Dockerfile to build a PXE server in a Docker container
This is a Dockerfile to build a container running a PXE server, pre-configured to serve a Debian netinstall kernel and initrd.
cd
into the repo checkout.docker build -t pxe .
PXECID=$(docker run --cap-add NET_ADMIN -d pxe)
./pipework br0 $PXECID 192.168.242.1/24
brctl addif br0 eth0
(don't forget to move eth0
IP address
to br0
if there is one).eth0
!
Alternatively, you can put VMs on br0
and achieve the same result.The Linux network stack has the notion of master and slave interfaces. They are used in many places, including bridges and bonding (when multiple physical interfaces are grouped together to form a single logical link, for increased throughput or reliability). When using Linux bridges, the bridge is the master interface, and all the ports of the bridge are slave interfaces.
Now is the tricky part: with interfaces like bridges and bonding groups, only the master should have IP addresses; not the slaves. If an IP address is configured on a slave interface, it will misbehave in seemingly random ways. For instance, it can stop working if the interface is down (but the master interface is still up). Or it might handle some protocols like ARP only for packets inbound on this interface.
Therefore, when changing the configuration of an existing interface to place it inside a bridge (or bonding group), you should deconfigure its IP address, and assign it to the master interface instead. I recommend the following steps:
ip addr ls eth0
).
Carefully note the IP address and its subnet mask, e.g.
192.168.1.4/24. There can be multiple addresses; in that case,
note all of them.ip route ls dev eth0
. You will almost
certainly see an entry with proto kernel scope link
, which
is the automatic entry corresponding to the subnet directly
connected to this interface. You can ignore this one. However,
if you see something like default via 192.168.1.1
, note it.ip addr del 192.168.1.4/24 dev eth0
. You don't havea to
deconfigure the routes: they will be automatically removed
as the address is withdrawn.ip addr add 192.168.1.4/24 dev br0
.ip route add default via 192.168.1.1
.If you want to do that automatically at boot, you can do it through
the /etc/network/interfaces
file (on Debian/Ubuntu).
It will look like this (assuming the same IP addresses than our previous example):
auto br0
iface br0 inet static
address 192.168.1.4
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
Don't forget to disable the section related to eth0
then!
Left as an exercise for the reader. Check the Dockerfile and rebuild; it should be easy enough.
If you want to boot coreOS, check out avlis/pxe_coreos
That's unfortunate. You should probably adapt these instructions
to use host networking (i.e. --net host
) since this recipe was
written before host networking was available. Meanwhile, if
you have strange symptoms (like, some things ping and some don't)
you might have to disable bridge netfilter filtering. Please look
at issue #17 for
more details.
Yes. Be aware that the DHCP server on this container will offer IPs from 101 to 199 on the same /24 subnet. So make sure that the IP you give to the container via pipework does not clash with that. Also make sure that there are no other hosts on that bridge within that range. Otherwise, change it in the Dockerfile, check the line that says --dhcp-range=(...).
Yes, but it will be more complicated. You will have to:
Let's have a game!
Yes!