docker创建Overlay网络

作者: huxt | 来源:发表于2019-10-19 21:18 被阅读0次

# Mutil-host networking with etcd

## setup etcd cluster

在docker-node1上

```

vagrant@docker-node1:~$ wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz

vagrant@docker-node1:~$ tar zxvf etcd-v3.0.12-linux-amd64.tar.gz

vagrant@docker-node1:~$ cd etcd-v3.0.12-linux-amd64

vagrant@docker-node1:~$ nohup ./etcd --name docker-node1 --initial-advertise-peer-urls http://192.168.205.10:2380 \

--listen-peer-urls http://192.168.205.10:2380 \

--listen-client-urls http://192.168.205.10:2379,http://127.0.0.1:2379 \

--advertise-client-urls http://192.168.205.10:2379 \

--initial-cluster-token etcd-cluster \

--initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \

--initial-cluster-state new&

```

在docker-node2上

```

vagrant@docker-node2:~$ wget https://github.com/coreos/etcd/releases/download/v3.0.12/etcd-v3.0.12-linux-amd64.tar.gz

vagrant@docker-node2:~$ tar zxvf etcd-v3.0.12-linux-amd64.tar.gz

vagrant@docker-node2:~$ cd etcd-v3.0.12-linux-amd64/

vagrant@docker-node2:~$ nohup ./etcd --name docker-node2 --initial-advertise-peer-urls http://192.168.205.11:2380 \

--listen-peer-urls http://192.168.205.11:2380 \

--listen-client-urls http://192.168.205.11:2379,http://127.0.0.1:2379 \

--advertise-client-urls http://192.168.205.11:2379 \

--initial-cluster-token etcd-cluster \

--initial-cluster docker-node1=http://192.168.205.10:2380,docker-node2=http://192.168.205.11:2380 \

--initial-cluster-state new&

```

检查cluster状态

```

vagrant@docker-node2:~/etcd-v3.0.12-linux-amd64$ ./etcdctl cluster-health

member 21eca106efe4caee is healthy: got healthy result from http://192.168.205.10:2379

member 8614974c83d1cc6d is healthy: got healthy result from http://192.168.205.11:2379

cluster is healthy

```

## 重启docker服务

在docker-node1上

```

$ sudo service docker stop

$ sudo /usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.10:2379 --cluster-advertise=192.168.205.10:2375&

```

在docker-node2上

```

$ sudo service docker stop

$ sudo /usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://192.168.205.11:2379 --cluster-advertise=192.168.205.11:2375&

```

## 创建overlay network

在docker-node1上创建一个demo的overlay network

```

vagrant@docker-node1:~$ sudo docker network ls

NETWORK ID NAME DRIVER SCOPE

0e7bef3f143a bridge bridge local

a5c7daf62325 host host local

3198cae88ab4 none null local

vagrant@docker-node1:~$ sudo docker network create -d overlay demo

3d430f3338a2c3496e9edeccc880f0a7affa06522b4249497ef6c4cd6571eaa9

vagrant@docker-node1:~$ sudo docker network ls

NETWORK ID NAME DRIVER SCOPE

0e7bef3f143a bridge bridge local

3d430f3338a2 demo overlay global

a5c7daf62325 host host local

3198cae88ab4 none null local

vagrant@docker-node1:~$ sudo docker network inspect demo

[

{

"Name": "demo",

"Id": "3d430f3338a2c3496e9edeccc880f0a7affa06522b4249497ef6c4cd6571eaa9",

"Scope": "global",

"Driver": "overlay",

"EnableIPv6": false,

"IPAM": {

"Driver": "default",

"Options": {},

"Config": [

{

"Subnet": "10.0.0.0/24",

"Gateway": "10.0.0.1/24"

}

]

},

"Internal": false,

"Containers": {},

"Options": {},

"Labels": {}

}

]

```

我们会看到在node2上，这个demo的overlay network会被同步创建

```

vagrant@docker-node2:~$ sudo docker network ls

NETWORK ID NAME DRIVER SCOPE

c9947d4c3669 bridge bridge local

3d430f3338a2 demo overlay global

fa5168034de1 host host local

c2ca34abec2a none null local

```

通过查看etcd的key-value, 我们获取到，这个demo的network是通过etcd从node1同步到node2的

```

vagrant@docker-node2:~/etcd-v3.0.12-linux-amd64$ ./etcdctl ls /docker

/docker/network

/docker/nodes

vagrant@docker-node2:~/etcd-v3.0.12-linux-amd64$ ./etcdctl ls /docker/nodes

/docker/nodes/192.168.205.11:2375

/docker/nodes/192.168.205.10:2375

vagrant@docker-node2:~/etcd-v3.0.12-linux-amd64$ ./etcdctl ls /docker/network/v1.0/network

/docker/network/v1.0/network/3d430f3338a2c3496e9edeccc880f0a7affa06522b4249497ef6c4cd6571eaa9

vagrant@docker-node2:~/etcd-v3.0.12-linux-amd64$ ./etcdctl get /docker/network/v1.0/network/3d430f3338a2c3496e9edeccc880f0a7affa06522b4249497ef6c4cd6571eaa9 | jq .

{

"addrSpace": "GlobalDefault",

"enableIPv6": false,

"generic": {

"com.docker.network.enable_ipv6": false,

"com.docker.network.generic": {}

},

"id": "3d430f3338a2c3496e9edeccc880f0a7affa06522b4249497ef6c4cd6571eaa9",

"inDelete": false,

"ingress": false,

"internal": false,

"ipamOptions": {},

"ipamType": "default",

"ipamV4Config": "[{\"PreferredPool\":\"\",\"SubPool\":\"\",\"Gateway\":\"\",\"AuxAddresses\":null}]",

"ipamV4Info": "[{\"IPAMData\":\"{\\\"AddressSpace\\\":\\\"GlobalDefault\\\",\\\"Gateway\\\":\\\"10.0.0.1/24\\\",\\\"Pool\\\":\\\"10.0.0.0/24\\\"}\",\"PoolID\":\"GlobalDefault/10.0.0.0/24\"}]",

"labels": {},

"name": "demo",

"networkType": "overlay",

"persist": true,

"postIPv6": false,

"scope": "global"

}

```

## 创建连接demo网络的容器

在docker-node1上

```

vagrant@docker-node1:~$ sudo docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done"

Unable to find image 'busybox:latest' locally

latest: Pulling from library/busybox

56bec22e3559: Pull complete

Digest: sha256:29f5d56d12684887bdfa50dcd29fc31eea4aaf4ad3bec43daf19026a7ce69912

Status: Downloaded newer image for busybox:latest

a95a9466331dd9305f9f3c30e7330b5a41aae64afda78f038fc9e04900fcac54

vagrant@docker-node1:~$ sudo docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

a95a9466331d busybox "sh -c 'while true; d" 4 seconds ago Up 3 seconds test1

vagrant@docker-node1:~$ sudo docker exec test1 ifconfig

eth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:02

inet addr:10.0.0.2 Bcast:0.0.0.0 Mask:255.255.255.0

inet6 addr: fe80::42:aff:fe00:2/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1

RX packets:15 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:1206 (1.1 KiB) TX bytes:648 (648.0 B)

eth1 Link encap:Ethernet HWaddr 02:42:AC:12:00:02

inet addr:172.18.0.2 Bcast:0.0.0.0 Mask:255.255.0.0

inet6 addr: fe80::42:acff:fe12:2/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:8 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:648 (648.0 B) TX bytes:648 (648.0 B)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:65536 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1

RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

vagrant@docker-node1:~$

```

在docker-node2上

```

vagrant@docker-node2:~$ sudo docker run -d --name test1 --net demo busybox sh -c "while true; do sleep 3600; done"

Unable to find image 'busybox:latest' locally

latest: Pulling from library/busybox

56bec22e3559: Pull complete

Digest: sha256:29f5d56d12684887bdfa50dcd29fc31eea4aaf4ad3bec43daf19026a7ce69912

Status: Downloaded newer image for busybox:latest

fad6dc6538a85d3dcc958e8ed7b1ec3810feee3e454c1d3f4e53ba25429b290b

docker: Error response from daemon: service endpoint with name test1 already exists.

vagrant@docker-node2:~$ sudo docker run -d --name test2 --net demo busybox sh -c "while true; do sleep 3600; done"

9d494a2f66a69e6b861961d0c6af2446265bec9b1d273d7e70d0e46eb2e98d20

```

验证连通性。

```

vagrant@docker-node2:~$ sudo docker exec -it test2 ifconfig

eth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:03

inet addr:10.0.0.3 Bcast:0.0.0.0 Mask:255.255.255.0

inet6 addr: fe80::42:aff:fe00:3/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1

RX packets:208 errors:0 dropped:0 overruns:0 frame:0

TX packets:201 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:20008 (19.5 KiB) TX bytes:19450 (18.9 KiB)

eth1 Link encap:Ethernet HWaddr 02:42:AC:12:00:02

inet addr:172.18.0.2 Bcast:0.0.0.0 Mask:255.255.0.0

inet6 addr: fe80::42:acff:fe12:2/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:8 errors:0 dropped:0 overruns:0 frame:0

TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:648 (648.0 B) TX bytes:648 (648.0 B)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:65536 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1

RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

vagrant@docker-node1:~$ sudo docker exec test1 sh -c "ping 10.0.0.3"

PING 10.0.0.3 (10.0.0.3): 56 data bytes

64 bytes from 10.0.0.3: seq=0 ttl=64 time=0.579 ms

64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.411 ms

64 bytes from 10.0.0.3: seq=2 ttl=64 time=0.483 ms

^C

vagrant@docker-node1:~$

```

网友评论

软件架构

本文标题：docker创建Overlay网络

本文链接：https://www.haomeiwen.com/subject/fbwnmctx.html

延伸阅读

深度阅读

您也可以注册成为美文阅读网的作者，发表您的原创作品、分享您的心情！

docker创建Overlay网络

相关文章

网友评论

延伸阅读

深度阅读

栏目导航

热点阅读

软件架构