Connecting Containers to Virtual Networks
With the implementation of
veth
virtual adapters allowing Containers to function as full participants on the network, it has become possible to include Containers in a wide range of network configurations the most common of which are Ethernet networks and VLANs (virtual local area networks). The process of connecting
veth
virtual network adapters to an Ethernet network or to a VLAN is carried out using certain physical and VLAN adapters, respectively, available on the server and involves completing the following tasks:
-
Creating a virtual network that will act as an intermediary between the
veth
adapters and the physical/VLAN adapter.
-
Connecting the
veth
virtual adapter you want to include in an Ethernet network/VLAN to the virtual network.
-
Joining the virtual network where the
veth
virtual adapters are included to the corresponding physical/VLAN adapter.
After completing these tasks, the Container virtual network adapters will be able to communicate with any computer on the network (either Ethernet or VLAN) where they are included and have no direct access to the computers joined to other networks.
The process of creating new virtual networks and joining physical and VLAN adapters to them is described in the
Creating a Virtual Network
and
Connecting Virtual Networks to Adapters
sections, respectively. In the example below we assume the following:
-
The
eth0
physical adapter and the
psbmnet1
virtual network exist on the server.
-
The
eth0
physical adapter is connected to the local Ethernet network and to the
psbmnet1
virtual network.
-
You want to connect Container 101 and Container 102 to the local Ethernet network.
To join Container 101 and 102 to the local Ethernet network behind the
eth0
adapter, you need connect these Containers to the
psbmnet1
virtual network. To do this:
-
Find out the name of the
veth
Ethernet interfaces in Container 101 and 102:
# vzlist -a -o ctid,ifname
CTID IFNAME
101 eth1
102 eth0
103 -
The command output shows that the
veth
Ethernet interfaces in Container 101 and 102 have the names of
eth1
and
eth0
, respectively.
Note:
To add a
veth
adapter to a virtual network, you must use the name of its Ethernet interface in the Container.
-
Join the
veth
adapters to the
psbmnet1
virtual network:
-
Add the
veth
adapter of Container 101 to the virtual network:
# pctl set 101 --ifname eth1 --network psbmnet1 --save
Saved parameters for Container 101
-
Add the
veth
adapter of Container 102 to the virtual network:
# pctl set 102 --ifname eth0 --network psbmnet1 --save
Saved parameters for Container 102
After completing these tasks, Container 101 and Container 102 will be able to access any of the servers in the network where the
eth0
physical adapter is connected.
At any time, you can disconnect the
veth
virtual network adapters of Container 101 and 102 from the
psbmnet1
virtual network by executing the following commands:
-
To disconnect the
veth
adapter of Container 101 from the virtual network:
# pctl set 101 --ifname eth1 --network "" --save
Saved parameters for Container 101
-
To disconnect the
veth
adapter of Container 102 from the virtual network:
# pctl set 102 --ifname eth1 --network "" --save
Saved parameters for Container 102
|