17、docker多机网络通信overlay
理论上来说多台宿主机之间的docker容器之间是无法通讯的,但是多台宿主机之间的docker容器之间是可以通讯的,主要是通过VXLAN技术来实现的。
GitHub上对于docker-overlay-network的介绍。
1|017.1 overlay网络和etcd实现多机容器通信
docker在创建容器的时候默认会使用bridge网络,要实现多机容器间通信,需要使用overlay网络,但是要实现多机的容器通信,通信的两个容器的IP肯定不能一样,所以我们需要借助第三方的工具来实现。这里使用ectd。
1|1安装etcd
在第一台服务器上安装
[root@docker ~]# wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz [root@docker ~]# tar xf etcd-v3.0.12-linux-amd64.tar.gz [root@docker ~]# cd etcd-v3.0.12-linux-amd64/ [root@docker ~]# nohup ./etcd --name docker-node1 --initial-advertise-peer-urls http://192.168.205.10:2380 \ --listen-peer-urls http://192.168.205.10:2380 \ --listen-client-urls http://192.168.205.10:2379,http://127.0.0.1:2379 \ --advertise-client-urls http://192.168.205.10:2379 \ --initial-cluster-token etcd-cluster \ --initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \ --initial-cluster-state new& [root@docker ~]#
在第二台服务器上安装
检查cluster状态
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl cluster-health member 21eca106efe4caee is healthy: got healthy result from http://192.168.205.10:2379 member 8614974c83d1cc6d is healthy: got healthy result from http://192.168.205.11:2379 cluster is healthy
1|2重启docker服务
在第一台服务器上重启
systemctl stop docker.service /usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.11:2379 --cluster-advertise=192.168.205.11:2375&
在第二台服务器上重启
systemctl stop docker.service /usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.10:2379 --cluster-advertise=192.168.205.10:2375&
1|3创建overlay network
在其中任意一台服务器上创建一个overlay网络
[root@docker ~]# docker network create -d overlay demo [root@docker ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 038cb815ca11 bridge bridge local efeabebb2ed5 demo overlay global 674c97014876 host host local ac706f4efd8e none null local [root@docker ~]# docker network inspect demo [ { "Name": "demo", "Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6", "Created": "2018-06-06T09:50:59.567617763Z", "Scope": "global", "Driver": "overlay", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "10.0.0.0/24", "Gateway": "10.0.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": {}, "Options": {}, "Labels": {} } ] [root@docker ~]#
另一台服务器上的overlay网络也会被同步创建。这都是由etcd实现的:
[root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker [root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker /docker/nodes /docker/network [root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/nodes /docker/nodes/192.168.205.10:2375 /docker/nodes/192.168.205.11:2375 [root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network /docker/network/v1.0 [root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0 /docker/network/v1.0/endpoint_count /docker/network/v1.0/endpoint /docker/network/v1.0/ipam /docker/network/v1.0/idm /docker/network/v1.0/overlay /docker/network/v1.0/network [root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay /docker/network/v1.0/overlay/network [root@docker etcd-v3.0.12-linux-amd64]# ./etcdctl ls /docker/network/v1.0/overlay/network /docker/network/v1.0/overlay/network/efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6 [root@docker etcd-v3.0.12-linux-amd64]#
1|4分别在两胎服务器上创建容器
在第一台服务器上创建
[root@docker ~]# docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done" [root@docker ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 170e8edf81f2 busybox "sh -c 'while true; …" 3 minutes ago Up 3 minutes test1 [root@docker ~]# docker exec -it test1 ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 13: eth0@if14: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue link/ether 02:42:0a:00:00:02 brd ff:ff:ff:ff:ff:ff inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0 valid_lft forever preferred_lft forever 15: eth1@if16: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1 valid_lft forever preferred_lft forever [root@docker ~]#
在第二台服务器上创建
[root@docker ~]# docker run -d --name test2 --net demo busybox sh -c "while true; do sleep 3600; done" [root@docker ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8b50c21f1337 busybox "sh -c 'while true; …" 2 minutes ago Up 2 minutes test2 [root@docker ~]# docker exec -it test2 ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 7: eth0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue link/ether 02:42:0a:00:00:03 brd ff:ff:ff:ff:ff:ff inet 10.0.0.3/24 brd 10.0.0.255 scope global eth0 valid_lft forever preferred_lft forever 10: eth1@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff inet 172.18.0.2/16 brd 172.18.255.255 scope global eth1 valid_lft forever preferred_lft forever [root@docker ~]#
查看demo网络信息:
[root@docker ~]# docker network inspect demo [ { "Name": "demo", "Id": "efeabebb2ed5b63e705cb2eb3b9f77109119a71fdb89d05b105db30ae25c06f6", "Created": "2018-06-06T09:50:59.567617763Z", "Scope": "global", "Driver": "overlay", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": {}, "Config": [ { "Subnet": "10.0.0.0/24", "Gateway": "10.0.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "170e8edf81f2bc216b926c52928c0e6977809387cc21db433c56d7b7d397f49b": { "Name": "test1", "EndpointID": "247454410f441b545c97c3d53cae508cbdbb9c2d91745381adf70580a77f8ec7", "MacAddress": "", "IPv4Address": "10.0.0.2/24", "IPv6Address": "" }, "ep-5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d": { "Name": "test2", "EndpointID": "5e95b84eff1dbb3fbdc6abb4daa0707e117dac66220222a2e22a75bf6b7eb09d", "MacAddress": "", "IPv4Address": "10.0.0.3/24", "IPv6Address": "" } }, "Options": {}, "Labels": {} } ] [root@docker ~]#
1|5测试两个容器间能否通信
[root@docker ~]# docker exec -it test1 ping 10.0.0.3 PING 10.0.0.3 (10.0.0.3): 56 data bytes 64 bytes from 10.0.0.3: seq=0 ttl=64 time=3.251 ms 64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.693 ms 64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.591 ms 64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.579 ms 64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.776 ms ^C --- 10.0.0.3 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0.579/1.178/3.251 ms [root@docker ~]# [root@docker ~]# docker exec -it test1 ping test2 ^C[vagrant@docker-node1 ~]$ docker exec -it test1 ping test2 PING test2 (10.0.0.3): 56 data bytes 64 bytes from 10.0.0.3: seq=0 ttl=64 time=1.024 ms 64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.565 ms 64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.806 ms 64 bytes from 10.0.0.3: seq=3 ttl=64 time=0.597 ms 64 bytes from 10.0.0.3: seq=4 ttl=64 time=0.498 ms ^C --- test2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0.498/0.698/1.024 ms [root@docker ~]#
[root@docker ~]# docker exec -it test2 ping 10.0.0.2 PING 10.0.0.2 (10.0.0.2): 56 data bytes 64 bytes from 10.0.0.2: seq=0 ttl=64 time=3.374 ms 64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.531 ms 64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.499 ms ^C --- 10.0.0.2 ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 0.499/1.468/3.374 ms [root@docker ~]# [root@docker ~]# docker exec -it test2 ping test1 PING test1 (10.0.0.2): 56 data bytes 64 bytes from 10.0.0.2: seq=0 ttl=64 time=0.685 ms 64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.754 ms 64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.642 ms 64 bytes from 10.0.0.2: seq=3 ttl=64 time=1.080 ms ^C --- test1 ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 0.642/0.790/1.080 ms [root@docker ~]#
__EOF__
本文作者:StaryJie
本文链接:https://www.cnblogs.com/jie-fang/p/10279770.html
关于博主:评论和私信会在第一时间回复。或者直接私信我。
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
声援博主:如果您觉得文章对您有帮助,可以点击文章右下角【推荐】一下。您的鼓励是博主的最大动力!
本文链接:https://www.cnblogs.com/jie-fang/p/10279770.html
关于博主:评论和私信会在第一时间回复。或者直接私信我。
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
声援博主:如果您觉得文章对您有帮助,可以点击文章右下角【推荐】一下。您的鼓励是博主的最大动力!
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 单元测试从入门到精通
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律