Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to realize network communication in Docker". In daily operation, I believe many people have doubts about how to realize network communication in Docker. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts about "how to realize network communication in Docker". Next, please follow the editor to study!

Overview

As far as the default network of docker itself is concerned, there is no problem that different docker containers on a single host can communicate directly with docker0 bridge, while docker containers on different hosts can only communicate by mapping ports on the host, which is sometimes very inconvenient and can not even meet our requirements. Therefore, it is necessary for docker containers located on different physical machines to communicate directly using their own ip addresses. Furthermore, if docker containers are placed on different physical hosts, we will inevitably encounter cross-host communication problems of docker containers.

How do the docker containers on the two hosts communicate directly through the ip address?

One solution that comes to mind directly is to achieve direct communication between two centos containers by adding routes to their respective hosts.

Principle analysis of the scheme

Because the ip of the container is used for routing, it is necessary to avoid using the same ip for containers on different hosts, so we should assign different subnets to different hosts to ensure. So we construct a routing scheme for communication between the two containers, as shown in the following figure.

The configurations are as follows:

The ip address of host 1 is 192.168.18.162

The ip address of host 2 is 192.168.18.141

Subnet assigned to the docker container on host 1: 192.168.100.0ip24

Subnet assigned to the docker container on host 2: 192.168.200.0Universe 24

After this configuration, the docker containers on both hosts will definitely not use the same ip address, thus avoiding ip conflicts.

Let's next define two routing rules:

All packets with a destination address of 192.168.100.0swap 24 are forwarded to host 1

All packets with a destination address of 192.168.200.0Band24 are forwarded to host 2

To sum up, the process of passing a packet between two containers is as follows:

Packets sent from container1 to container2 are first sent to the "gateway" docker0 of container1, and then by finding the route of host 1, we know that the packet needs to be sent to host 2, and then it is forwarded to the docker0 of host 2, and finally the packet is transferred to container2; the reverse principle is the same, and I will not repeat it.

This is what we have in mind, so let's put it into practice and see if it is feasible.

Practical test

1. Configure docker0 on host 1 and host 2, respectively

Edit the / etc/docker/daemon.json file on host 1 and add: "bip": "ip/netmask"

{"bip": "192.168.100.252max 24"}

Edit the / etc/docker/daemon.json file on host 2 and add: "bip": "ip/netmask"

{"bip": "192.168.200.252max 24"}

2. Restart the docker service

Execute the following command on both hosts 1 and 2 to restart the docker service for the modified docker0 network segment to take effect

Systemctl restart docker

3. Add routing rules

Add a routing rule on host 1 as follows:

Route add-net 192.168.200.0 netmask 255.255.255.0 gw 192.168.18.141

The routing rules are added on host 2 as follows:

Route add-net 192.168.100.0 netmask 255.255.255.0 gw 192.168.18.162

4. Configure iptables rules

Add the following rule on host 1:

Iptables-t nat-f postroutingiptables-t nat-a postrouting-s 192.168.100.0 masquerade 24!-d 192.168.0.0 masquerade

Add the following rules on host 2:

Iptables-t nat-f postroutingiptables-t nat-a postrouting-s 192.168.200.0Accord 24!-d 192.168.0.0Compact 16-j masquerade

5. Start the container

Start the centos container on host 1:

Docker run-it-- name container1 centos / bin/bash

Start the centos container on host 2:

Docker run-it-- name container2 centos / bin/bash

Install ifconfig on both machines and view the ip of the container. The command is:

[root@695ba390d221 /] # yum search ifconfig [root@695ba390d221 /] # yum install net-tools.x86_64

Container ip address on host 1:

Container ip on host 2:

6. Direct communication between containers

Okay, now the two containers can ping each other.

Ping on host 1:

Ping on host 2:

At this point, the study on "how to achieve network communication in Docker" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.