17、docker多机网络通信overlay
理论上来说多台宿主机之间的docker容器之间是无法通讯的,但是多台宿主机之间的docker容器之间是可以通讯的,主要是通过VXLAN技术来实现的。
GitHub上对于docker-overlay-network的介绍。
17.1 overlay网络和etcd实现多机容器通信
docker在创建容器的时候默认会使用bridge网络,要实现多机容器间通信,需要使用overlay网络,但是要实现多机的容器通信,通信的两个容器的IP肯定不能一样,所以我们需要借助第三方的工具来实现。这里使用ectd。
安装etcd
在第一台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node1 --initial-advertise-peer-urls http://192.168.205.10:2380 \
--listen-peer-urls http://192.168.205.10:2380 \
--listen-client-urls http://192.168.205.10:2379,http://127.0.0.1:2379 \
--advertise-client-urls http://192.168.205.10:2379 \
--initial-cluster-token etcd-cluster \
--initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
--initial-cluster-state new&
[root@docker ~]#
在第二台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz
[root@docker ~]# cd etcd-v3.0.12-linux-amd64/
[root@docker ~]# nohup ./etcd --name docker-node2 --initial-advertise-peer-urls http://192.168.205.11:2380 \
> --listen-peer-urls http://192.168.205.11:2380 \
> --listen-client-urls http://192.168.205.11:2379,http://127.0.0.1:2379 \
> --advertise-client-urls http://192.168.205.11:2379 \
> --initial-cluster-token etcd-cluster \
> --initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \
> --initial-cluster-state new&
[root@docker ~]#
检查cluster状态
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl cluster-health
member 21eca106efe4caee is healthy: got healthy result from http://192.168.205.10:2379
member 8614974c83d1cc6d is healthy: got healthy result from http://192.168.205.11:2379
cluster is healthy
重启docker服务
在第一台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.11:2379 --cluster-advertise=192.168.205.11:2375&
在第二台服务器上重启
systemctl stop docker.service
/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.10:2379 --cluster-advertise=192.168.205.10:2375&
创建overlay network
在其中任意一台服务器上创建一个overlay网络
[root@docker ~]# docker network create -d overlay demo
[root@docker ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
038cb815ca11 bridge bridge local
efeabebb2ed5 demo overlay global
674c97014876 host host local
ac706f4efd8e none null local
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
另一台服务器上的overlay网络也会被同步创建。这都是由etcd实现的:
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls
/docker
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker
/docker/nodes
/docker/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/nodes
/docker/nodes/192.168.205.10:2375
/docker/nodes/192.168.205.11:2375
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network
/docker/network/v1.0
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0
/docker/network/v1.0/endpoint_count
/docker/network/v1.0/endpoint
/docker/network/v1.0/ipam
/docker/network/v1.0/idm
/docker/network/v1.0/overlay
/docker/network/v1.0/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay
/docker/network/v1.0/overlay/network
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay/network
/docker/network/v1.0/overlay/network/efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6
[root@docker etcd-v3.0.12-linux-amd64]#
分别在两胎服务器上创建容器
在第一台服务器上创建
[root@docker ~]# docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
170e8edf81f2 busybox "sh -c 'while true; …" 3 minutes ago Up 3 minutes test1
[root@docker ~]# docker exec -it test1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
13: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
15: eth1@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
在第二台服务器上创建
[root@docker ~]# docker run -d --name test2 --net demo busybox sh -c "while true; do sleep 3600; done"
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8b50c21f1337 busybox "sh -c 'while true; …" 2 minutes ago Up 2 minutes test2
[root@docker ~]# docker exec -it test2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue
link/ether 02:42:0a:00:00:03 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.3/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
10: eth1@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1
valid_lft forever preferred_lft forever
[root@docker ~]#
查看demo网络信息:
[root@docker ~]# docker network inspect demo
[
{
"Name": "demo",
"Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6",
"Created": "2018-06-06T09:50:59.567617763Z",
"Scope": "global",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"170e8edf81f2bc216b926c52928c0e6977809387cc21db433c56d7b7d397f49b": {
"Name": "test1",
"EndpointID": "247454410f441b545c97c3d53cae508cbdbb9c2d91745381adf70580a77f8ec7",
"MacAddress": "",
"IPv4Address": "10.0.0.2/24",
"IPv6Address": ""
},
"ep-5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d": {
"Name": "test2",
"EndpointID": "5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d",
"MacAddress": "",
"IPv4Address": "10.0.0.3/24",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@docker ~]#
测试两个容器间能否通信
[root@docker ~]# docker exec -it test1 ping 10.0.0.3
PING 10.0.0.3 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=3.251 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.693 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.591 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.579 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.776 ms
^C
--- 10.0.0.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.579/1.178/3.251 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test1 ping test2
^C[vagrant@docker-node1 ~]$ docker exec -it test1 ping test2
PING test2 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=1.024 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.565 ms
64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.806 ms
64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.597 ms
64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.498 ms
^C
--- test2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.498/0.698/1.024 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=3.374 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.531 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.499 ms
^C
--- 10.0.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.499/1.468/3.374 ms
[root@docker ~]#
[root@docker ~]# docker exec -it test2 ping test1
PING test1 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=0.685 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.754 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.642 ms
64 bytes from 10.0.0.2: seq=3 ttl=64 time=1.080 ms
^C
--- test1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.642/0.790/1.080 ms
[root@docker ~]#
17、docker多机网络通信overlay的更多相关文章
- 跨 Docker 宿主机网络 overlay 类型
跨 Docker 宿主机网络 overlay 类型 前言 a. 本文主要为 Docker的视频教程 笔记. b. 环境为 三台 CentOS 7.0 虚拟机 (Vmware Workstation 1 ...
- Docker跨主机网络——overlay
前言 在Docker网络--单host网络一文中,我为大家总结了Docker的单机网络相关知识和操作,单机网络比较容易.本文我为大家总结Docker跨主机通信相关知识.同样本文大部分内容以CloudM ...
- [docker]docker自带的overlay网络实战
overlay网络实战 n3启动consul docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -b ...
- Docker跨服务器通信Overlay解决方案(下) Consul集群
承接上文 本文基于上篇文章,详细的场景说明与分析在前篇随笔中业已记录,有兴趣可以移步 Docker跨服务器通信Overlay解决方案(上) Consul单实例 本文主旨 本文为Docker使用Cons ...
- Docker多机网络
前言 前面的文章主要聚焦于单机网络上,对于生产环境而言,单机环境不满足高可用的特点,所以是不具备上生产的条件,因此在开始Docker Swarm篇的时候我们先来聊聊多机网络之间Docker的通信如何做 ...
- Docker 三剑客之 Docker Swarm(基于 overlay 组网通信)
相关文章:Docker 三剑客之 Docker Swarm 这一篇主要是对 Docker Swarm 的完善,增加基于 overlay 组网通信,以便 Docker 容器可以跨主机访问. 不同主机间的 ...
- docker 环境下创建 overlay 网络方案
一.环境 三台机器,其中一台安装 consul(192.168.1.21), 两台创建网络(192.168.1.32,33) 二.实现步骤 1.构建环境 1)三台机器部署docker环境 2)选择一台 ...
- Docker 跨主机网络 overlay(十六)
目录 一.跨主机网络概述 二.准备 overlay 环境 1.环境描述 2.创建 consul 3.修改 docker 配置文件 4.准备就绪 三.创建 overlay 网络 1.在 host1 中创 ...
- docker跨主机通信-overlay
使用consul 1,让两个网络环境下的容器互通,那么必然涉及到网络信息的同步,所以需要先配置一下consul. 直接运行下面命令.启动consul. docker run -d -p 8500:85 ...
随机推荐
- 吴裕雄 实战PYTHON编程(4)
import hashlib md5 = hashlib.md5()md5.update(b'Test String')print(md5.hexdigest()) import hashlib md ...
- SpringCloud之Eureka 服务注册和服务发现基础篇2
上篇文章讲解了SpringCloud组件和概念介绍,接下来讲解一下SpringCloud组件相关组件使用.原理和每个组件的作用的,它主要提供的模块包括:服务发现(Eureka),断路器(Hystrix ...
- select语法图
- SearchEngine Note
[SearchEngine Note] 1.查全率. 2.查准率. 3.查全率与查准率的关系. 4.四大系统. 5.权威性网页反向链接多.网页的平均出席为25.7,即平均每一个网页含有25.7个指向其 ...
- webElement.text()获取到内容为空
使用webElement.text()方法获取字符串时,有时候会获取失败--获取到的内容为空 使用 webElement.getAttribute("attributeName") ...
- Sum of Consecutive Prime Numbers
Sum of Consecutive Prime Numbers http://poj.org/problem?id=2739 Time Limit: 1000MS Memory Limit: 6 ...
- Binary Tree Traversal 二叉树的前中后序遍历
[抄题]:二叉树前序遍历 [思维问题]: 不会递归.三要素:下定义.拆分问题(eg root-root.left).终止条件 [一句话思路]: 节点非空时往左移,否则新取一个点 再往右移. [输入量] ...
- swift UITextfield 添加点击方法 - 简单实现
1. 真正在任何系统上都有效的方法 1./// 城市选择 private lazy var cityTextfield:UITextField = { let tf = UITextField() t ...
- php 下载生成word文件
方案一 $html2 ='数字'; header("Content-type: application/octet-stream"); header("Accept-Ra ...
- MVC仓储使用join
代码: var result = from mpc in this.Context.Set<Domain.S_MENU_PURVIEWCODE>() join menu in this.C ...