docker libnetwork plugins...however, it comes with tools and plugins (i.e. drivers) •each driver...
TRANSCRIPT
![Page 1: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/1.jpg)
Docker LibNetwork Plugins
Explorer’s Tale
![Page 2: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/2.jpg)
Why am I here?
• I read a code …
• I re-read the code …
• I realized that the code is in GO!
• I re-re-read the code …
• Finally, I fixed the code …
• Now, I can tell a story about it!
![Page 3: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/3.jpg)
What are we going to do?
• Brainstorm
• Ask ourselves questions
• Reflect on our own
experiences
![Page 4: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/4.jpg)
What is a Driver?
“In computing, a device driver is a computer program that operates or controls a particular type of device that is attached to a computer.”
Wikipedia …
![Page 5: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/5.jpg)
Docker Network Driver
![Page 6: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/6.jpg)
What is a Plugin?
“Plugins are ways to extend and add to the functionality that already exists in Wordpress Docker.”
Wordpress Website…
![Page 7: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/7.jpg)
CNI Drivers Plugins
NETIPAM
![Page 8: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/8.jpg)
Container Networking Models
CNM CNIContainer Network Model Container Network Interface
• Multiple container runtimes
• You have friends at CoreOS
• You have relatives at Mesosphere
• You worked at Google
• Are you a “micro-manager” or a
LOTR fan?
• Docker is the only container implementation
• Drinks with Docker Sales Team next Tuesday?
• Are you a “hands-off manager”?
• You don’t care about Enterprise vs.
Community licensing?
It is a “model” when it is yours, and it is an “interface” when it is someone else's
![Page 9: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/9.jpg)
CNIContainer Networking Interface
![Page 10: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/10.jpg)
Key Facts about CNI• It is a specification. However, it comes with tools and plugins (i.e.
drivers)
• Each driver is a binary
• Plugin is synonymous to a driver
• Network definitions are stored in JSON files
• Network definitions are passed to the drivers through standard
input, `stdin`
• Drivers learn about arguments, e.g. namespace and container id,
via environment variables (or configuration file)
• Drivers create container network namespaces and connect them
to host networking
![Page 11: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/11.jpg)
Container Network Interface
Host Docker Engine
Orchestration Agent Orchestrator• K8s Master
• Nomad Server
• Mesos Master
Host Docker
Orchestration
Agent
Host Docker
Orchestration
Agent
Host Docker
Orchestration
Agent
![Page 12: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/12.jpg)
Container Network Interface
Host
Docker Engine
Worker
Master
Deploy [x] with
IP 10.10.10.10
on “mynet”
$ docker run … --net=none … --ip 10.10.10.10
![Page 13: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/13.jpg)
Container Network Interface
Master
Deploy [x] with
IP 10.10.10.10
on “mynet”
Questions:
• How does Docker know about “mynet”?
• What is “mynet”?
• Is it “10.10.10.10/24” or “10.10.10.10/16?
• Who creates it?
• Why the Master asks for 10.10.10.10?
![Page 14: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/14.jpg)
$ docker run -d -t --net=none
--name=delta1 centos /bin/bashContainer ID
$ docker inspect
-f '{{ .NetworkSettings.SandboxKey }}'Sandbox Key
$ cat /etc/cni/net.d/10-mynet.conf |
CNI_COMMAND=ADD \
CNI_CONTAINERID=<Container ID> \
CNI_NETNS=<Sandbox Key> CNI_IFNAME=eth0 \
CNI_PATH=/usr/local/sbin/cni/ /usr/local/sbin/cni/bridge
![Page 15: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/15.jpg)
Container Network Interface
• No need to synchronize network information
across Docker-enabled hosts
• “Orchestrator” is in charge
• Orchestrator performs IPAM/DHCP-like
functions, i.e. cleanup/release
• Workers use CNI network configuration files
and binaries
![Page 16: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/16.jpg)
CNMContainer Networking Model
![Page 17: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/17.jpg)
Container Network Model
Host
Docker Engine
Key-Value Store• Etcd
• Consul
• Zookeeper
Host
Docker
Host
Docker
Host
DockerLocal KV Store• libkv
![Page 18: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/18.jpg)
Key-Value Store & Docker Engine
• Must sync network information across
Docker-enabled hosts via Key-Value Store
• No “Orchestrator”
• No “Orchestration Agent”
• Must perform IPAM/DHCP-like functions
![Page 19: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/19.jpg)
Container Network Model
Docker
Container
Runtime
Remote
DriverPlugins
NetworkDriver
IpamDriver
Docker
LibNetwork
Drivers
![Page 20: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/20.jpg)
Unix Domain Sockets
![Page 21: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/21.jpg)
Unix Domain Sockets & Docker Engine
![Page 22: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/22.jpg)
Driver vs. PluginPlugin is the extension of
LibNetwork “remote” Driver
HostDocker Engine
Network
Driver
Plugin IPAM
Plugin
Key-Value Store• Etcd
• Consul
• Zookeeper
Virtual Switch
Management
Plane
![Page 23: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/23.jpg)
libkv
etcd
consul
zookeeper
NetworkDriver Scope
local global
![Page 24: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/24.jpg)
$ docker network create -d overlay --ipam-driver
ipamx --subnet 10.4.4.0/24 mynet
![Page 25: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/25.jpg)
Docker LibNetwork Remote IPAM Plugin
• It is a web server listening on Unix
Domain Socket
• The socket location:
/run/docker/plugins/ipamx.sock
• Plugin type: IpamDriver
![Page 26: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/26.jpg)
How IPAM Driver works?
$ docker network create -d bridge --ipam-driver
ipamx --subnet 10.4.4.0/24 mynet
![Page 27: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/27.jpg)
![Page 28: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/28.jpg)
![Page 29: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/29.jpg)
![Page 30: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/30.jpg)
![Page 31: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/31.jpg)
![Page 32: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/32.jpg)
How IPAM Driver works?
$ docker run -d -t --net=mynet --name=delta1 --ip
10.4.4.21 centos /bin/bash
![Page 33: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/33.jpg)
![Page 34: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/34.jpg)
How IPAM Driver works?
$ docker stop delta1
![Page 35: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/35.jpg)
![Page 36: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/36.jpg)
How IPAM Driver works?
$ docker network rm mynet
![Page 37: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/37.jpg)
![Page 38: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/38.jpg)
![Page 39: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/39.jpg)
Common Issues with IPAM in CN(MI)
• Static IP addressing
• Scaling
• Lack of Endpoints /IpamDriver.Metrics
/IpamDriver.Version
/IpamDriver.Shutdown
/IpamDriver.Networks
/IpamDriver.Leases
/IpamDriver.Configuration
![Page 40: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/40.jpg)
Writing Drivers/Plugins
![Page 41: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/41.jpg)
Docker Engine Virtual Switch
Virtual
Switch
Client
Docker
Client
Network
Driver
Socket
IPAM
Driver
Socket
Management Plane (off-host)
Management
Plane
Client
KV Store
KV
Store
Client
Control Plane (off-host)
![Page 42: Docker LibNetwork Plugins...However, it comes with tools and plugins (i.e. drivers) •Each driver is a binary •Plugin is synonymous to a driver •Network definitions are stored](https://reader030.vdocuments.site/reader030/viewer/2022040522/5e7cdd5cc8462f2ca60af048/html5/thumbnails/42.jpg)
Thank you! Engage with Community
• Github & Slack
• docker/libnetwork
• containernetworking/cni
• Meetups:
• NANOG
• NYNOG
• Ping me github.com/greenpau