Docker Series 5: network Namespace Management 01/18 Update SLTechnology News&Howtos

Docker Series 5: network Namespace Management

2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/03 Report--

1. Introduction of ip command

The ip command is a program of iproute software.

[root@host1 ~] # yum install iproute- y [root@host1 ~] # rpm-Q iprouteiproute-4.11.0-25.el7_7.2.x86_64

Network namespaces can be managed through ip

[root@host1 ~] # ipUsage: ip [OPTIONS] OBJECT {COMMAND | help} ip [- force]-batch filenamewhere OBJECT: = {link | address | addrlabel | route | rule | neigh | tunnel | tuntap | mroute | mrule | monitor | xfrm | netns | l2tp | fou macsec | tcp_metrics | token | netconf | ila | vrf} OPTIONS: = {- V [ersion] |-s [tatistics] |-d [etails] |-r [esolve] |-h [uman-readable] |-iec |-f [amily] {inet | inet6 | ipx | mpls | bridge | link} |-4 |-6 |-D |-B |-0 |-l [oops] {maximum-addr-flush-attempts} |-br [ief] |-o [neline] |-t [imestamp] |-ts [hort] |-b [atch] [filename] |-rc [vbuf] [size] |-n [etns] name |-a [ll] |-c [olor]}

Netns in OBJECT can be used to set network namespaces

The help for using netns is as follows

[root@host1] # ip netns helpUsage: ip netns list ip netns add NAME ip netns set NAME NETNSID ip [- all] netns delete [NAME] ip netns identify [PID] ip netns pids NAME ip [- all] netns exec [NAME] cmd.. Ip netns monitor ip netns list-id

Second, the use of the ip command

Create two namespaces and check

[root@host1] # ip netns add R1 [root@host1] # ip netns add R2 [root@host1] # ip netns listr2r1

Check how many network cards are in the network namespace

In fact, to execute the ip addr command in the network namespace, you need to add the option-a

Exec is used to execute commands in the network namespace

[root@host1 ~] # ip netns exec R1 ip addr1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 00 link/loopback 0000 brd 00000000000000000000000000000000000000000000000000000000000000000000

Create a pair of network cards

The command used is ip link

[root@host1 ~] # ip link helpUsage: ip link add [link DEV] [name] NAME [txqueuelen PACKETS] [address LLADDR] [broadcast LLADDR] [mtu MTU] [index IDX] [numtxqueues QUEUE_COUNT] [numrxqueues QUEUE_COUNT] type TYPE [ARGS]

Create a pair of network cards with veth2.1 and veth2.2 at both ends

[root@host1 ~] # ip link add name veth2.1 type veth peer name veth2.2 [root@host1 ~] # ip link show | grep veth2.*7: veth2.2@veth2.1: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 10008: veth2.1@veth2.2: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000

Type veth: specifies that a virtual Ethernet card is created

Assign a virtual network card to the namespace

The command used is ip link set

Once a virtual network card is assigned to a namespace, the network card will not be seen in the physical machine

Keep veth2.1 on the physical machine and assign veth2.2 to R1 namespace

[root@host1 ~] # ip link set veth2.2 netns R1 [root@host1 ~] # ip netns exec R1 ip addr1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 0000VlV 000000Rd 0000brd 0000VOL0000VOUL00007: veth2.2@if8: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 4e:f2:68:33:47:a1 brd ff:ff:ff:ff:ff:ff link-netnsid 0 [root @ host1 ~] # ip link show | grep veth2.*8: veth2.1@if7: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000

You can also modify the name of the virtual network card, such as renaming veth2.2 in R1 to eth0

[root@host1 ~] # ip netns exec R1 ip link set dev veth2.2 name eth0 [root@host1 ~] # ip netns exec R1 ip addr1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 000000 link/ether 4e:f2:68:33:47:a1 brd ff:ff:ff:ff:ff:ff link-netnsid 00000000 brd 0000000000000000: eth0@if8: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 4e:f2:68:33:47:a1 brd ff:ff:ff:ff:ff:ff link-netnsid 0

Set the veth2.1 address to 10.0.0.1ax 8, and the eth0 address in R1 to 10.0.0.2bin8

[root@host1 ~] # ip addr add 10.0.0.1 link/ether 1e:62:af:a2:bc:6d brd ff:ff:ff:ff:ff:ff link-netnsid 8 dev veth2.1 [root@host1 ~] # ip netns exec R1 ip addr add 10.0.0.2 root@host1 8 dev eth0 [root@host1 ~] # ip addr show veth2.18: veth2.1@if7: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 1e:62:af:a2:bc:6d brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet 10.0.0.1 / 8 scope global veth2.1 valid_lft forever preferred_lft forever [root@host1 ~] # ip netns exec R1 ip addr show eth07: eth0@if8: mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 4e:f2:68:33:47:a1 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 10.0.0.2On8 scope global eth0 valid_lft forever preferred_lft forever

At this time, both NICs are in down status. The solution is as follows

[root@host1 ~] # ip link set veth2.1 up [root@host1 ~] # ip netns exec R1 ip link set eth0 up

You can also put veth2.1 into another namespace so that the two namespaces can communicate

[root@host1 ~] # ip link set veth2.1 netns R2 [root@host1 ~] # ip netns exec R2 ip link set veth2.1 up

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.