Add an Additional Network Interface to a Container

Network attachment definition specifications can be created in order to reference / request additional interfaces or network configurations in a container specification.

The type of network attachment definition corresponds to a container networking plugin which performs the actions necessary to set up the interface in the container. Some plugins correspond directly to a new interface in the container, while other “meta” plugins are typically chained with an interface-plugin to perform additional network configuration. Further, ipam plugins can be used to control the IP address allocation for the interface.

“interface-creating” plugin types

sriov

Adds an SR-IOV VF interface to a container.

host-device

Adds an already-existing device to a container.

macvlan

Creates an interface with a new MAC address, usually from a shared host interface.

ipvlan

Creates an ipvlan interface in the container.

bridge

Creates a bridge on the host and adds a veth interface in the container to it.

ptp

Creates a veth pair between the container and host.

vlan

Creates a vlan device in the container.

See bond for more information.

bond

Creates a bonded interface in the container.

vrf

Enables virtual routing and forwarding in the network namespace of the container.

“meta” plugin types

tuning

Allows some sysctl parameters of an existing interface to be modified.

portmap

Maps ports from the host’s address space to the container.

bandwidth

Applies bandwidth-limiting on a container interface through use of traffic control tbf.

sbr

Enables source based routing for an interface.

“ipam” plugin types

dhcp

Runs a daemon on the host which makes DHCP requests on behalf of the container. Requires a DHCP server to be connected to the interface.

host-local

Maintains a local database of allocated IP addresses.

static

Allocate a static IPv4/IPv6 addresses to container.

calico-ipam

Use Calico managed IP pools to allocate an address to the interface.