109 lines
3.4 KiB
ReStructuredText
109 lines
3.4 KiB
ReStructuredText
Adding extra network to container
|
|
=================================
|
|
|
|
In some cases it may be useful to have an ability to add extra network
|
|
interface for some container group (or just a single container). As an example
|
|
this can be used for applying known fixed IP address from another network for
|
|
Designate service. We will show futher configuration based on this example.
|
|
Let's assume, that this network is 10.0.20.0/24 which is reachable through
|
|
`br-dns` interface.
|
|
|
|
To add new interface with that network into dessignate containers, we need to
|
|
do several actions in ``openstack_user_config.yml``.
|
|
|
|
.. note::
|
|
|
|
You may find detailed example of `openstack_user_config.yml` configuration
|
|
in section :ref:`openstack-user-config-reference`.
|
|
|
|
* Add this network in ``cidr_networks``:
|
|
|
|
.. code-block:: yaml
|
|
|
|
cidr_networks:
|
|
container: 172.29.236.0/22
|
|
tunnel: 172.29.240.0/22
|
|
storage: 172.29.244.0/22
|
|
designate: 10.0.20.0/24
|
|
|
|
* Describe network in ``provider_networks``:
|
|
|
|
.. code-block:: yaml
|
|
|
|
global_overrides:
|
|
provider_networks:
|
|
- network:
|
|
container_bridge: "br-dns"
|
|
container_type: "veth"
|
|
container_interface: "eth5"
|
|
ip_from_q: "designate"
|
|
type: "veth"
|
|
group_binds:
|
|
- dnsaas_hosts
|
|
|
|
* Define override for containers
|
|
|
|
.. note::
|
|
|
|
Adding gateway key will create default route inside container through it
|
|
|
|
.. code-block:: yaml
|
|
|
|
dnsaas_hosts:
|
|
aio1:
|
|
ip: 172.29.236.100
|
|
container_vars:
|
|
container_extra_networks:
|
|
dns_address:
|
|
bridge: br-dns
|
|
interface: eth5
|
|
address: 10.0.20.100
|
|
netmask: 255.255.255.0
|
|
gateway: 10.0.20.1
|
|
|
|
|
|
Using SR-IOV interfaces in containers
|
|
=====================================
|
|
|
|
For some deployments it might be required to passthrough devices directly to
|
|
containers, for example, when SR-IOV is used or devices can't be bridged
|
|
(ie with `IPoIB <https://www.kernel.org/doc/html/latest/infiniband/ipoib.html>`)
|
|
|
|
You would need to manually map physical interfaces to specific containers.
|
|
This also assumes, that same interface name is present on all containers and
|
|
it is consistent and present before LXC startup.
|
|
|
|
Below as an example we will try using IB interfaces for storage network
|
|
and pass them inside containers that require storage connectivity.
|
|
For that you need describe connections in ``provider_networks``
|
|
inside `openstack_user_config.yml` configuration:
|
|
|
|
.. code-block:: yaml
|
|
|
|
global_overrides:
|
|
provider_networks:
|
|
- network:
|
|
container_bridge: "ib1"
|
|
container_type: "phys"
|
|
container_interface: "ib1"
|
|
ip_from_q: "storage"
|
|
type: "raw"
|
|
group_binds:
|
|
- cinder_volume
|
|
- network:
|
|
container_bridge: "ib3"
|
|
container_type: "phys"
|
|
container_interface: "ib3"
|
|
ip_from_q: "storage"
|
|
type: "raw"
|
|
group_binds:
|
|
- glance_api
|
|
- network:
|
|
container_bridge: "ib5"
|
|
container_type: "phys"
|
|
container_interface: "ib5"
|
|
ip_from_q: "storage"
|
|
type: "raw"
|
|
group_binds:
|
|
- gnocchi_api
|