Browse code
Adding additional documentation for fixed-cidr networking
Docker-DCO-1.1-Signed-off-by: Frederick F. Kautz IV <fkautz@alumni.cmu.edu> (github: fkautz)
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
Frederick F. Kautz IV authored on 2014/07/22 04:30:21Showing 4 changed files
- daemon/config.go
- docs/man/docker.1.md
- docs/sources/articles/networking.md
- docs/sources/reference/commandline/cli.md
| ... | ... |
@@ -51,7 +51,7 @@ func (config *Config) InstallFlags() {
|
| 51 | 51 |
flag.BoolVar(&config.EnableIpForward, []string{"#ip-forward", "-ip-forward"}, true, "Enable net.ipv4.ip_forward")
|
| 52 | 52 |
flag.StringVar(&config.BridgeIP, []string{"#bip", "-bip"}, "", "Use this CIDR notation address for the network bridge's IP, not compatible with -b")
|
| 53 | 53 |
flag.StringVar(&config.BridgeIface, []string{"b", "-bridge"}, "", "Attach containers to a pre-existing network bridge\nuse 'none' to disable container networking")
|
| 54 |
- flag.StringVar(&config.FixedCIDR, []string{"-fixed-cidr"}, "", "IPv4 subnet for fixed IPs (ex: 10.20.0.0/16)\nthis subnet must be nested in bridge subnet (which is defined by -b or --bip)")
|
|
| 54 |
+ flag.StringVar(&config.FixedCIDR, []string{"-fixed-cidr"}, "", "IPv4 subnet for fixed IPs (ex: 10.20.0.0/16)\nthis subnet must be nested in the bridge subnet (which is defined by -b or --bip)")
|
|
| 55 | 55 |
flag.BoolVar(&config.InterContainerCommunication, []string{"#icc", "-icc"}, true, "Enable inter-container communication")
|
| 56 | 56 |
flag.StringVar(&config.GraphDriver, []string{"s", "-storage-driver"}, "", "Force the Docker runtime to use a specific storage driver")
|
| 57 | 57 |
flag.StringVar(&config.ExecDriver, []string{"e", "-exec-driver"}, "native", "Force the Docker runtime to use a specific exec driver")
|
| ... | ... |
@@ -49,6 +49,10 @@ unix://[/path/to/socket] to use. |
| 49 | 49 |
**-g**="" |
| 50 | 50 |
Path to use as the root of the Docker runtime. Default is `/var/lib/docker`. |
| 51 | 51 |
|
| 52 |
+ |
|
| 53 |
+**--fixed-cidr**="" |
|
| 54 |
+ IPv4 subnet for fixed IPs (ex: 10.20.0.0/16); this subnet must be nested in the bridge subnet (which is defined by \-b or \-\-bip) |
|
| 55 |
+ |
|
| 52 | 56 |
**--icc**=*true*|*false* |
| 53 | 57 |
Enable inter\-container communication. Default is true. |
| 54 | 58 |
|
| ... | ... |
@@ -54,6 +54,9 @@ server when it starts up, and cannot be changed once it is running: |
| 54 | 54 |
* `--bip=CIDR` — see |
| 55 | 55 |
[Customizing docker0](#docker0) |
| 56 | 56 |
|
| 57 |
+ * `--fixed-cidr` — see |
|
| 58 |
+ [Customizing docker0](#docker0) |
|
| 59 |
+ |
|
| 57 | 60 |
* `-H SOCKET...` or `--host=SOCKET...` — |
| 58 | 61 |
This might sound like it would affect container networking, |
| 59 | 62 |
but it actually faces in the other direction: |
| ... | ... |
@@ -365,17 +368,25 @@ By default, the Docker server creates and configures the host system's |
| 365 | 365 |
can pass packets back and forth between other physical or virtual |
| 366 | 366 |
network interfaces so that they behave as a single Ethernet network. |
| 367 | 367 |
|
| 368 |
-Docker configures `docker0` with an IP address and netmask so the host |
|
| 369 |
-machine can both receive and send packets to containers connected to the |
|
| 370 |
-bridge, and gives it an MTU — the *maximum transmission unit* or largest |
|
| 371 |
-packet length that the interface will allow — of either 1,500 bytes or |
|
| 372 |
-else a more specific value copied from the Docker host's interface that |
|
| 373 |
-supports its default route. Both are configurable at server startup: |
|
| 368 |
+Docker configures `docker0` with an IP address, netmask and IP |
|
| 369 |
+allocation range. The host machine can both receive and send packets to |
|
| 370 |
+containers connected to the bridge, and gives it an MTU — the *maximum |
|
| 371 |
+transmission unit* or largest packet length that the interface will |
|
| 372 |
+allow — of either 1,500 bytes or else a more specific value copied from |
|
| 373 |
+the Docker host's interface that supports its default route. These |
|
| 374 |
+options are configurable at server startup: |
|
| 374 | 375 |
|
| 375 | 376 |
* `--bip=CIDR` — supply a specific IP address and netmask for the |
| 376 | 377 |
`docker0` bridge, using standard CIDR notation like |
| 377 | 378 |
`192.168.1.5/24`. |
| 378 | 379 |
|
| 380 |
+ * `--fixed-cidr=CIDR` — restrict the IP range from the `docker0` subnet, |
|
| 381 |
+ using the standard CIDR notation like `172.167.1.0/28`. This range must |
|
| 382 |
+ be and IPv4 range for fixed IPs (ex: 10.20.0.0/16) and must be a subset |
|
| 383 |
+ of the bridge IP range (`docker0` or set using `--bridge`). For example |
|
| 384 |
+ with `--fixed-cidr=192.168.1.0/25`, IPs for your containers will be chosen |
|
| 385 |
+ from the first half of `192.168.1.0/24` subnet. |
|
| 386 |
+ |
|
| 379 | 387 |
* `--mtu=BYTES` — override the maximum packet length on `docker0`. |
| 380 | 388 |
|
| 381 | 389 |
On Ubuntu you would add these to the `DOCKER_OPTS` setting in |
| ... | ... |
@@ -55,6 +55,7 @@ expect an integer, and they can only be specified once. |
| 55 | 55 |
use 'none' to disable container networking |
| 56 | 56 |
--bip="" Use this CIDR notation address for the network bridge's IP, not compatible with -b |
| 57 | 57 |
--fixed-cidr="" IPv4 subnet for fixed IPs (ex: 10.20.0.0/16) |
| 58 |
+ this subnet must be nested in the bridge subnet (which is defined by -b or --bip) |
|
| 58 | 59 |
-D, --debug=false Enable debug mode |
| 59 | 60 |
-d, --daemon=false Enable daemon mode |
| 60 | 61 |
--dns=[] Force Docker to use specific DNS servers |