Maxhawk

Anyone try Docker DDSM in an ESXi installation?

Recommended Posts

I'm trying to install a second instance of DSM by using DDSM in Docker in an ESXi environment. The reason I can't spin up another XPE VM instance is because all 12 of my drive bays on the backplane are being passed through by an H310 controller (flashed IT mode=HBA).

 

The issue I'm having with the ESXi VM instance is I can't get network connectivity on the DDSM. I've tried DDSM on a separate bare metal installation and it worked fine set up the same way. The only significant difference is one is bare metal while the other one is ESXi. On ESXi I've presented XPE with 2 virtual network cards on different subnets. DSM gets an IP address from both subnets but DDSM can talk to neither of them. 

 

This is an ESXi issue, but I can't exactly go asking on a Synology forum about use with ESXi. I was just hoping that someone here may have done it so I know it's possible. Everything looks right as configured in ESXi.

 

Thanks for reading.

 

Share this post


Link to post
Share on other sites
Posted (edited)

Been there, done that and had the same result.

The issue is more of a ESXi user issue, rather then an ESXi issue ;)

 

Make sure your vSwtich has following settings in the security policy it uses:

Allow promiscuous mode -> Yes

Allow forged transmits -> Yes

Allow MAC changes -> Yes

 

Though, be aware that transfer speeds will drop slightly and won't be as stable as they are without these settings.

 

When i was tinkering around with docker and the macvlan network mode, people in the syno forums could get it up and running and i couldn't.

That made me dig into the ESXi vSwtich settings. After the settings have been made, it worked flowless.

Edited by haydibe
  • Thanks 1

Share this post


Link to post
Share on other sites
7 hours ago, haydibe said:

Make sure your vSwtich has following settings in the security policy it uses:

Allow promiscuous mode -> Yes

Allow forged transmits -> Yes

Allow MAC changes -> Yes

 

 

Thanks this worked! I know I tried one of those to Yes but not all three.

 

Also it turns out you don't have to turn these on for the entire vSwitch. I did it only on the port group where I specified the VLAN ID and DDSM got an IP address first try.

 

Share this post


Link to post
Share on other sites

Mind sharing some screenshots? I tried going the port group route as you mentioned but still get a 169.254.... address. Works great if I make the changes at the vSwitch.

Share this post


Link to post
Share on other sites
7 hours ago, c_c_b said:

Mind sharing some screenshots? I tried going the port group route as you mentioned but still get a 169.254.... address. Works great if I make the changes at the vSwitch.

 

The DDSM  network is called Nick-Synology. The only other changes I made to the default was to change NIC teaming to Route based on IP hash which should not affect this.

 

 

image.thumb.png.51502e3f8ee7f14b23618d0c97faa14d.png

 

image.thumb.png.b25a728416c30f68aee9fd76cb9a5d95.png

 

 

I cant remember if I made changes to the security policy of the default vSwitch0 for the managment network, but I see that it's not all set to No FWIW. This switch is on a separate NIC port from vSwitch Intel.

 

image.thumb.png.3e9c5010bbf12557340ffa41a4f1374e.png

image.png

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now