17、docker多机网络通信overlay
理论上来说多台宿主机之间的docker容器之间是无法通讯的,但是多台宿主机之间的docker容器之间是可以通讯的,主要是通过VXLAN技术来实现的。
GitHub上对于docker-overlay-network的介绍。
17.1 overlay网络和etcd实现多机容器通信
docker在创建容器的时候默认会使用bridge网络,要实现多机容器间通信,需要使用overlay网络,但是要实现多机的容器通信,通信的两个容器的IP肯定不能一样,所以我们需要借助第三方的工具来实现。这里使用ectd。
安装etcd
在第一台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node1 --initial-advertise-peer-urls http://192.168.205.10:2380 \
--listen-peer-urls http://192.168.205.10:2380 \
--listen-client-urls http://192.168.205.10:2379,http://127.0.0.1:2379 \
--advertise-client-urls http://192.168.205.10:2379 \
--initial-cluster-token etcd-cluster \
--initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
--initial-cluster-state new&
[root@docker ~]#
在第二台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node2 --initial-advertise-peer-urls http://192.168.205.11:2380 \
> --listen-peer-urls http://192.168.205.11:2380 \
> --listen-client-urls http://192.168.205.11:2379,http://127.0.0.1:2379 \
> --advertise-client-urls http://192.168.205.11:2379 \
> --initial-cluster-token etcd-cluster \
> --initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
> --initial-cluster-state new&
[root@docker ~]#
检查cluster状态
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl cluster-health
member 21eca106efe4caee is healthy: got healthy result from http://192.168.205.10:2379
member 8614974c83d1cc6d is healthy: got healthy result from http://192.168.205.11:2379
cluster is healthy
重启docker服务
在第一台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.11:2379 --cluster-advertise=192.168.205.11:2375&
在第二台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.10:2379 --cluster-advertise=192.168.205.10:2375&
创建overlay network
在其中任意一台服务器上创建一个overlay网络
[root@docker ~]# docker network create -d overlay demo
[root@docker ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
038cb815ca11 bridge bridge local
efeabebb2ed5 demo overlay global
674c97014876 host host local
ac706f4efd8e none null local
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
另一台服务器上的overlay网络也会被同步创建。这都是由etcd实现的:
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls
/docker
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker
/docker/nodes
/docker/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/nodes
/docker/nodes/192.168.205.10:2375
/docker/nodes/192.168.205.11:2375
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network
/docker/network/v1.0
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0
/docker/network/v1.0/endpoint_count
/docker/network/v1.0/endpoint
/docker/network/v1.0/ipam
/docker/network/v1.0/idm
/docker/network/v1.0/overlay
/docker/network/v1.0/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay
/docker/network/v1.0/overlay/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay/network
/docker/network/v1.0/overlay/network/efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6
[root@docker etcd-v3.0.12-linux-amd64]#
分别在两胎服务器上创建容器
在第一台服务器上创建
[root@docker ~]# docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
170e8edf81f2 busybox "sh -c 'while true; …" 3 minutes ago Up 3 minutes test1
[root@docker ~]# docker exec -it test1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
13: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
15: eth1@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
在第二台服务器上创建
[root@docker ~]# docker run -d --name test2 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8b50c21f1337 busybox "sh -c 'while true; …" 2 minutes ago Up 2 minutes test2
[root@docker ~]# docker exec -it test2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:03 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.3/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
10: eth1@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
查看demo网络信息:
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"170e8edf81f2bc216b926c52928c0e6977809387cc21db433c56d7b7d397f49b": {
"Name": "test1",
"EndpointID": "247454410f441b545c97c3d53cae508cbdbb9c2d91745381adf70580a77f8ec7",
"MacAddress": "",
"IPv4Address": "10.0.0.2/24",
"IPv6Address": ""
},
"ep-5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d": {
"Name": "test2",
"EndpointID": "5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d",
"MacAddress": "",
"IPv4Address": "10.0.0.3/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
测试两个容器间能否通信
[root@docker ~]# docker exec -it test1 ping 10.0.0.3
PING 10.0.0.3 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=3.251 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.693 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.591 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.579 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.776 ms
^C
--- 10.0.0.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.579/1.178/3.251 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test1 ping test2
^C[vagrant@docker-node1 ~]$ docker exec -it test1 ping test2
PING test2 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=1.024 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.565 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.806 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.597 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.498 ms
^C
--- test2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.498/0.698/1.024 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=3.374 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.531 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.499 ms
^C
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.499/1.468/3.374 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping test1
PING test1 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=0.685 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.754 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.642 ms
64 bytes from 10.0.0.2: seq=3 ttl=64 time=1.080 ms
^C
--- test1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.642/0.790/1.080 ms
[root@docker ~]#
17、docker多机网络通信overlay的更多相关文章
- 跨 Docker 宿主机网络 overlay 类型
跨 Docker 宿主机网络 overlay 类型 前言 a. 本文主要为 Docker的视频教程 笔记. b. 环境为 三台 CentOS 7.0 虚拟机 (Vmware Workstation 1 ...
- Docker跨主机网络——overlay
前言 在Docker网络--单host网络一文中,我为大家总结了Docker的单机网络相关知识和操作,单机网络比较容易.本文我为大家总结Docker跨主机通信相关知识.同样本文大部分内容以CloudM ...
- [docker]docker自带的overlay网络实战
overlay网络实战 n3启动consul docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -b ...
- Docker跨服务器通信Overlay解决方案(下) Consul集群
承接上文 本文基于上篇文章,详细的场景说明与分析在前篇随笔中业已记录,有兴趣可以移步 Docker跨服务器通信Overlay解决方案(上) Consul单实例 本文主旨 本文为Docker使用Cons ...
- Docker多机网络
前言 前面的文章主要聚焦于单机网络上,对于生产环境而言,单机环境不满足高可用的特点,所以是不具备上生产的条件,因此在开始Docker Swarm篇的时候我们先来聊聊多机网络之间Docker的通信如何做 ...
- Docker 三剑客之 Docker Swarm(基于 overlay 组网通信)
相关文章:Docker 三剑客之 Docker Swarm 这一篇主要是对 Docker Swarm 的完善,增加基于 overlay 组网通信,以便 Docker 容器可以跨主机访问. 不同主机间的 ...
- docker 环境下创建 overlay 网络方案
一.环境 三台机器,其中一台安装 consul(192.168.1.21), 两台创建网络(192.168.1.32,33) 二.实现步骤 1.构建环境 1)三台机器部署docker环境 2)选择一台 ...
- Docker 跨主机网络 overlay(十六)
目录 一.跨主机网络概述 二.准备 overlay 环境 1.环境描述 2.创建 consul 3.修改 docker 配置文件 4.准备就绪 三.创建 overlay 网络 1.在 host1 中创 ...
- docker跨主机通信-overlay
使用consul 1,让两个网络环境下的容器互通,那么必然涉及到网络信息的同步,所以需要先配置一下consul. 直接运行下面命令.启动consul. docker run -d -p 8500:85 ...
随机推荐
- 吴裕雄 实战python编程(3)
import requests from bs4 import BeautifulSoup url = 'http://www.baidu.com'html = requests.get(url)sp ...
- uboot的配置及编译
1. 先执行配置命令 make board_name_config 再执行编译命令 make all 2. 通过在Makefile中找到 board_name_config 目标,可以查看为了得到目标 ...
- Conductor Server
安装 要求 数据库:Dynomite https://github.com/Netflix/dynomite 索引后端: Elasticsearch 2.x http ...
- 微擎系统 微信支付 get_brand_wcpay_request:fail
支付授权目录问题,有一个是域名加app的
- MySql初步II
[MySql初步II] 1.Order By 你可以使用 ASC 或 DESC 关键字来设置查询结果是按升序或降序排列. 默认情况下,它是按升排列. 实例: 2.Join语法 Join不是一个关键字 ...
- test5
## 前言 因为vs2010没有集成mvvmlight 所以想要使用mvvmlight的relaycomman需要引用dll 需要测试某个功能的时候,不能进行快带的集成 ## 引用mvvmlight ...
- Python3 ord() 函数
Python3 ord() 函数 Python3 内置函数 描述 ord() 函数是 chr() 函数(对于 8 位的 ASCII 字符串)的配对函数,它以一个字符串(Unicode 字符)作为参数 ...
- httplib:AttributeError: 'module' object has no attribute 'HTTPConnection'
# -*-coding:gb2312-*- #Function:学习python的httplib模块 import httplib conn = httplib.HTTPConnection(&quo ...
- python之三级菜单作业
作业需求如下 1.根据用户的输入打印相应的省.市.县的信息 2.每次只要用户输入b,则返回上一级菜单 3.每次只要用户输入q,则直接退出 4.用户输错需要有提示 homework_dict = {'内 ...
- [leetcode]689. Maximum Sum of 3 Non-Overlapping Subarrays三个非重叠子数组的最大和
In a given array nums of positive integers, find three non-overlapping subarrays with maximum sum. E ...