Skip to content

Instantly share code, notes, and snippets.

@larsks

larsks/create-bridge-network.md

Last active February 15, 2023 12:58
Show Gist options
  • Save larsks/160c626d8f35c65e768b9e7385e93c2f to your computer and use it in GitHub Desktop.
Save larsks/160c626d8f35c65e768b9e7385e93c2f to your computer and use it in GitHub Desktop.
Download ZIP
podman-bridge-network
Raw
create-bridge-network.md

This will work if you have an existing bridge or if you don't: if the bridge referenced in this config doesn't exist, it will be created when you start a container attached to the network.

  1. Create the CNI network configuration in /etc/cni/net.d/99-example.conflist:
{
  "cniVersion": "0.4.0",
  "name": "example",
  "plugins": [
    {
      "type": "bridge",
      "bridge": "br-example",
      "isGateway": true,
      "ipMasq": true,
      "ipam": {
        "type": "host-local",
        "routes": [
          {
            "dst": "0.0.0.0/0"
          }
        ],
        "ranges": [
          [
            {
              "subnet": "10.9.8.0/24",
              "gateway": "10.9.8.1"
            }
          ]
        ]
      }
    },
    {
      "type": "portmap",
      "capabilities": {
        "portMappings": true
      }
    },
    {
      "type": "firewall"
    },
    {
      "type": "tuning"
    }
  ]
}
  1. Verify the network shows up:
# podman network ls
NAME      VERSION   PLUGINS
podman    0.4.0     bridge,portmap,firewall,tuning
example   0.4.0     bridge,portmap,firewall,tuning
  1. Spawn a container on that network:
  # podman run -it --rm --net=example alpine sh
  / # ip addr show
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
  		link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  		inet 127.0.0.1/8 scope host lo
  			 valid_lft forever preferred_lft forever
  		inet6 ::1/128 scope host
  			 valid_lft forever preferred_lft forever
  2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
  		link/sit 0.0.0.0 brd 0.0.0.0
  4: eth0@if3: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
  		link/ether 4e:42:de:5a:78:df brd ff:ff:ff:ff:ff:ff
  		inet 10.9.8.2/24 brd 10.9.8.255 scope global eth0
  			 valid_lft forever preferred_lft forever
  		inet6 fe80::4c42:deff:fe5a:78df/64 scope link
  			 valid_lft forever preferred_lft forever
  / # ping -c1 8.8.8.8
  PING 8.8.8.8 (8.8.8.8): 56 data bytes
  64 bytes from 8.8.8.8: seq=0 ttl=55 time=8.921 ms

  --- 8.8.8.8 ping statistics ---
  1 packets transmitted, 1 packets received, 0% packet loss
  round-trip min/avg/max = 8.921/8.921/8.921 ms
  / #
@larsks
Copy link
Author

larsks commented Apr 3, 2020

This assumes you want to use the address range 10.9.8.0/24 for your network. You are of course free to use other settings.

@gbraad
Copy link

gbraad commented Feb 15, 2023

@larsks This is not possible anymore with Podman 4.x?

@larsks
Copy link
Author

larsks commented Feb 15, 2023

It's different with podman 4.x (network configurations can be found in /etc/containers/networks), and probably no longer necessary. I think you could accomplish the same thing now by simply passing appropriate options to podman network create:

podman network create example --subnet 10.9.8.0/24

@gbraad
Copy link

gbraad commented Feb 15, 2023
edited
Loading

It would complain about the subnet already existing. I think I got it working. I first created a network and then edit the file:

$ sudo vi /etc/containers/networks/example.json

{
     "network_interface": "[brname]",
     "subnets": [
          {
               "subnet": "10.0.21.0/24",
               "gateway": "10.0.21.1"
          }
     ],
}

making sure the [brname] is the one you wanna target with the correct subnets.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment