You need to connect container0 to VLAN 10 and container2 to VLAN 20.
#DOCKER NETWORK CONFIG HOW TO#
… else I’m sure you know how to configure it on your router. Switch(config-if)# switchport trunk native vlan 1 Switch(config)# interface fastEthernet0/0 …or Cisco Layer 3 Switch… switch# configure terminal Router(config-subif)# encapsulation dot1Q 20
Router(config)# interface fastEthernet 0/0.20 Router(config-subif)# encapsulation dot1Q 10 Router(config)# interface fastEthernet 0/0.10 Here’s the configuration if you happen to have a Cisco IOS router… router(config)# interface fastEthernet 0/0 Connection between the router and the Docker host is configured as 802.1Q trunk on the router with VLAN 10 and VLAN 20.Ĭonfigure VLAN 10 and VLAN 20 on your router.
You have a Docker host with a single eth0 interface connected to a router. Multiple macvlans with VLANs configuration You can map each Docker host interface to a macvlan network, thus extending the Layer 2 domain from the VLAN into the macvlan network. This aligns perfectly with the Linux implementation of VLANs, where each VLAN on a 802.1Q trunk connection is terminated on a sub-interface of the physical interface. Fortunately, a Docker host sub-interface can serve as a parent interface for the macvlan network. One macvlan, one Layer 2 domain and one subnet per physical interface, however, is a rather serious limitation in a modern virtualization solution. In practice, there is no difference between exposing a port at runtime or exposing it via an instruction in the Dockerfile.If you have read my introduction to macvlans and tried the basic macvlan bridge mode network configuration you are aware that a single Docker host network interface can serve as a parent interface to one macvlan or ipvlan network only. Essentially, EXPOSE or -expose is just metadata that provides information to be used by another command, or to inform choices made by the container operator.
Used in conjunction with the -P flag, which I'll get to a bit later in this article, this strategy for documenting ports via the EXPOSE command can be very useful. It is up to the operator of the container to specify further networking rules. Given the limitation of the EXPOSE instruction, a Dockerfile author will often include an EXPOSE rule only as a hint to which ports will provide services. However, neither EXPOSE nor -expose depend on the host in any way these rules don't make ports accessible from the host by default. These are equivalent commands, though -expose will accept a range of ports as an argument, such as -expose=2000-3000. You can expose a port in two ways: either in the Dockerfile with the EXPOSE instruction, or in the docker run string with -expose=1234.