Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to implement cross-host container interconnection in Weave in Docker. Xiaobian thinks it is quite practical, so share it with you as a reference. I hope you can gain something after reading this article.

Docker has very limited native networking support and no cross-host clustering solution. At present, there are Weave, Kubernetes, Flannel, Pipework and SocketPlane open source solutions to implement Docker network, among which Weave is evaluated as the most reliable at present, so here is a summary of the basic principles and use methods of Weave.

profile

Weave, developed by Zett.io, creates a virtual network that connects Docker containers deployed on multiple hosts, so that the containers appear to be connected to the same network switch, and applications that use the network do not have to configure port mappings and links. External devices can access services provided by application containers on the Weave network, while existing internal systems can also be exposed to application containers. Weave is able to penetrate firewalls and run on partially connected networks. In addition, Weave's communications support encryption, so users can connect to hosts from an untrusted network.

Weave Other Features

Application isolation: Different subnet containers are isolated by default, even if they are located on the same physical machine; containers between different physical machines are also isolated by default

Container interworking between physical machines: weave connect $OTHER_HOST

Dynamically add networks: For containers that are not started via weave, you can add networks via weave attach 10.0.1.1/24 $id (detach removes networks)

Security: You can set a password for encrypted communication between weave peers by weaving launch-password weEaVe

Communicate with host network: weave expose 10.0.1.102/24, this IP will be configured on the weave bridge

View Weave Route Status: Weave ps

Access docker container via NAT

installation and startup

Download binaries directly from github to install.

# sudo wget -O /usr/local/bin/weave https://raw.githubusercontent.com/zettio/weave/master/weave# sudo chmod a+x /usr/local/bin/weave

Start the weave router, which also runs as a container.

# weave launchUnable to find image 'zettio/weave' locally......

At this point, you will find that there are two bridges, one generated by Docker by default and the other by Weave.

Then you can run the application container and use the network features provided by weave.

simple use

ready

1. host1: 10.0.2.6

2. host2: 10.0.2.8

3. App container 1 on host1: 192.168.0.2/24 App container 2 on host1: 192.168.1.2/24

4. App container 1 on host2: 192.168.0.3/24

Docker and Weave are installed on both machines, and Weave routing containers are started.

Start an app container on both machines. You can use the weave run command directly, or you can use docker run to start the container first, and then use the weave attach command to bind the IP address to the container.

# weave run 192.168.0.2/24 -itd ubuntu bash

or

# docker run -itd ubuntu bash# weave attach 192.168.0.2/24 $ID

At this point, it is found that there is no connection between the two containers. You need to use the weave connect command to establish a connection between the two weaved routers.

# weave connect 10.0.2.8

You will notice that containers on two different hosts can ping each other. However, two containers in different subnets cannot be interconnected, so we can use different subnets for network isolation between containers.

We will find that without Docker's native network, there is no access to the host and external network inside the container. At this point we can use weave expose 192.168.0.1/24 to add IP to the weave bridge to enable connectivity between the container and the host network. However, external networks are still inaccessible inside the container.

We can use both Docker's native network and weave network to interconnect containers and access external networks and port mappings. Use docker0 bridge when using external networks and port mapping, and weave bridge when container interconnection is required. Each container is assigned two network cards.

Other features apply isolation: Different subnet containers are isolated by default, even if they are located on the same physical machine, they are not connected to each other (use-icc=false to turn off container interworking); containers between different physical machines are also isolated by default Security: you can set a password for encrypted communication between weave peers through weave launch-password wEaVe View weave routing status: weave ps problem Container restart problem

If you use weave, you can't use docker's auto-restart feature (such as docker run-restart =always redis), because weave is a network configured for containers outside docker, docker itself won't do these things when the container restarts. Therefore, additional tools are needed to manage the state of the container (such as systemd, upstart, etc.), and these tools invoke the weave command (weave run/start/attach) to start the container.

About "Docker Weave how to achieve cross-host container interconnection" This article is shared here, I hope the above content can be of some help to everyone, so that you can learn more knowledge, if you think the article is good, please share it to let more people see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.