fixing docker networking - milos gajdos at #doxlon

of 14/14
DOCKNET - golang package for Linux networking DevOps Exchange London, #DOXLON 26 th June, 2014

Post on 27-Jan-2015

107 views

Category:

Internet

0 download

Embed Size (px)

DESCRIPTION

Milos has been working on fixing networking in Docker. Yes, fixing networking :-) At the moment it massively sucks. You can't do vlans, macvlans etc.. you can't even have more than 1 interface inside the docker! After a week of after-work hacking on this (whilst watching world cup) Milos has found the cause of why this is not in Docker - it's the netlink package in docker - because no one has fixed netlink! This should be an entertaining talk for anyone who likes Docker, Golang and geeky container networking stuff. Video: http://youtu.be/_dQ5dERe6b0 DevOps Exchange Meetup Group: http://bit.ly/doxlonmeetup

TRANSCRIPT

  • 1. DOCKNET - golang package for Linux networking DevOps Exchange London, #DOXLON26th June, 2014

2. About me Ex-Rackspace, couple of startups in and outside of UK Currently freelancing Twitter: @milosgajdos Linkedin: http://uk.linkedin.com/in/milosgajdos Professional (technology) ranter or better - Ops guy Programming language tourist currently loving Go 3. How and why docknet Started as a personal interest in Linux container networking (http://containerops.org/2013/11/19/lxc-networking/) Docker does not offer advanced networking functionality available in LXC/OpenVZ No properly functional Go library which would allow you to congure Linux networking programatically without shelling out 4. Application delivery DOCKERIZE ALL THE THINGS! 5. Infrastructure delivery Network is an essential part of IT infrastructure Well designed network oers better scalability, security, easier management etc. Legacy network setups and various esoteric or nancial requirements leave us deal with . 6. Insane network infrastructures o_O 7. Netlink & RTNetlink Netlink is a datagram-oriented messaging system in Linux for user-space applications to communicate with Linux kernel mostly used by networking tools (iproute2), but there is some use of it in other non-networking kernel subsystems RtNetlink is a library used for conguring and managing networking devices, routing, neighbouring etc. 8. Go netlink Found 2 Go implementations:1. github.com/abneptis/GoNetlink does not seem to be actively developed any more - last commit about 4 years ago couldnt compile it with latest Go compiler2. github.com/docker/libcontainer/ (netlink package) used by Docker o/ more idiomatic, still work in progress seems broken - NEEDS FIXING 9. Fixing netlink package 10. docknet general network managing and conguration library for Linux OS - not just containers! uses properly functioning netlink package which offers more functionality than libcontainers one (VLANs, MAC VLANs etc.) no syscalls in netlink package any more - syscalls are NOT netlink ! allows for advanced networking conguration of your containers (not necessarily Docker based): VLANs, MAC VLANs, multiple network interfaces etc. Still WORK IN PROGRESS still private, should be released in a week or two 11. docknet sneak peek Add an extra veth interface into Docker from the host machine: https://gist.github.com/milosgajdos83/7cc9028a962fb5635ada Add a MAC VLAN interfaces into Docker from the host machine: https://gist.github.com/milosgajdos83/296fb90d076f259a5b0a 12. TIME FOR LIVE DEMO! 13. I AM HIRING 14. Links http://www.linuxjournal.com/article/8498 http://man7.org/linux/man-pages/man7/netlink.7.html http://man7.org/linux/man-pages/man3/netlink.3.html https://github.com/torvalds/linux/blob/master/net/core/rtnetlink.c https://github.com/torvalds/linux/blob/master/include/linux/ rtnetlink.h https://github.com/docker/libcontainer/blob/master/netlink/ netlink_linux.go