5.4.2.3. Connecting Containers to Virtual Networks

With the implementation of veth virtual adapters allowing containers to function as full participants on the network, it has become possible to include containers in a wide range of network configurations the most common of which are Ethernet networks. The process of connecting veth virtual network adapters to an Ethernet network is carried out using certain physical, respectively, available on the server and involves completing the following tasks:

  1. Creating a virtual network that will act as an intermediary between the veth adapters and the physical adapter.
  2. Connecting the veth virtual adapter you want to include in an Ethernet network to the virtual network.
  3. Joining the virtual network where the veth virtual adapters are included to the corresponding physical adapter.

After completing these tasks, the container virtual network adapters will be able to communicate with any computer on the network where they are included and have no direct access to the computers joined to other networks.

For details on creating new virtual networks and joining physical adapters to them, see Section 5.4.1.1, “Creating Virtual Networks” and Section 5.4.1.5, “Connecting Virtual Networks to Adapters”, respectively. In the example below we assume the following:

  • The enp0s5 physical adapter and the network1 virtual network exist on the server.
  • The enp0s5 physical adapter is connected to the local Ethernet network and to the network1 virtual network.
  • You want to connect the container MyCT1 and the container MyCT2 to the local Ethernet network.

To join the containers MyCT1 and MyCT2 to the local Ethernet network behind the enp0s5 adapter, you need connect these containers to the network1 virtual network. To do this:

  1. Find out the name of the veth Ethernet interfaces in the containers MyCT1 and MyCT2: 

    # prlctl list -a -o ctid,netif,netdev
UUID                                     NETIF      NETDEV
{4e10b61a-c775-4611-a9b0-d4b946e820f2}   netif1     veth42ffa4e6
{eb0d3253-7e7a-486a-897f-02bfbd0e4c5b}   netif2     veth42a5246f

    The command output shows that the veth Ethernet interfaces in the containers MyCT1 and MyCT2 have the names of netif1 and netif2, respectively.

    Note

    Note: To add a veth adapter to a virtual network, you must use the name of its Ethernet interface in the container.

  2. Join the veth adapters to the network1 virtual network: 

    # prlctl set MyCT1 --ifname netif1 --network network1
# prlctl set MyCT2 --ifname netif2 --network network1

After completing these tasks, the containers MyCT1 and MyCT2 will be able to access any of the servers in the network where the enp0s5 physical adapter is connected.

At any time, you can disconnect the veth virtual network adapters of the containers MyCT1 and MyCT2 from the network1 virtual network by executing the following commands:

# prlctl set MyCT1 --ifname netif1 --network ""
# prlctl set MyCT2 --ifname netif2 --network ""
Prev  Up  Next
  Home