This is an addition to this question about how to setup VLANs on CoreOS [CoreOS bare-metal vlan networking. My question after is after you set this up, how do you use it?
How do you start a container that puts the ethernet interface of that container into one of those specific VLAN?
WARNING: HACKS AHEAD!
Networking (today) is a little awkward inside of Docker so we need to compensate for a lot of the assumptions made on the users behalf. To do this you need to create a bridge interface for the interfaces to actually sit on and then pass the configuration via --lxc-conf options in a fashion similar to this answer.
As an example (Caveats, this will likely not directly be copy/pastable. I'm regurgitating this from memory):
First we configure a sub interface on eth0 which is on VLAN800:
/etc/sysconfig/network/05-eth0.netdev:
[Match]
Name=eth0.800
[Network]
Address=192.168.20.25/24
Gateway=192.168.20.1
DNS=192.168.1.1
VLAN=800
Next we create a bridge for other devices which will need to access that VLAN:
/etc/sysconfig/network/20-br800.netdev:
[NetDev]
Name=br800
Kind=bridge
Then we attach that subinterface previously created to the bridge:
/etc/sysconfig/network/50-eth0-800.netdev:
[Match]
Name=eth0.800
[Network]
Bridge=br800
Now we are in a state where we have the network we want configured on the host and can do something like:
docker run \
--net="none" \
--lxc-conf="lxc.network.type = veth" \
--lxc-conf="lxc.network.ipv4 = 192.168.20.30/24" \
--lxc-conf="lxc.network.ipv4.gateway = 192.168.20.1" \
--lxc-conf="lxc.network.link = br800" \
--lxc-conf="lxc.network.name = eth0" \
--lxc-conf="lxc.network.flags = up" \
-d [Docker Image ID]
Ideally we wouldn't have to do as much hacking just to get networking setup in such a way, but this leads to the ability to create multiple bridges attached to different VLANs and segment traffic from different containers and force it to go through some upstream router.
