docker容器跨宿主机通信

docker容器跨宿主机通信

openvswitch安装

  安装依赖

    yum -y install make gcc openssl-devel autoconf automake rpm-build redhat-rpm-config python-devel openssl-devel kernel-devel kernel-debug-devel libtool wget

    yum install -y python-six selinux-policy-devel

  预处理    

    mkdir -p ~/rpmbuild/SOURCES
    wget http://openvswitch.org/releases/openvswitch-2.7.0.tar.gz
    cp openvswitch-2.7.0.tar.gz ~/rpmbuild/SOURCES/
    tar -zxf openvswitch-2.7.0.tar.gz
    sed 's/openvswitch-kmod, //g' openvswitch-2.7.0/rhel/openvswitch.spec > openvswitch-2.7.0/rhel/openvswitch_no_kmod.spec
  构建rpm安装包
    rpmbuild -bb --nocheck ~/openvswitch-2.7.0/rhel/openvswitch_no_kmod.spec
  安装
    yum localinstall ~/rpmbuild/RPMS/x86_64/openvswitch-2.7.0-1.x86_64.rpm
  启动openvswitch服务
    setenforce 0
    systemctl start openvswitch.service
 
  网络配置
    

 

 配置步骤

  先分配好docker的ip规划

  环境

    server1 192.168.32.232 centos7

    server2 192.168.32.245 centos7

  本次例子 server1 docker 172.17.1.0/24 255.255.255.0

            server2 docker 172.17.2.0/24 255.255.255.0

  创建网桥kbr0,删除docker0 

  ovs-vsctl add-br obr0
  ovs-vsctl add-port obr0 gre0 -- set Interface gre0 type=gre options:remote_ip=192.168.32.232  #ip为本地ip
  brctl addbr kbr0
  brctl addif kbr0 obr0
  ip link set dev docker0 down
  ip link del dev docker0
  配置kbr0网卡信息
vim /etc/sysconfig/network-scripts/ifcfg-kbr0
DEVICE=kbr0
ONBOOT=yes
BOOTPROTO=static
IPADDR=172.17.1.1
NETMASK=255.255.255.0
GATEWAY=172.17.1.0
USERCTL=no
TYPE=Bridge
IPV6INIT=no

  配置路由信息,用于转发到其他的宿主机上docker容器。

  vim /etc/sysconfig/network-scripts/route-ens192

  172.17.2.0/24 via 192.168.32.245 dev ens192

  •   表示在192.168.32.245上面的docker网段是172.17.2.0/24

  重启网卡配置  systemctl restart network

  server2的配置大致一样,只需更改一些本地ip即可

 

设置docker容器网桥

  echo 'DOCKER_OPTS="-b=kbr0"' >> /etc/sysconfig/docker

  

vim /usr/lib/systemd/system/docker.service 
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
ExecStart=/usr/bin/dockerd $DOCKER_OPTS
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

 

  重启docker 

    systemctl daemon-reload

    systemctl restart docker

测试网络

  在两台主机上分别启动容器

  docker run -d --name=gggg centos /bin/bash

  

  可以看到当前网卡信息为172.17.1.2

  ping宿主机

  

  ping server2的容器

  

  ping 外网

  

 

以上实验完成。

 
 
 
 
 
 
posted @ 2018-08-29 16:30  jcici  阅读(2296)  评论(0编辑  收藏  举报