Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "how to realize cross-host communication in Docker container". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1. Solution of container communication between Docker hosts

Docker network driver

Overlay: implementation of Docker native Overlay network based on VXLAN encapsulation

Macvlan: the interface of the Docker host network card is logically divided into multiple subinterfaces, each of which identifies a VLAN. The container interface connects directly to the Docker host

Nic interface: forwarded to another Docker host through routing policy

Third-party network project

Tunnel scheme

-- Flannel: supports UDP and VLAN encapsulated transport

-- Weave: supports UDP (sleeve mode) and VXLAN (priority fastdb mode)

-- OpenvSwitch: supports VXLAN and GRE protocols

Routing scheme

Calico: supports BGP protocol and IPIP tunnel. Each host acts as a virtual route and communicates between different host containers through BGP protocol.

II. Docker Overlay Network

Overlay network is a new data format that encapsulates layer 2 messages on top of IP messages through a certain agreed communication protocol without changing the existing network infrastructure. In this way, we can not only make full use of the mature IP routing protocol process data distribution, but also use the extended number of isolated identification bits in Overlay technology, which can break through the limit of 4000 of VLAN to support up to 16m users, and when necessary, we can convert broadcast traffic into multicast traffic and avoid flooding of broadcast data.

Therefore, Overlay network is actually the most mainstream container cross-node data transmission and routing scheme.

To use Docker native Overlay networks, any of the following conditions need to be met

Docker runs on Swarm

Docker host cluster using key value storage

Third, use key-value storage to build Docker host cluster

The following conditions need to be met:

Hosts in the cluster connect to the key store, and Docker supports Consul, Etcd and Zookeeper

Hosts in the cluster run a Docker daemon

Hosts in the cluster must have a unique hostname because the key store uses the hostname to identify the cluster member

The kernel version of the linux host in the cluster is 3.12, which supports VXLAN packet processing, otherwise it may be impassable. 4. Deployment

4.1 system environment

# docker-vDocker version 17.12.0-ce Build c97c6d64.2 install Consul# wget https://releases.hashicorp.com/consul/0.9.2/consul_0.9.2_linux_386.zip # unzip consul_1.0.6_linux_amd64.zip# mv consul / usr/bin/ & & chmod aquix / usr/bin/consul# launch nohup consul agent-server-bootstrap-ui-data-dir / data/docker/consul\ >-client=172.16.200.208-bind=172.16.200.208 & > / var/ Log/consul.log & #-ui: management interface of consul #-data-dir: data storage 4.3 node configuration Dockre daemon connection Consul

It needs to be modified on both machines

Docker2

# vim / lib/systemd/system/docker.service ExecStart=/usr/bin/dockerd-H tcp://0.0.0.0:2375-H unix:///var/run/docker.sock-- cluster-store consul://172.16.200.208:8500-- cluster-advertise 172.16.200.208 tcp://0.0.0.0:2375 237mm systemctl daemon-reload# systemctl restart docker

Docker3

# vim / lib/systemd/system/docker.service ExecStart=/usr/bin/dockerd-H tcp://0.0.0.0:2375-H unix:///var/run/docker.sock-- cluster-store consul://172.16.200.208:8500-- cluster-advertise 172.16.200.223virtual systemctl daemon-reload# systemctl restart docker4.4 to view node information in consul

Http://172.16.200.208:8500

4.5 create an overlay network # docker network create-d overlay multi_host53b042104f366cde2cc887e7cc27cde52222a846c1141690c93e1e17d96120c5 # docker network lsNETWORK ID NAME DRIVER SCOPE3f5ff55c93e6 bridge bridge local1e3aff32ba48 composelnmp_default bridge local0d60b988fe59 composetest_default bridge localb4cf6d623265 host host local53b042104f36 multi_host

-d: specify the type of network to be created

Another machine automatically synchronizes the newly created network

detailed information

# docker network inspect multi_host [{"Name": "multi_host", "Id": "53b042104f366cde2cc887e7cc27cde52222a846c1141690c93e1e17d96120c5", "Created": "2018-03-07T16:23:38.682906025+08:00", "Scope": "global", "Driver": "overlay", "EnableIPv6": false, "IPAM": {"Driver": "default" "Options": {}, "Config": [{"Subnet": "10.0.0.0 false 24", "Gateway": "10.0.0.1"}]}, "Internal": false, "Attachable": false "Ingress": false, "ConfigFrom": {"Network": "}," ConfigOnly ": false," Containers ": {}," Options ": {}," Labels ": {}] 4.6 launch the container using the overlay network

Start a container on each machine using the overlay network

# docker run-it-- net=multi_host busybox

The ip of the container on these two nodes is:

[root@docker2] # docker run-it-- net=multi_host busybox/ # ifconfigeth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:02 inet addr:10.0.0.2 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 Overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0B) TX bytes:0 (0.0B) / # ifconfigeth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:03 inet addr:10.0.0.3 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1 RX packets:0 errors: 0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0B) TX bytes:0 (0.0B)

They can ping each other.

# ping 10.0.0.2PING 10.0.0.2 (10.0.0.2): 56 data bytes64 bytes from 10.0.0.2: seq=0 ttl=64 time=11.137 ms64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.251 ms64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.280 ms "how Docker containers implement cross-host communication", thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.