替代linux bridge

####网络信息如下

网络： 192.168.75.1/24   网关： 192.168.75.1

docker1 centos7  192.168.75.200

docker2 centos7  192.168.75.201

####配置ovs bridge 并删除原来的linux bridge

# ovs-vsctl add-br ovsbr0

# cd /etc/sysconfig/network-scripts/

# vi ifcfg-enp0s3

TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s3
UUID=a6d8d29d-8df1-43f2-b1ff-cb7e670af704
DEVICE=enp0s3
ONBOOT=yes
BRIDGE=ovsbr0    #添加如下行

####重启网络并将ip配置到ovs网桥

# (service network restart;ifcfg ovsbr0 add 192.168.75.200/24;ovs-vsctl add-port ovsbr0 enp0s3)

##4.pipework将容器网络桥接到ovs上并划分vlan

####docker1上启动2个docker

# pipework ovsbr0 `docker run -itd --name=d1v100 --net=none centos /bin/bash` 192.168.75.203/24@192.168.75.1 @100

# pipework ovsbr0 `docker run -itd --name=d1v101 --net=none centos /bin/bash` 192.168.75.204/24@192.168.75.1 @101

####docker2上启动2个docker

# pipework ovsbr0 `docker run -itd --name=d2v100 --net=none centos /bin/bash` 192.168.75.205/24@192.168.75.1 @100

# pipework ovsbr0 `docker run -itd --name=d2v101 --net=none centos /bin/bash` 192.168.75.206/24@192.168.75.1 @101

##测试

####从d1v101上ping d2v100及d2v101

[root@f5629f83731c /]# ping 192.168.75.206
PING 192.168.75.206 (192.168.75.206) 56(84) bytes of data.
64 bytes from 192.168.75.206: icmp_seq=1 ttl=64 time=0.409 ms
64 bytes from 192.168.75.206: icmp_seq=2 ttl=64 time=0.451 ms
^C
--- 192.168.75.206 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.409/0.430/0.451/0.021 ms
[root@f5629f83731c /]# ping 192.168.75.1
PING 192.168.75.1 (192.168.75.1) 56(84) bytes of data.
From 192.168.75.204 icmp_seq=1 Destination Host Unreachable
From 192.168.75.204 icmp_seq=2 Destination Host Unreachable
From 192.168.75.204 icmp_seq=3 Destination Host Unreachable
From 192.168.75.204 icmp_seq=4 Destination Host Unreachable
^C
--- 192.168.75.1 ping statistics ---
6 packets transmitted, 0 received, +4 errors, 100% packet loss, time 5001ms
pipe 4

docker1的ovs状态

# ovs-vsctl show

dd5f8481-1559-4bab-96e5-8914afc0faab
Bridge "ovsbr0"
Port "ovsbr0"
Interface "ovsbr0"
type: internal
Port "veth1pl11086"
tag: 101
Interface "veth1pl11086"
Port "enp0s3"
Interface "enp0s3"
Port "veth1pl10975"
tag: 100
Interface "veth1pl10975"
ovs_version: "2.5.0"

docker2的ovs状态

# ovs-vsctl show

04788e7c-ae5f-4ca9-b16c-3e7221f299a8
Bridge "ovsbr0"
Port "veth1pl26931"
tag: 101
Interface "veth1pl26931"
Port "enp0s3"
Interface "enp0s3"
Port "ovsbr0"
Interface "ovsbr0"
type: internal
Port "veth1pl26815"
tag: 100
Interface "veth1pl26815"
ovs_version: "2.5.0"