Docker容器跨主机通信

默认情况下Docker容器需要跨主机通信两个主机节点都需要在同一个网段下，这时只要两个Docker容器的宿主机能相互通信并且该容器使用net网络模式，改实现方式为网桥模式通信；

　　除此之外我们还可以通过使用第三方工具为不同主机间创建一个覆盖网络，使之能够跨节点通信，这里将使用Flanneld实现；

安装etcd

创建 cat /etc/etcd/etcd.conf文件

 # [member]
 ETCD_NAME=infra1
 ETCD_DATA_DIR="/var/lib/etcd"
 ETCD_LISTEN_PEER_URLS="http://192.168.2.150:2380"
 ETCD_LISTEN_CLIENT_URLS="http://192.168.2.150:2379"

 #[cluster]
 ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.2.150:2380"
 ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
 ETCD_ADVERTISE_CLIENT_URLS="http://192.168.2.150:2379"

创建/etc/systemd/system/etcd.service文件

[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target
Documentation=https://github.com/coreos

[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
ExecStart=/usr/local/bin/etcd \
  --name ${ETCD_NAME} \
  --initial-advertise-peer-urls ${ETCD_INITIAL_ADVERTISE_PEER_URLS} \
  --listen-peer-urls ${ETCD_LISTEN_PEER_URLS} \
  --listen-client-urls ${ETCD_LISTEN_CLIENT_URLS},http://127.0.0.1:2379 \
  --advertise-client-urls ${ETCD_ADVERTISE_CLIENT_URLS} \
  --initial-cluster-token ${ETCD_INITIAL_CLUSTER_TOKEN} \
  --initial-cluster infra1=http://192.168.2.150:2380,infra2=http://192.168.2.151:2380 \
  --initial-cluster-state new \
  --data-dir=${ETCD_DATA_DIR}
Restart=on-failure
RestartSec=5
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

启动systemctl start etcd

在etcd中创建目录：etcdctl --endpoints=http://192.168.2.150:2379,http://192.168.5.151:2379

mkdir /kube-centos/network

创建config节点并写入网络配置信息：

 etcdctl --endpoints=http://172.20.0.113:2379,http://172.20.0.114:2379
 mk /kube-centos/network/config '{"Network":"192.167.0.0/16","SubnetLen":24,"Backend":{"Type":"vxlan"}}'

Flanneld

创建 /etc/sysconfig/flanneld文件

# Flanneld configuration options
# etcd url location.  Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://127.0.0.1:2379"

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
# FLANNEL_ETCD_PREFIX="/kube-centos/network"
FLANNEL_ETCD_PREFIX="/coreos.com/network"
# Any additional options that you want to pass
FLANNEL_OPTIONS="-iface=eth0"

创建/usr/lib/systemd/system/flanneld.service文件

[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/flanneld
EnvironmentFile=-/etc/sysconfig/docker-network
#ExecStart=/usr/bin/flanneld-start  $FLANNEL_OPTIONS
ExecStart=/usr/bin/flanneld-start -etcd-endpoints=http://192.168.2.150:2379,http://192.168.2.151:2379 -    iface=ens33
#ExecStart=/usr/bin/flanneld-start -etcd-endpoints=http://192.168.2.150:2379,http://192.168.2.151:2379  -etcd-    prefix=/kube-centos/network
ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure

[Install]
WantedBy=multi-user.target
RequiredBy=docker.service

启动systemctl start flanneld

flannled启动后会生产/run/flannel/subnet.env文件

修改docker启动参数配置加上：

EnvironmentFile=/run/flannel/subnet.env
--bip=${FLANNEL_SUBNET} --ip-masq=${FLANNEL_IPMASQ}  --mtu=${FLANNEL_MTU}

重启docker，此时docker将使用flanneld配置的网段为container分配ip；

在两个节点分别启动容器：docker run -it --rm busybox sh

查看其中一个主机节点的容器IP，ping另一个主机节点IP

查看其中一个主机节点的容器IP，ping另一个主机节点IP

此时已可联通；

注意iptables配置是否正确；

文章首发地址：Solinx

http://www.solinx.co/archives/1102