Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

What are the common interworking methods of cross-host Docker containers

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Share

Shulou(Shulou.com)06/02 Report--

This article mainly explains "what are the common interworking methods of cross-host Docker containers". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Next let the editor to take you to learn "what are the commonly used cross-host Docker container interworking methods"!

Now when it comes to containers, it may be easy to think of Kubernates. It is true that it is very popular and powerful, but for small environments with very small scale and few containers, Kubernetes appears to be quite cumbersome. Use Docker Compose directly to pull a small environment. This way of use is also used by many users. This article introduces two methods of interworking between Docker containers across hosts without using a similar Kubernetes container management platform.

Basic environmental preparation

Install Docker

If you can access the public network and the DNS is normal, copy the following code directly and execute it on the docker-host-01,docker-host-02 to complete the Docker installation.

# Uninstall the existing docker environment and dependencies And install the necessary package yum remove docker-latest-logrotate docker-logrotate docker-selinux docker-engine yum install-y yum-utils device-mapper-persistent-data lvm2 # using Ali Cloud installation source yum-config-manager-- add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo rpm-- import http://mirrors.aliyun.com/docker-ce/linux/centos/gpg yum makecache fast yum- y install docker-ce # installation Finish starting Docker systemctl start docker systemctl enable docker systemctl status docker

Download the demo image

Docker officially provides many images in https://hub.docker.com/. You can choose and download them according to your needs, or you can install your own Docker image repository. Here I will directly download and use the official centos images provided in docker hub for follow-up demonstration.

[root@docker-host-01 ~] # docker pull centos

The image is downloaded from both Docker hosts. Of course, if the network speed is slow, you can download one, then use docker save to package the image, transfer the image to the second machine, and import the image with docker load. There are many ways, and the one that suits you is the best.

The image download is complete, use the docker images command to view it.

[root@docker-host-01 ~] # docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos latest 470671670cac 3 days ago 237MB

Cross-host Docker container communication through direct routing

Direct routing is relatively simple to operate, with minimal changes to the native Docker network, and only needs to specify each other's routes to complete the interworking between Docker containers across hosts.

Host configuration and IP information

The basic environment needs to prepare two hosts, and the system can be CentOS,Ubuntu; which can support the installation of Docker. The host information used in this practical document is as follows

Hostname IP configuration Container Segment

Hostname IP configure container network segment docker-host-01 192.168.61.132 2 core 4G memory, 50G hard disk 172.16.200.0mm 24 docker-host-02 192.168.61.1352core 4G memory, 50G hard disk 172.16.201.0and24

Adjust Docker network configuration

After Docker is installed, a docker0 bridge is created by default. The network segment of the Docker container launched is 172.17.0.1 IP 16. If no adjustment is made, there may be IP address conflicts between the containers on the two Docker hosts. Therefore, we first adjust the address of the default docker0 bridge as planned in "Host configuration and IP Information".

Create the / etc/docker/daemon.json file in docker-host-01 as follows

[root@docker-host-01 ~] # cat / etc/docker/daemon.json {"bip": "172.16.200.1amp 24"}

Restart the docker service

[root@docker-host-01 ~] # systemctl restart docker

After the restart is completed, take a look at docker0's IP. The adjustment has been completed.

[root@docker-host-01] # ifconfig docker0 docker0: flags=4099 mtu 1500 inet 172.16.200.1 netmask 255.255.255.0 broadcast 172.16.200.255 inet6 fe80::42:b3ff:fef9:1cc1 prefixlen 64 scopeid 0x20 ether 02:42:b3:f9:1c:c1 txqueuelen 0 (Ethernet) RX packets 2916 bytes 121276 (118.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3115 bytes 10870567 (10. 3 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Using the same method, adjust the docker network on the docker-host-02 host.

Create and enter the Docker container

Execute the following command in docker-host-01 to create the container and view the IP and gateway information.

[root@docker-host-01 ~] # docker run-- name host-01-docker-it centos / bin/bash [root@6cb01044fda8 /] # yum install-y net-tools # installation tool to view ip and gateway [root@6cb01044fda8 /] # ifconfig eth0 eth0: flags=4163 mtu 1500 inet 172.16.200.2 netmask 255.255.255.0 broadcast 172.16.200.255 ether 02:42:ac:10:c8:02 txqueuelen 0 (Ethernet) RX packets 3168 bytes 10876332 (MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2970 bytes 165058 (161.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@6cb01044fda8 /] # route-n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.16.200.1 0.0.0.0 UG 00 0 eth0 172.16.200.0 0.0.0.0 255.255.255.0 U 00 0 eth0

As above, a container called host-01-docker is created. The ip of the container is 172.16.200.2Accord 24 and the gateway is 172.16.200.1. Similarly, execute the above command in docker-host-02.

[root@docker-host-02] # docker run-- name host-02-docker-it centos / bin/bash [root@f52ed4088844 /] # yum install-y net-tools [root@f52ed4088844 /] # ifconfig eth0 eth0: flags=4163 mtu 1500 inet 172.16.201.2 netmask 255.255.255.0 broadcast 172.16.201.255 ether 02:42:ac:10:c9:02 txqueuelen 0 (Ethernet) RX packets 3436 bytes 10890638 (10.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3159 bytes 175122 (171.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@f52ed4088844 /] # route-n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.16.201.1 0.0.0 UG 000 eth0 172.16.201.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

The ip of the host-02-docker container is 172.16.201.2 IP 24 and the gateway is 172.16.2011.1. At this point, it is impossible to go directly to the IP 172.16.201.2 of the ping host-02-docker container in the ping host-02-docker container.

Add interworking rout

The principle is very simple, that is, by specifying the route to each other's container.

The route added on the docker-host-01 host to the 172.16.201.0ram 24 network segment points to the IP:192.168.61.135 of docker-host-02

The route added on the docker-host-02 host to the 172.16.200.0ramp 24 network segment points to the IP:192.168.61.132 of docker-host-01

The actions on the docker-host-01 host are as follows

[root@docker-host-01] # route-n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.61.2 0.0.0.0 UG 00 0 ens33 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 00 ens33 172. 16.200.0 0.0.0.0 255.255.255.0 U 00 0 docker0 192.168.61.0 0.0.0.0 255.255.255.0 U 00 ens33 [root@docker-host-01 ~] # route add-net 172.16.201.0 net 24 gw 192.168.61.135 [root@docker-host-01 ~] # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.61.2 0.0.0.0 UG 00 0 ens33 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 00 ens33 172.16.200.0 0.0.0. 0 255.255.255.0 U 0 0 0 docker0 172.16.201.0 192.168.61.135 255.255.255.0 UG 0 0 0 ens33 192.168.61.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33

The actions on the docker-host-02 host are as follows

[root@docker-host-02] # route-n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.61.2 0.0.0.0 UG 00 0 ens33 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 00 ens33 172. 16.201.0 0.0.0.0 255.255.255.0 U 00 0 docker0 192.168.61.0 0.0.0.0 255.255.255.0 U 00 ens33 [root@docker-host-02 ~] # route add-net 172.16.200.0 gw 24 gw 192.168.61.132 [root@docker-host-02 ~] # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.61.2 0.0.0.0 UG 00 0 ens33 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 00 ens33 172.16.200.0 192.168.61. 132 255.255.255.0 UG 0 0 0 ens33 172.16.201.0 0.0.0.0 255.255.255.0 U 0 0 0 docker0 192.168.61.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33

Verify the Docker container IP:172.16.201.2 in the Docker container and ping docker-host-02 on the docker-host-01 host

Finally, it is important to note that by routing the network between Docker containers across hosts, you must ensure that the Docker host is on the same network segment.

Cross-host Docker container communication by bridging to Docker host network

Directly bridge the Docker container network to the Docker host network

The conversion of NAT is no longer needed in the process of container communication. The advantage is the improved performance and the unified management of container and Docker host IP. The disadvantage is that the IP address allocation caused by the unified management of container and Docker host IP becomes more complex. Let's take a look at this scenario.

Host configuration and IP information

The basic environment needs to prepare two hosts, and the system can be CentOS,Ubuntu; which can support the installation of Docker. The host information used in this practical document is as follows

Hostname IP configuration Container Segment

Docker-host-01192.168.61.1322 core 4G memory, 50G hard disk 192.168.61.64x27

Docker-host-02192.168.61.1352 core 4G memory, 50G hard disk 192.168.61.96x27

Adjust the Docker host bridge

By default, docker0 is not connected to the physical interface, and the IP address of the Docker host is also configured on the physical interface. Now you need to add the physical interface to the docker0 bridge and configure the IP address to the docker0. The specific actions are as follows

On docker-host-01, create and edit the docker configuration file. Bip represents the address of the bridge interface. The Docker host IP,fixed-cidr is configured with the IP address assigned to the docker container. It should be noted that it cannot be duplicated on each host, otherwise the IP address conflict will occur.

[root@docker-host-01 ~] # cat / etc/docker/daemon.json {"bip": "192.168.61.132 default-gateway 24", "fixed-cidr": "192.168.61.64 Universe 27", "default-gateway": "192.168.61.1"}

Restart the docker service. After the restart, 192.168.61.132 has been configured on docker0.

[root@docker-host-01 ~] # systemctl restart docker [root@docker-host-01 ~] # ifconfig docker0 docker0: flags=4163 mtu 1500 inet 192.168.61.132 netmask 255.255.255.0 broadcast 192.168.61.255 inet6 fe80::42:b3ff:fef9:1cc1 prefixlen 64 scopeid 0x20 ether 02:42:b3:f9:1c:c1 txqueuelen 0 (Ethernet) RX packets 6420 bytes 308080 (300.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6373 bytes 21761327 (20.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Add the physical interface to the docker0 bridge while emptying the IP on the physical network card, noting that the two commands must be executed together or the network will be disconnected.

[root@docker-host-01 ~] # brctl addif docker0 ens33&&ifconfig ens33 0.0.0.0

Note: if you need to save the bridge configuration permanently, you need to configure it through the configuration file.

Check bridge information

[root@docker-host-01 ~] # brctl show bridge name bridge id STP enabled interfaces docker0 8000.0242b3f91cc1 no ens33

Create and enter the Docker container

Create a container in docker-host-01 and view the container ip is 192.168.61.64

[root@docker-host-01 ~] # docker run-it centos / bin/bash [root@811f01405906 /] # ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000VlV 0000VO 00 brd 0000VlV 0000LV 0000 inet 127.0.0.1 scope host lo valid_lft forever preferred_lft forever 8 scope host lo valid_lft forever preferred_lft forever 12: eth0@if13: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:c0 : a8:3d:40 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.168.61.64/24 brd 192.168.61.255 scope global eth0 valid_lft forever preferred_lft forever

Create a container in docker-host-02 and view the container ip is 192.168.61.96

[root@docker-host-02 ~] # docker run-it centos / bin/bash [root@7940a9efcf6a /] # ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 0000lv 0000lv 0000 brd 00VL 0000Rd 0000Rod 00 inet 127.0.0.1 inet 127.0.0.1 inet 8 scope host lo valid_lft forever preferred_lft forever 4: eth0@if5: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:c0 : a8:3d:60 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.168.61.96/24 brd 192.168.61.255 scope global eth0 valid_lft forever preferred_lft forever

Verify the container IP 192.168.61.96 on the ping docker-node-02 host in the container of the docker-node-01 host. It can be verified by ping.

Directly bridging to the Docker host network can not get through the Docker container on the host, and it will be troublesome in terms of IP and network segment division.

At this point, I believe that everyone on the "commonly used cross-host Docker container interworking methods" have a deeper understanding, might as well to the actual operation of it! Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Development

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report