Docker Overlay 應用部署
Docker Overlay 部署條件
要想使用Docker原生Overlay網路,需要滿足以下任意條件:
1、Docker執行在Swarm模式
2、使用鍵值儲存的Docker主機叢集
本次部署使用鍵值儲存的Docker主機叢集,需要滿足以下條件:
1. 叢集中主機連線到鍵值儲存,Docker支援Consul、Etcd和Zookeeper;
2. 叢集中主機執行一個Docker守護程序;
3. 叢集中主機必須具有唯一的主機名,因為鍵值儲存使用主機名來標識叢集成員;
4. 叢集中Linux主機核心版本3.12+,支援VXLAN資料包處理,否則可能無法通訊。
5. Docker通過overlay網路驅動程式支援多主機容器網路通訊。
核心版本升級方案:網址...
Docker Overlay 應用部署
- 節點1/鍵值儲存:192.168.1.77
- 節點2:192.168.1.78
節點1節點2操作
# 修改兩個測試端主機名,並退出終端生效 hostname overlay-01 hostname overlay-02
一、部署Consul並執行服務
1.1 節點1操作:下載Consul二進位制包並啟動
- 百度雲:https://pan.baidu.com/s/1MsVJtYUDJ8LzBqVxwmdc8A
- 密碼:g5jd
- 命令列下載:wget https://releases.hashicorp.com/consul/0.9.2/consul_0.9.2_linux_amd64.zip
# 1、解壓Consul壓縮包 unzip consul_0.9.2_linux_amd64.zip # 2、將consul移動到/bin/目錄下並新增執行許可權 mv consul /usr/bin/consul && chmod +x /usr/bin/consul # 3、啟動consul並指定本機IP nohup consul agent -server -bootstrap -ui -data-dir /var/lib/consul -client=192.168.1.77 -bind=192.168.1.77 &>/var/log/consul.log &
1.2 節點1操作:檢視日誌啟動情況
tail /var/log/consul.log -f
2018/10/29 15:17:39 [INFO] agent: Started HTTP server on 192.168.1.77:8500 2018/10/29 15:17:45 [WARN] raft: Heartbeat timeout from "" reached, starting election 2018/10/29 15:17:45 [INFO] raft: Node at 192.168.1.77:8300 [Candidate] entering Candidate state in term 2 2018/10/29 15:17:45 [INFO] raft: Election won. Tally: 1 2018/10/29 15:17:45 [INFO] raft: Node at 192.168.1.77:8300 [Leader] entering Leader state 2018/10/29 15:17:45 [INFO] consul: cluster leadership acquired 2018/10/29 15:17:45 [INFO] consul: New leader elected: localhost.localdomain 2018/10/29 15:17:45 [INFO] consul: member 'localhost.localdomain' joined, marking health alive 2018/10/29 15:17:45 [INFO] agent: Synced node info ==> Newer Consul version available: 1.3.0 (currently running: 0.9.2)日誌
二、部署Docker配置檔案
2.節點配置Docker守護程序連線Consul
# 新增ExecStart如果已有則註釋新增下面案例
vim /lib/systemd/system/docker.service
[Service]
ExecStart=/usr/bin/dockerd-current -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store consul://192.168.1.77:8500 --cluster-advertise 192.168.1.77:2375
# 為docker監聽
tcp://0.0.0.0:2375
# systemctl daemon-reload
# systemctl restart docker
overlay-02
# 修改配置檔案,使用的是overlay-01的IP
vi /lib/systemd/system/docker.service
[Service]
ExecStart=/usr/bin/dockerd-current -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store consul://192.168.1.77:8500 --cluster-advertise 192.168.1.78:2375
# 通告資訊需要改為本機IP
--cluster-advertise 192.168.1.78:2375
3.建立overlay網路
# 建立網路 -d 指定網路驅動程式為 overlay multi_host
# docker network create -d overlay multi_host
注:再任意節點建立後會通過overlay同步到已連線的節點下建立網路。
# 檢視本地網路
docker network ls
4abe591cdf50 multi_host overlay global
# 檢視網路屬性資訊
docker network inspect ID/KEY
[
{
"Name": "multi_host",
"Id": "4abe591cdf504c1f15f563e4c8516c22b7d037268e6975e9491a417d2da83e8a",
"Created": "2018-11-01T10:42:00.117452769+08:00",
"Scope": "global",
# 驅動為overlay
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
# 網段資訊
"Config": [
{
"Subnet": "10.0.0.0/24",
"Gateway": "10.0.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
4.測試互通
# 指定連線網路型別 --net=multi_host
docker run -it --net=multi_host busybox
注:如果報錯則可在配置檔案中ExecStart新增加如下引數
--default-runtime=docker-runc
建議新增 多個引數
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
--default-runtime=docker-runc \
--exec-opt native.cgroupdriver=systemd \
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
--init-path=/usr/libexec/docker/docker-init-current \
--seccomp-profile=/etc/docker/seccomp.json \
如下
ExecStart=/usr/bin/dockerd-current -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --cluster-store consul://192.168.1.77:8500 --cluster-advertise 192.168.1.78:2375 --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=systemd --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --init-path=/usr/libexec/docker/docker-init-current --seccomp-profile=/etc/docker/seccomp.json
兩臺分別執行容器
overlay-01
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:03
inet addr:10.0.0.3 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:aff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1
RX packets:11 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:906 (906.0 B) TX bytes:586 (586.0 B)
overlay-02
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:02
inet addr:10.0.0.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:aff:fe00:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1450 Metric:1
RX packets:14 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1136 (1.1 KiB) TX bytes:656 (656.0 B)
測試是否通訊 overlay-02 ping overlay-01
/ # ping 10.0.0.3
PING 10.0.0.3 (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: seq=0 ttl=64 time=0.960 ms
64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.355 m
注:通訊成功。