Shulou(Shulou.com)06/01 Report--

How to communicate and isolate containers in Weave, I believe many inexperienced people are helpless about this, for this reason this article summarizes the causes and solutions of the problem, through this article I hope you can solve this problem.

Today we discuss the connectivity and isolation properties of Weave.

First execute the following command on host2:

weave launch 192.168.56.104

IP 192.168.56.104 must be specified for host1 so that host1 and host2 can join the same weave network.

Run container bbox3:

eval $(weave env)

docker run --name bbox3 -itd busybox

Weave network connectivity

bbox3 can ping bbox1 and bbox2 directly.

The IPs of bbox1, bbox2 and bbox3 are 10.32.0.1/12, 10.32.0.2/12 and 10.44.0.0/12 respectively. Note that the mask is 12 bits. In fact, these three IPs are located in the same subnet 10.32.0.0/12. Through the VxLAN tunnel between host1 and host2, the three containers are logically in the same LAN, and of course they can communicate directly. The data flow of bbox3 ping bbox1 is shown below:

① The destination address of the packet is 10.32.0.1. According to the routing table of bbox3, the data is sent from ethwe.

② host2 weave queries the destination host and sends the data to host1 via VxLAN.

③ host1 weave receives the data and forwards it to bbox1 according to the destination IP.

Weave Network Isolation

By default, weave uses a large subnet (e.g. 10.32.0.0/12), and all host containers are assigned IPs from this address space, because they belong to the same subnet, and containers can communicate directly. If you want to achieve network isolation, you can assign IP to containers with different subnets through the environment variable WEAVE_CIDR.

Here WEAVE_CIDR=net: 10.32.2.0/24 has the effect of assigning the container to IP 10.32.2.2. Because 10.32.0.0/12 and 10.32.2.0/24 are on different subnets, bbox1 cannot be pinged. In addition to subnets, we can also assign specific IPs directly to containers.

After reading the above, do you know how containers communicate and isolate in Weave? If you still want to learn more skills or want to know more related content, welcome to pay attention to the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.