2

I'm running ubuntu desktop in a virtual box (my host is mac), and inside this virtual machine I'm experimenting with macvlan docker network driver with docker-compose.

Here's my docker-compose.yml file:

version: '3.7'
services:
  trader:
    build: ./
    image: giuliotrader
    container_name: giuliotrader
    networks: 
      trading:
        ipv4_address: 172.16.86.33
    depends_on: 
      - tws  

  tws:
    build: ./ib-docker
    image: ibconnect
    container_name: ibconnect
    ports:
      - "4001:4001"
      - "4003:4003"
      - "5901:5901"
    volumes:
      - ./ib-docker/config.ini:/root/ibc/config.ini
      - ./ib-docker/gatewaystart.sh:/opt/ibc/gatewaystart.sh
    networks: 
      trading:
        ipv4_address: 172.16.86.22

networks: 
  trading: 
    driver: macvlan
    driver_opts:
      parent: enp0s3.10
    ipam:
      config:
        - subnet: 172.16.86.0/24
          #gateway: 172.16.86.1

I'm having troubles with these two containers to access the internet.

I can access the machines via docker exec -it ibconnect /bin/bash, but there's no way they can access the network, if I apt-get install iputils-ping I get: 

   Temporary failure resolving 'archive.ubuntu.com'

and if I nc -l 5047 on one container and nc 172.16.86.22 5047 on the other I get Connection refused.

If I uncomment the last line (gateway) docker-compose reports an error: 

ERROR: The Compose file './docker-compose.yml' is invalid because:
networks.trading.ipam.config value Additional properties are not allowed ('gateway' was unexpected),

I'm not sure what I'm missing in the configuration for configuring the gateway. How can I properly configure the network in this setup? I couldn't find any decent documentation.

Thanks,

Don Giulio
  • 2,946
  • 3
  • 43
  • 82
  • Is there a good reason to have this network setup? normally containers run within the docker network and there is no need to interfere with that at this level. – Mihai Apr 02 '19 at 13:06
  • I'm having strange behavior on the IBGateway server that runs on the ibconnect container, which I'm not having when this runs on a normal container and the client straight on the host, so I'm guessing that the problem might depend on docker's `bridge` and I'm trying to get the two containers a mac address and proper use of eth interfaces – Don Giulio Apr 02 '19 at 13:11
  • https://github.com/blampe/IbPy/issues/57 I summarized the problem here, but that repo seems unattended – Don Giulio Apr 02 '19 at 13:14
  • A valid question applicable to all macvlan via docker-compose cases. No answers =) I'll post one here when I find a solution. – Maxim V. Pavlov Oct 01 '19 at 19:25

3 Answers3

0

I hit the same problem with MacBook Pro. And the reason is probably a macvlan sub-interfaces were be blocked by wireless interface. When I connect LAN cable to the computer, and change VM's network adapter from en0: WiFi to enX: USB 10/100/1000 LAN, everything starts to work as expected.

The other solution is using ipvlan instead of macvlan.

My Setup:

  • G: 172.16.1.1/16 - Gateway(Physical)
  • M: 172.16.1.20/16 - Macbook Pro, [en0: Wifi(Physical), en7:LAN (Phsical)]
  • V: 172.16.1.180/16 - Virtualbox + Ubuntu Server 20.04 [enp0s3 (Virtual)]
  • C1: 172.16.180.53/16 - Docker container in home_macvlan
  • C2: 172.16.180.80/16 - Docker container in home_macvlan

What NOT works

1- Set VM's network adapter en0:WiFi as Bridged Adapter, create macvlan using docker in V

Status:
M <-> V [OK]
C1 <-> C2 [OK]
V <-> C1 [NOK] (As expected)
M <-> C1 [NOK] (The issue)
C1 <-> G [NOK] (The issue)

What works

1- Using ipvlan instead of macvlan

  • Set VM's network adapter en0:WiFi as Bridged Adapter
  • create ipvlan using docker in V

The command that I run to create ipvlan:

docker network create -d ipvlan \
  --subnet 172.16.0.0/16 \
  -o ipvlan_mode=l2 -o parent=enp0s3 home_ipvlan

And then run the Docker container:

docker run \
  --net=home_ipvlan \
  --ip=172.16.180.53 \
  --name=C1
  <image name>

2- Using macvlan on non 802.11 interface

  • Set VM's network adapter enX: USB 10/100/1000 LAN(Or other non 802.11 interface) as Bridged Adapter
  • In advanced section select PCnet-Fast III (Am79C973) as Adapter Type
  • In advanced section set promicious mode to "Allow All"

Command to create macvlan

docker network create -d macvlan \
  --subnet 172.16.0.0/16 \
  --ip-range 172.16.180.0/24 \
  --gateway 172.16.1.1 \
  -o parent=enp0s3 home_macvlan

Command to run container:

docker run \
  --net=home_macvlan \
  --ip=172.16.180.53 \
  --name=C1
  <image name>

Related answer: https://stackoverflow.com/a/56918457/860189
More info: https://hicu.be/macvlan-vs-ipvlan

Tolga Okur
  • 6,753
  • 2
  • 20
  • 19
0
networks: 
  16-254: 
    driver: macvlan
    driver_opts:
      parent: ens192
      macvlan_mode: bridge
    ipam:
      config:
        - subnet: 172.16.16.0/24
          gateway: 172.16.16.254
Alan Sun
  • 1
  • Remember that Stack Overflow isn't just intended to solve the immediate problem, but also to help future readers find solutions to similar problems, which requires understanding the underlying code. This is especially important for members of our community who are beginners, and not familiar with the syntax. Given that, **can you [edit] your answer to include an explanation of what you're doing** and why you believe it is the best approach? – Tyler2P Dec 29 '22 at 18:41
-1
networks:
bridge:
     driver: macvlan
     driver_opts:
         com.docker.network.enable_ipv4: "true"
         parent: mac0
     ipam:
         config:
             - subnet: xxx.xxx.xxx.xxx/xx
               ip-range: xxx.xxx.xxx.xxx/xx
               gateway: xxx.xxx.xxx.xxx

In the docke-host

ip link add mac0 link vmbr0 type macvlan mode bridge
user3081809
  • 107
  • 13