17、docker多机网络通信overlay
理论上来说多台宿主机之间的docker容器之间是无法通讯的,但是多台宿主机之间的docker容器之间是可以通讯的,主要是通过VXLAN技术来实现的。
GitHub上对于docker-overlay-network的介绍。
17.1 overlay网络和etcd实现多机容器通信
docker在创建容器的时候默认会使用bridge网络,要实现多机容器间通信,需要使用overlay网络,但是要实现多机的容器通信,通信的两个容器的IP肯定不能一样,所以我们需要借助第三方的工具来实现。这里使用ectd。
安装etcd
在第一台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node1 --initial-advertise-peer-urls http://192.168.205.10:2380 \
--listen-peer-urls http://192.168.205.10:2380 \
--listen-client-urls http://192.168.205.10:2379,http://127.0.0.1:2379 \
--advertise-client-urls http://192.168.205.10:2379 \
--initial-cluster-token etcd-cluster \
--initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
--initial-cluster-state new&
[root@docker ~]#
在第二台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node2 --initial-advertise-peer-urls http://192.168.205.11:2380 \
> --listen-peer-urls http://192.168.205.11:2380 \
> --listen-client-urls http://192.168.205.11:2379,http://127.0.0.1:2379 \
> --advertise-client-urls http://192.168.205.11:2379 \
> --initial-cluster-token etcd-cluster \
> --initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
> --initial-cluster-state new&
[root@docker ~]#
检查cluster状态
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl cluster-health
member 21eca106efe4caee is healthy: got healthy result from http://192.168.205.10:2379
member 8614974c83d1cc6d is healthy: got healthy result from http://192.168.205.11:2379
cluster is healthy
重启docker服务
在第一台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.11:2379 --cluster-advertise=192.168.205.11:2375&
在第二台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.10:2379 --cluster-advertise=192.168.205.10:2375&
创建overlay network
在其中任意一台服务器上创建一个overlay网络
[root@docker ~]# docker network create -d overlay demo
[root@docker ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
038cb815ca11 bridge bridge local
efeabebb2ed5 demo overlay global
674c97014876 host host local
ac706f4efd8e none null local
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
另一台服务器上的overlay网络也会被同步创建。这都是由etcd实现的:
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls
/docker
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker
/docker/nodes
/docker/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/nodes
/docker/nodes/192.168.205.10:2375
/docker/nodes/192.168.205.11:2375
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network
/docker/network/v1.0
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0
/docker/network/v1.0/endpoint_count
/docker/network/v1.0/endpoint
/docker/network/v1.0/ipam
/docker/network/v1.0/idm
/docker/network/v1.0/overlay
/docker/network/v1.0/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay
/docker/network/v1.0/overlay/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay/network
/docker/network/v1.0/overlay/network/efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6
[root@docker etcd-v3.0.12-linux-amd64]#
分别在两胎服务器上创建容器
在第一台服务器上创建
[root@docker ~]# docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
170e8edf81f2 busybox "sh -c 'while true; …" 3 minutes ago Up 3 minutes test1
[root@docker ~]# docker exec -it test1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
13: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
15: eth1@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
在第二台服务器上创建
[root@docker ~]# docker run -d --name test2 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8b50c21f1337 busybox "sh -c 'while true; …" 2 minutes ago Up 2 minutes test2
[root@docker ~]# docker exec -it test2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:03 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.3/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
10: eth1@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
查看demo网络信息:
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"170e8edf81f2bc216b926c52928c0e6977809387cc21db433c56d7b7d397f49b": {
"Name": "test1",
"EndpointID": "247454410f441b545c97c3d53cae508cbdbb9c2d91745381adf70580a77f8ec7",
"MacAddress": "",
"IPv4Address": "10.0.0.2/24",
"IPv6Address": ""
},
"ep-5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d": {
"Name": "test2",
"EndpointID": "5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d",
"MacAddress": "",
"IPv4Address": "10.0.0.3/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
测试两个容器间能否通信
[root@docker ~]# docker exec -it test1 ping 10.0.0.3
PING 10.0.0.3 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=3.251 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.693 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.591 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.579 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.776 ms
^C
--- 10.0.0.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.579/1.178/3.251 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test1 ping test2
^C[vagrant@docker-node1 ~]$ docker exec -it test1 ping test2
PING test2 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=1.024 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.565 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.806 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.597 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.498 ms
^C
--- test2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.498/0.698/1.024 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=3.374 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.531 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.499 ms
^C
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.499/1.468/3.374 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping test1
PING test1 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=0.685 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.754 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.642 ms
64 bytes from 10.0.0.2: seq=3 ttl=64 time=1.080 ms
^C
--- test1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.642/0.790/1.080 ms
[root@docker ~]#
17、docker多机网络通信overlay的更多相关文章
- 跨 Docker 宿主机网络 overlay 类型
跨 Docker 宿主机网络 overlay 类型 前言 a. 本文主要为 Docker的视频教程 笔记. b. 环境为 三台 CentOS 7.0 虚拟机 (Vmware Workstation 1 ...
- Docker跨主机网络——overlay
前言 在Docker网络--单host网络一文中,我为大家总结了Docker的单机网络相关知识和操作,单机网络比较容易.本文我为大家总结Docker跨主机通信相关知识.同样本文大部分内容以CloudM ...
- [docker]docker自带的overlay网络实战
overlay网络实战 n3启动consul docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -b ...
- Docker跨服务器通信Overlay解决方案(下) Consul集群
承接上文 本文基于上篇文章,详细的场景说明与分析在前篇随笔中业已记录,有兴趣可以移步 Docker跨服务器通信Overlay解决方案(上) Consul单实例 本文主旨 本文为Docker使用Cons ...
- Docker多机网络
前言 前面的文章主要聚焦于单机网络上,对于生产环境而言,单机环境不满足高可用的特点,所以是不具备上生产的条件,因此在开始Docker Swarm篇的时候我们先来聊聊多机网络之间Docker的通信如何做 ...
- Docker 三剑客之 Docker Swarm(基于 overlay 组网通信)
相关文章:Docker 三剑客之 Docker Swarm 这一篇主要是对 Docker Swarm 的完善,增加基于 overlay 组网通信,以便 Docker 容器可以跨主机访问. 不同主机间的 ...
- docker 环境下创建 overlay 网络方案
一.环境 三台机器,其中一台安装 consul(192.168.1.21), 两台创建网络(192.168.1.32,33) 二.实现步骤 1.构建环境 1)三台机器部署docker环境 2)选择一台 ...
- Docker 跨主机网络 overlay(十六)
目录 一.跨主机网络概述 二.准备 overlay 环境 1.环境描述 2.创建 consul 3.修改 docker 配置文件 4.准备就绪 三.创建 overlay 网络 1.在 host1 中创 ...
- docker跨主机通信-overlay
使用consul 1,让两个网络环境下的容器互通,那么必然涉及到网络信息的同步,所以需要先配置一下consul. 直接运行下面命令.启动consul. docker run -d -p 8500:85 ...
随机推荐
- java 包的命名规范
- hive sql 随机抽样
create table daizk.IOS_matrix_sex asselect *from zhujx.1029_IOS_features_replce_nullwhere sex = 'M'u ...
- ReentrantLock 使用
从使用场景的角度出发来介绍对ReentrantLock的使用,相对来说容易理解一些. 场景1:如果发现该操作已经在执行中则不再执行(有状态执行) a.用在定时任务时,如果任务执行时间可能超过下次计划执 ...
- jQuery源码解读二(apply和call)
一.apply方法和call方法的用法: apply方法: 语法:apply(thisObj,[,argArray]) 定义:应用某一对象的一个方法,用另一个对象替换当前对象. 说明:如果argArr ...
- Future设计模式
一.什么是Future模型: Future模式是多线程开发中非常常见的一种设计模式,它的核心思想是异步调用.这类似我们网上订餐订座,只要一个电话,客服就告诉我们已经预定成功(实际客服MM啥都还没做好) ...
- Spring框架的特点
1. 为什么要学习Spring的框架 * 方便解耦,简化开发 * Spring就是一个大工厂,可以将所有对象创建和依赖关系维护,交给Spring管理 * AOP编程的支持 * Spring提供面向切面 ...
- script标签的type="test/html"时
们可以在<script>片断中定义一个被JS调用的代码,但代码又不在页面上显示,这时,我们可以使用下面的方法: 1 <script id="commentTemplate& ...
- svn回退版本/取消修改
取消对代码的修改分为两种情况: 第一种情况:改动没有被提交(commit). 这种情况下,使用svn revert就能取消之前的修改. svn revert用法如下: # svn revert [ ...
- Codeforces 709B 模拟
B. Checkpoints time limit per test:1 second memory limit per test:256 megabytes input:standard input ...
- How Autofs Works
How Autofs Works Autofs is a client-side service that automatically mounts the appropriate file syst ...