Not today...

comments

Snippet

KVM with Docker bridge

Tagged admin , cli

This post will explain how to use the docker bridge as a KVM bridge. In this post I will use the Qemu command line to manage my VMs.

There is a lot of ways to connect a VM to the internet. The most common one is via network address translation (NAT). This method has a few down side, the main one being that you need to explicitely configure port forwarding for your VM services to be reachable from the host.

I wasn’t a network person when I first started playing with docker. So when I did the first installation I discovered its bridge networking. I found the solution to better fit my needs. Every container has a specific IP and I can reach them from my laptop. I want the same for my VM but this is a bit less user friendly since you have to create and maintain the bridge by yourself. But on the other hand the bridge is not managed by Qemu making it possible to reuse the one from Docker.

The command

qemu-system-x86_64 ... \
	-netdev "bridge,id=user.1,br=docker0" \
	-device "virtio-net,netdev=user.1"

If you want a proper explanation of the options I use, I will let you check my previous post where I explain this in details. For now the options we are looking into are:

  • -netdev "bridge,id=user.1,br=docker0" this define a network device with id: user.1 of type bridge called docker0. Which is the bridge created by the docker daemon. Here, we will reuse that bridge to connect our VM.
  • -device "virtio-net,netdev=user.1" second option is here to attach the device to our VM. We define the network driver and the device id. As previously shown in the other post you need two options to fully describe and attach a network device.

The configuration

To make this properly work you will need a configuration step. Since the docker bridge do not provide you with dynamics IPs you will have to set up a static one. This is easily done using the /etc/network/interfaces file:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 172.17.1.1/16
    gateway 172.17.0.1

In this example I am setting up a static IP of 172.17.1.1 using the default docker bridge network (172.17.0.0/16). This configuration will allow you to reach the internet through the bridge, but also the containers you might start in this network as well.

Disclaimer: As far as I know the docker daemon will not be aware of this setup and might start a container with the same IP. I am using the address 172.17.1.1 because I will need to have 254 containers registered in this network before it conflicts. Keep this in mind when you are setting this up!