fixing docker networking - milos gajdos at #doxlon

of 14/14
DOCKNET - golang package for Linux networking DevOps Exchange London, #DOXLON 26 th June, 2014

Post on 27-Jan-2015




0 download

Embed Size (px)


Milos has been working on fixing networking in Docker. Yes, fixing networking :-) At the moment it massively sucks. You can't do vlans, macvlans etc.. you can't even have more than 1 interface inside the docker! After a week of after-work hacking on this (whilst watching world cup) Milos has found the cause of why this is not in Docker - it's the netlink package in docker - because no one has fixed netlink! This should be an entertaining talk for anyone who likes Docker, Golang and geeky container networking stuff. Video: DevOps Exchange Meetup Group:


  • 1. DOCKNET - golang package for Linux networking DevOps Exchange London, #DOXLON26th June, 2014

2. About me Ex-Rackspace, couple of startups in and outside of UK Currently freelancing Twitter: @milosgajdos Linkedin: Professional (technology) ranter or better - Ops guy Programming language tourist currently loving Go 3. How and why docknet Started as a personal interest in Linux container networking ( Docker does not offer advanced networking functionality available in LXC/OpenVZ No properly functional Go library which would allow you to congure Linux networking programatically without shelling out 4. Application delivery DOCKERIZE ALL THE THINGS! 5. Infrastructure delivery Network is an essential part of IT infrastructure Well designed network oers better scalability, security, easier management etc. Legacy network setups and various esoteric or nancial requirements leave us deal with . 6. Insane network infrastructures o_O 7. Netlink & RTNetlink Netlink is a datagram-oriented messaging system in Linux for user-space applications to communicate with Linux kernel mostly used by networking tools (iproute2), but there is some use of it in other non-networking kernel subsystems RtNetlink is a library used for conguring and managing networking devices, routing, neighbouring etc. 8. Go netlink Found 2 Go implementations:1. does not seem to be actively developed any more - last commit about 4 years ago couldnt compile it with latest Go compiler2. (netlink package) used by Docker o/ more idiomatic, still work in progress seems broken - NEEDS FIXING 9. Fixing netlink package 10. docknet general network managing and conguration library for Linux OS - not just containers! uses properly functioning netlink package which offers more functionality than libcontainers one (VLANs, MAC VLANs etc.) no syscalls in netlink package any more - syscalls are NOT netlink ! allows for advanced networking conguration of your containers (not necessarily Docker based): VLANs, MAC VLANs, multiple network interfaces etc. Still WORK IN PROGRESS still private, should be released in a week or two 11. docknet sneak peek Add an extra veth interface into Docker from the host machine: Add a MAC VLAN interfaces into Docker from the host machine: 12. TIME FOR LIVE DEMO! 13. I AM HIRING 14. Links rtnetlink.h netlink_linux.go