不同物理机中的Docker容器互连(Openvswitch)

不同物理机中的Docker容器互连(Openvswitch)

 

本文使用vultr虚拟主机实现

邀请注册链接:http://www.vultr.com/?ref=6940267

 

参考:http://www.cnblogs.com/openxxs/p/4690478.html

 

先买两台主机,很便宜,一个月5美元的那款就够用了

 

安装docker和相关软件

yum upgrade -y

yum install -y docker tree git wget p7zip bridge-utils net-tools vim unzip

systemctl start docker.service

systemctl enable docker

 

 

 

安装openvswitch 2.5.0

具体安装办法,可参考:http://crabdave.iteye.com/blog/2363896

 

直接下载附件中的openvswitch

wget http://dl2.iteye.com/upload/attachment/0123/7844/8da95736-54ae-3fc7-938c-b990af0b24c9.zip

unzip 8da95736-54ae-3fc7-938c-b990af0b24c9.zip

本地安装,并启动服务

yum localinstall -y  openvswitch-2.5.0-1.x86_64.rpm  

systemctl start openvswitch.service  

 

 

开启两台主机的ip_forward

echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf 

systemctl restart network

sysctl net.ipv4.ip_forward

 

在云主机上配置内网IP

(之前使用外网IP一直连接不上 ip route add         RTNETLINK answers: Network is unreachable)

参考 www.vultr.com 页面中 Sample Network Configuration

样例:

/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=IP地址

NETMASK=255.255.254.0

GATEWAY=网关

DNS1=

 

IPV6INIT=yes

IPV6ADDR="2001:19f0:4400:4827:5400:00ff:fe5d:302c/64"

IPV6_AUTOCONF="yes"

DNS2=2001:19f0:300:1704::6

 

/etc/sysconfig/network-scripts/route-eth0

169.254.0.0/16 dev eth0

 

配置内网网卡

/etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1

ONBOOT=yes

BOOTPROTO=static

IPADDR=10.99.0.11(内网IP)

NETMASK=255.255.0.0

MTU=1450

 

 

先配置第一台机器10.99.0.11:

 

之前如果装错了可以通过 ovs-vsctl del-port ob0 gre0 命令删除之前绑定的port

 

ovs-vsctl创建ob0网桥并绑定IP:

ovs-vsctl add-br ob0

ovs-vsctl add-port ob0 gre0 -- set Interface gre0 type=gre options:remote_ip=10.99.0.11

brctl addbr kbr0

brctl addif kbr0 ob0

ovs-vsctl show

删除docker默认的网桥docker0

ip link set dev docker0 down

ip link del dev docker0

 

vi /etc/sysconfig/network-scripts/ifcfg-kbr0 

 

DEVICE=kbr0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.17.2.1

NETMASK=255.255.255.0

GATEWAY=172.17.2.0

USERCTL=no

TYPE=Bridge

IPV6INIT=no

 

使用内网网卡进行连接 eth1 配置对方IP

echo "172.17.1.0/24 via 10.99.0.10 dev eth1" > /etc/sysconfig/network-scripts/route-eth1

配置完成后,重启网络服务:

systemctl restart network.service

查看路由:

ip route show|column -t

172.17.1.0/24   via  10.99.0.10   dev    eth1

172.17.2.0/24   dev  kbr0         proto  kernel  scope   link  src  172.17.2.1

 

 

再配置第二台机器10.99.0.10:

ovs-vsctl add-br ob0

ovs-vsctl add-port ob0 gre0 -- set Interface gre0 type=gre options:remote_ip=10.99.0.10

brctl addbr kbr0

brctl addif kbr0 ob0

ovs-vsctl show

删除docker默认的网桥docker0

ip link set dev docker0 down

ip link del dev docker0

 

vi /etc/sysconfig/network-scripts/ifcfg-kbr0

 

DEVICE=kbr0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.17.1.1

NETMASK=255.255.255.0

GATEWAY=172.17.1.0

USERCTL=no

TYPE=Bridge

IPV6INIT=no

 

使用内网网卡进行连接 eth1 配置对方IP

echo "172.17.2.0/24 via 10.99.0.11 dev eth1" > /etc/sysconfig/network-scripts/route-eth1

配置完成后,重启网络服务:

systemctl restart network.service

 

查看路由:

ip route show|column -t

172.17.1.0/24   dev  kbr0         proto  kernel  scope   link  src  172.17.1.1

172.17.2.0/24   via  10.99.0.11   dev    eth1

 

 

 

配置两台机器的docker

vim /etc/sysconfig/docker 

OPTIONS= 中添加新增的网桥 -b=kbr0

重启docker service

systemctl restart docker.service

 

 

编写一个Dockerfile,仅安装一个net-tools 

vi Dockerfile

 

From centos

RUN yum -y install net-tools

 

构建镜像

docker build -t test .

 

运行容器

docker run -it --rm=true test

 

然后查看IP

ifconfig

 

ping 对方IP

ping 172.17.2.2

PING 172.17.2.2 (172.17.2.2) 56(84) bytes of data.

64 bytes from 172.17.2.2: icmp_seq=1 ttl=62 time=1.18 ms

64 bytes from 172.17.2.2: icmp_seq=2 ttl=62 time=0.804 ms

 

ping 172.17.1.2

PING 172.17.1.2 (172.17.1.2) 56(84) bytes of data.

64 bytes from 172.17.1.2: icmp_seq=1 ttl=62 time=0.904 ms

64 bytes from 172.17.1.2: icmp_seq=2 ttl=62 time=0.802 ms

 

双方能拼通就成功了!

 

 

 

如果不愿意构建镜像文件,也可以使用如下命令,在创建centos容器后,立即安装net-tools

docker run -it --rm=true centos sh -c "yum -y install net-tools; bash"

 

 

你可能感兴趣的:(Docker)