安装OVS 2.5.1
Install the requisite packages.
#yum -y install make gcc openssl-devel autoconf automake rpm-build redhat-rpm-config python-devel openssl-devel kernel-devel kernel-debug-devel libtool wget
Necessary steps for building RPM
#mkdir -p ~/rpmbuild/SOURCES
#wget http://openvswitch.org/releases/openvswitch-2.5.1.tar.gz
#cp openvswitch-2.5.1.tar.gz ~/rpmbuild/SOURCES/
#tar xfz openvswitch-2.5.1.tar.gz
#sed 's/openvswitch-kmod, //g' openvswitch-2.5.1/rhel/openvswitch.spec > openvswitch-2.5.1/rhel/openvswitch_no_kmod.spec
Build the RPM
#rpmbuild -bb --nocheck ~/openvswitch-2.5.1/rhel/openvswitch_no_kmod.spec
Install the RPM
#ls -l ~/rpmbuild/RPMS/x86_64/
#yum localinstall ~/rpmbuild/RPMS/x86_64/openvswitch-2.5.1-1.x86_64.rpm
Start the OVS service and enable it for the next boot
#systemctl start openvswitch.service
#chkconfig openvswitch on
创建br,添加端口
vs-vsctl add-br br0
ip link set br0 up
运行两个不加载网络的docker
docker run -d --name box1 --privileged=true --network none ubuntu:latest
docker run -d --name box2 --privileged=true --network none ubuntu:latest
容器关联网桥br0,设置ip
./ovs-docker add-port br0 eth0 box1 --ipaddress=10.0.0.2/24 --gateway=10.0.0.1
./ovs-docker add-port br0 eth0 box2 --ipaddress=10.0.0.3/24 --gateway=10.0.0.1
设置br0地址为网关地址
ip addr add 10.0.0.1/24 dev br0
进入容器ping验证
docker exec -it box2 /bin/sh
ip a
ping 10.0.0.2
ping 10.0.0.1
ping 192.168.220.105
配置SNAT、DNAT, ens33 192.168.220.105是docker的宿主机网卡
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j SNAT --to-source 192.168.220.105 # 通过网卡地址做snat
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o ens33 -j MASQUERADE # 通过网卡id做snat
iptables -t nat -A PREROUTING -i ens33 -p tcp --dport 8000 -j DNAT --to-destination 10.0.0.2:8000 # dnat
容器可以通过宿主机网卡访问外网,容器里面启一个http server也可以从外网通过访问宿主机ip地址来访问。
参考
- http://supercomputing.caltech.edu/blog/index.php/2016/05/03/open-vswitch-installation-on-centos-7-2/
- https://github.com/openvswitch/ovs-issues/issues/110
- https://blog.csdn.net/wylfengyujiancheng/article/details/50238999
3538
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
