Assign public IP address to Docker Container without port binding
MACVLAN creates multiple virtual network interfaces with different MAC addresses. This way if your system has multiple IP addresses with MAC addresses then we can create multiple virtual network interfaces each having their own IP address and MAC address.
MACVLAN doesn’t need to learn(identify) mac addresses of the systems within the network to distribute traffic as it know’s every mac address, this makes it fast and easy to setup than bridge type networking.
Problems with docker containers port binding:
- If a container uses port 8000 of host then no other containers can use that port.
- Binding multiple ports to container can be done by specifying port range but this operation takes more time depending on no. of ports to bind.
- IPTables rules become cumbersome as no. of bindings increase.
Advantages of MACVLAN:
- IPTables aren’t affected.
- No port binding.
- Easy to setup.
- Faster than bridge networking.
Creating MACVLAN network:
Host IP: 126.96.36.199
Host subnet: 188.8.131.52
Host Mask: 26
Host gateway: 184.108.40.206
Host ethernet interface: eth0
docker network create -d macvlan -o macvlan_mode=bridge — subnet=220.127.116.11/26 — gateway=18.104.22.168 -o parent=eth0 macvlan_bridge
Above command creates network named ‘macvlan_bridge’
Running a container using ‘macvlan_bridge’ network:
Host contains multiple publicly accessible IP addresses with MAC addresses.
Host additional IP/MAC: 22.214.171.124/00:50:56:00:60:42
docker run — name cont1 — net=macvlan_bridge — ip=126.96.36.199 — mac-address 00:50:56:00:60:42 -itd nginx
Above command runs nginx container with ip ‘188.8.131.52’ attached to this container, you can verify by hitting ‘184.108.40.206’ where you will be welcomed with nginx page.
This way overall network setup will become clear and easy to handle.