17、docker多机网络通信overlay
理论上来说多台宿主机之间的docker容器之间是无法通讯的,但是多台宿主机之间的docker容器之间是可以通讯的,主要是通过VXLAN技术来实现的。
GitHub上对于docker-overlay-network的介绍。
17.1 overlay网络和etcd实现多机容器通信
docker在创建容器的时候默认会使用bridge网络,要实现多机容器间通信,需要使用overlay网络,但是要实现多机的容器通信,通信的两个容器的IP肯定不能一样,所以我们需要借助第三方的工具来实现。这里使用ectd。
安装etcd
在第一台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node1 --initial-advertise-peer-urls http://192.168.205.10:2380 \
--listen-peer-urls http://192.168.205.10:2380 \
--listen-client-urls http://192.168.205.10:2379,http://127.0.0.1:2379 \
--advertise-client-urls http://192.168.205.10:2379 \
--initial-cluster-token etcd-cluster \
--initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
--initial-cluster-state new&
[root@docker ~]#
在第二台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node2 --initial-advertise-peer-urls http://192.168.205.11:2380 \
> --listen-peer-urls http://192.168.205.11:2380 \
> --listen-client-urls http://192.168.205.11:2379,http://127.0.0.1:2379 \
> --advertise-client-urls http://192.168.205.11:2379 \
> --initial-cluster-token etcd-cluster \
> --initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
> --initial-cluster-state new&
[root@docker ~]#
检查cluster状态
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl cluster-health
member 21eca106efe4caee is healthy: got healthy result from http://192.168.205.10:2379
member 8614974c83d1cc6d is healthy: got healthy result from http://192.168.205.11:2379
cluster is healthy
重启docker服务
在第一台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.11:2379 --cluster-advertise=192.168.205.11:2375&
在第二台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.10:2379 --cluster-advertise=192.168.205.10:2375&
创建overlay network
在其中任意一台服务器上创建一个overlay网络
[root@docker ~]# docker network create -d overlay demo
[root@docker ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
038cb815ca11 bridge bridge local
efeabebb2ed5 demo overlay global
674c97014876 host host local
ac706f4efd8e none null local
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
另一台服务器上的overlay网络也会被同步创建。这都是由etcd实现的:
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls
/docker
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker
/docker/nodes
/docker/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/nodes
/docker/nodes/192.168.205.10:2375
/docker/nodes/192.168.205.11:2375
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network
/docker/network/v1.0
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0
/docker/network/v1.0/endpoint_count
/docker/network/v1.0/endpoint
/docker/network/v1.0/ipam
/docker/network/v1.0/idm
/docker/network/v1.0/overlay
/docker/network/v1.0/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay
/docker/network/v1.0/overlay/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay/network
/docker/network/v1.0/overlay/network/efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6
[root@docker etcd-v3.0.12-linux-amd64]#
分别在两胎服务器上创建容器
在第一台服务器上创建
[root@docker ~]# docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
170e8edf81f2 busybox "sh -c 'while true; …" 3 minutes ago Up 3 minutes test1
[root@docker ~]# docker exec -it test1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
13: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
15: eth1@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
在第二台服务器上创建
[root@docker ~]# docker run -d --name test2 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8b50c21f1337 busybox "sh -c 'while true; …" 2 minutes ago Up 2 minutes test2
[root@docker ~]# docker exec -it test2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:03 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.3/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
10: eth1@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
查看demo网络信息:
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"170e8edf81f2bc216b926c52928c0e6977809387cc21db433c56d7b7d397f49b": {
"Name": "test1",
"EndpointID": "247454410f441b545c97c3d53cae508cbdbb9c2d91745381adf70580a77f8ec7",
"MacAddress": "",
"IPv4Address": "10.0.0.2/24",
"IPv6Address": ""
},
"ep-5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d": {
"Name": "test2",
"EndpointID": "5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d",
"MacAddress": "",
"IPv4Address": "10.0.0.3/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
测试两个容器间能否通信
[root@docker ~]# docker exec -it test1 ping 10.0.0.3
PING 10.0.0.3 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=3.251 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.693 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.591 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.579 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.776 ms
^C
--- 10.0.0.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.579/1.178/3.251 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test1 ping test2
^C[vagrant@docker-node1 ~]$ docker exec -it test1 ping test2
PING test2 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=1.024 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.565 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.806 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.597 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.498 ms
^C
--- test2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.498/0.698/1.024 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=3.374 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.531 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.499 ms
^C
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.499/1.468/3.374 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping test1
PING test1 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=0.685 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.754 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.642 ms
64 bytes from 10.0.0.2: seq=3 ttl=64 time=1.080 ms
^C
--- test1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.642/0.790/1.080 ms
[root@docker ~]#
17、docker多机网络通信overlay的更多相关文章
- 跨 Docker 宿主机网络 overlay 类型
跨 Docker 宿主机网络 overlay 类型 前言 a. 本文主要为 Docker的视频教程 笔记. b. 环境为 三台 CentOS 7.0 虚拟机 (Vmware Workstation 1 ...
- Docker跨主机网络——overlay
前言 在Docker网络--单host网络一文中,我为大家总结了Docker的单机网络相关知识和操作,单机网络比较容易.本文我为大家总结Docker跨主机通信相关知识.同样本文大部分内容以CloudM ...
- [docker]docker自带的overlay网络实战
overlay网络实战 n3启动consul docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -b ...
- Docker跨服务器通信Overlay解决方案(下) Consul集群
承接上文 本文基于上篇文章,详细的场景说明与分析在前篇随笔中业已记录,有兴趣可以移步 Docker跨服务器通信Overlay解决方案(上) Consul单实例 本文主旨 本文为Docker使用Cons ...
- Docker多机网络
前言 前面的文章主要聚焦于单机网络上,对于生产环境而言,单机环境不满足高可用的特点,所以是不具备上生产的条件,因此在开始Docker Swarm篇的时候我们先来聊聊多机网络之间Docker的通信如何做 ...
- Docker 三剑客之 Docker Swarm(基于 overlay 组网通信)
相关文章:Docker 三剑客之 Docker Swarm 这一篇主要是对 Docker Swarm 的完善,增加基于 overlay 组网通信,以便 Docker 容器可以跨主机访问. 不同主机间的 ...
- docker 环境下创建 overlay 网络方案
一.环境 三台机器,其中一台安装 consul(192.168.1.21), 两台创建网络(192.168.1.32,33) 二.实现步骤 1.构建环境 1)三台机器部署docker环境 2)选择一台 ...
- Docker 跨主机网络 overlay(十六)
目录 一.跨主机网络概述 二.准备 overlay 环境 1.环境描述 2.创建 consul 3.修改 docker 配置文件 4.准备就绪 三.创建 overlay 网络 1.在 host1 中创 ...
- docker跨主机通信-overlay
使用consul 1,让两个网络环境下的容器互通,那么必然涉及到网络信息的同步,所以需要先配置一下consul. 直接运行下面命令.启动consul. docker run -d -p 8500:85 ...
随机推荐
- ORACLE 对一个表进行循环查数,再根据MO供给数量写入另一个新表
一. 加工处理后要变成如下效果 create table test1 (sonum varchar2(10),lineid varchar2(10),qty int ,qty2 int ,remark ...
- java基础六 [异常处理](阅读Head First Java记录)
在程序运行时,我们不能保证所有服务和方法都是正确的,如果发生问题报错会导致程序崩溃,所以需要对一些可以预见的错误进行异常处理,通过throw去抛出一个异常,然后用try..catch..将要执行的该方 ...
- django提交post请求
在做post的时候,view.py用到了下面的方法,如果是POST的method,就通过request.POTST['XX']获得html中name为XX的值,然后将值save到数据库里 models ...
- vs code 插件推荐
通用插件 HTML Snippets 超级实用且初级的 H5代码片段以及提示 HTML CSS Support 让 html 标签上写class 智能提示当前项目所支持的样式新版已经支持scss文件检 ...
- 123. Best Time to Buy and Sell Stock III (Array; DP)
Say you have an array for which the ith element is the price of a given stock on day i. Design an al ...
- jquery 赋值时不触发change事件解决
$("#optionsId").change(function(){ $("#selectOptionsText").val('测试'); }); $(&quo ...
- iOS - 组件化探究之私有库的创建
http://www.cocoachina.com/ios/20180511/23359.html
- discuz回贴通知插件实现-显示用户状态设置
一.完善用户是否开启回贴通知 回贴通知插件建立模块时,指定了核心文件post_set.inc.php 1.创立好数据库 建立独立数据表(不建议直接修改原有的discuz数据库,防止discuz升级 ...
- ADF backing Bean中常用的代码
// 刷新iterator bindings.refreshControl(); iterBind.executeQuery(); iterBind.refresh(DCIteratorBinding ...
- web 批量打印
批量打印,同时打印多个页面,有两种思路: 第一种思路,将所有的页面内容加载到一个页面中,然后再打印.这种打印方式有几个弊端,页面的样式会丢失,页面太多同时加载到一个页面中,数据量太大,响应时间很长,消 ...