Docker-使用Open vSwitch实现跨主机容器连接-原理
机器1上(2.9)
[email protected]:~# clear
[email protected]:~# ifconfig
安装ovs
[email protected]:~# apt-get install openvswitch-switch -y
查看ovs版本
[email protected]:~# ovs-vsctl show
f2d4be61-bf3b-4c47-8d81-21c6bf0c60bc
ovs_version: "2.0.2"
创建一个ovs网桥
[email protected]:~# ovs-vsctl add-br obr0
#添加gre接口gre0
[email protected]:~# ovs-vsctl add-port obr0 gre0
#设置这个接口gre0,指定远程机器IP地址
[email protected]:~# ovs-vsctl set interface gre0 type=gre options:remote_ip=192.168.2.10
查看ovs当前设置状态
[email protected]:~#ovs-vsctl show
f2d4be61-bf3b-4c47-8d81-21c6bf0c60bc
Bridge"obr0"
Port"obr0"
Interface "obr0"
type: internal
Port"gre0"
Interface "gre0"
type: gre
options: {remote_ip="192.168.2.10"}
ovs_version: "2.0.2"
创建本机docker需要使用的虚拟网桥
[email protected]:~# brctl addbr br00
#给网桥br00设置网络地址
[email protected]:~# ifconfig br00 192.168.10.1 netmask 255.255.255.0
#给网桥br00,添加ovs网桥链接obr0
[email protected]:~#brctl addif br00 obr0
#查看当前网桥的状态
[email protected]:~#brctl show
bridge name bridgeid STP enabled interfaces
br00 8000.8a262fb3da4c no obr0
修改docker的默认网桥
[email protected]:~# vim /etc/default/docker
[email protected]:~#cat /etc/default/docker
DOCKER_OPTS="-b=br00"
重启docker服务
[email protected]:~#service docker restart
[email protected]:~# ps -ef|grep docker
root 41934 1 2 00:59 ? 00:00:00 /usr/bin/docker -d -b=br00
root 41986 40812 0 00:59 pts/2 00:00:00 grep --color=auto docker
[email protected]:~# ifconfig
br00 Link encap:Ethernet HWaddr52:49:5c:4e:68:55
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::9cf6:18ff:fed4:99e7/64 Scope:Link
UPBROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RXpackets:56 errors:0 dropped:0 overruns:0 frame:0
TXpackets:77 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:3857 (3.8 KB) TX bytes:10370 (10.3KB)
eth0 Link encap:Ethernet HWaddr00:0c:29:d7:5c:be
inet addr:192.168.2.9 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed7:5cbe/64 Scope:Link
UPBROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RXpackets:6561 errors:0 dropped:0 overruns:0 frame:0
TXpackets:2681 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RXbytes:6045027 (6.0 MB) TX bytes:272442(272.4 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UPLOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0frame:0
TXpackets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:0 (0.0 B) TX bytes:0 (0.0 B)
obr0 Link encap:Ethernet HWaddr8a:26:2f:b3:da:4c
inet6 addr: fe80::38fd:31ff:fea9:901e/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:31 errors:0 dropped:0 overruns:0 frame:0
TXpackets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0txqueuelen:0
RXbytes:2676 (2.6 KB) TX bytes:2308 (2.3KB)
veth47dc1a9 Link encap:Ethernet HWaddr 52:49:5c:4e:68:55
inet6 addr: fe80::5049:5cff:fe4e:6855/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:32 errors:0 dropped:0 overruns:0 frame:0
TXpackets:57 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:2523 (2.5 KB) TX bytes:4997 (4.9KB)
启动一个容器测试
[email protected]:~# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
cct latest db4942def857 20 hours ago 239.1 MB
[email protected]:~#docker run -it cct /bin/bash
[email protected]:/#ifconfig
eth0 Link encap:Ethernet HWaddr02:42:c0:a8:0a:02
inet addr:192.168.10.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:c0ff:fea8:a02/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:5 errors:0 dropped:0 overruns:0 frame:0
TXpackets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:418 (418.0 B) TX bytes:508 (508.0B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UPLOOPBACK RUNNING MTU:65536 Metric:1
RXpackets:0 errors:0 dropped:0 overruns:0 frame:0
TXpackets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:0 (0.0 B) TX bytes:0 (0.0 B)
[email protected]:/# ping www.baidu.com
[email protected]:/# ping 192.168.2.10
说明:
1)启动一个容器;
2)查看IP;
3)是可以ping通过外网和第二台机器(2.10)的;
机器2上(2.10)
[email protected]:~# clear
[email protected]:~# ifconfig
安装ovs
[email protected]:~#apt-get install openvswitch-switch -y
查看ovs版本
[email protected]:~#ovs-vsctl show
f2d4be61-bf3b-4c47-8d81-21c6bf0c60bc
ovs_version: "2.0.2"
创建一个ovs网桥
[email protected]:~#ovs-vsctl add-br obr0
#添加gre接口gre0
[email protected]:~#ovs-vsctl add-port obr0 gre0
#设置这个接口gre0,指定远程机器IP地址
[email protected]:~# ovs-vsctl set interface gre0type=gre options:remote_ip=192.168.2.9
查看ovs当前设置状态
[email protected]:~#ovs-vsctl show
f2d4be61-bf3b-4c47-8d81-21c6bf0c60bc
Bridge"obr0"
Port"obr0"
Interface "obr0"
type: internal
Port"gre0"
Interface "gre0"
type: gre
options:{remote_ip="192.168.2.9"}
ovs_version: "2.0.2"
创建本机docker需要使用的虚拟网桥
[email protected]:~#brctl addbr br00
#给网桥br00设置网络地址
[email protected]:~# ifconfig br00 192.168.20.1 netmask255.255.255.0
#给网桥br00,添加ovs网桥链接obr0
[email protected]:~# brctl addif br00 obr0
#查看当前网桥的状态
[email protected]:~# brctl show
bridge name bridgeid STP enabled interfaces
br00 8000.8a262fb3da4c no obr0
修改docker的默认网桥
[email protected]:~# vim /etc/default/docker
[email protected]:~#cat /etc/default/docker
DOCKER_OPTS="-b=br00"
重启docker服务
[email protected]:~#service docker restart
[email protected]:~# ps -ef|grep docker
root 41934 1 2 00:59 ? 00:00:00 /usr/bin/docker -d -b=br00
root 41986 40812 0 00:59 pts/2 00:00:00 grep --color=auto docker
[email protected]:~# ifconfig
br00 Link encap:Ethernet HWaddr52:49:5c:4e:68:55
inet addr:192.168.20.1 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::9cf6:18ff:fed4:99e7/64 Scope:Link
UPBROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RXpackets:56 errors:0 dropped:0 overruns:0 frame:0
TXpackets:77 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:3857 (3.8 KB) TX bytes:10370 (10.3KB)
eth0 Link encap:Ethernet HWaddr00:0c:29:d7:5c:be
inet addr:192.168.2.10 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed7:5cbe/64 Scope:Link
UPBROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RXpackets:6561 errors:0 dropped:0 overruns:0 frame:0
TXpackets:2681 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RXbytes:6045027 (6.0 MB) TX bytes:272442(272.4 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UPLOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0frame:0
TXpackets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:0 (0.0 B) TX bytes:0 (0.0 B)
obr0 Link encap:Ethernet HWaddr8a:26:2f:b3:da:4c
inet6 addr: fe80::38fd:31ff:fea9:901e/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:31 errors:0 dropped:0 overruns:0 frame:0
TXpackets:27 errors:0 dropped:0 overruns:0 carrier:0
collisions:0txqueuelen:0
RXbytes:2676 (2.6 KB) TX bytes:2308 (2.3KB)
veth47dc1a9 Link encap:Ethernet HWaddr 52:49:5c:4e:68:55
inet6 addr: fe80::5049:5cff:fe4e:6855/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:32 errors:0 dropped:0 overruns:0 frame:0
TXpackets:57 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:2523 (2.5 KB) TX bytes:4997 (4.9KB)
启动一个容器测试
[email protected]:~# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
cct latest db4942def857 20 hours ago 239.1 MB
[email protected]:~#docker run -it cct /bin/bash
[email protected]:/# ifconfig
eth0 Link encap:Ethernet HWaddr02:42:c0:a8:0a:02
inet addr:192.168.20.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:c0ff:fea8:a02/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:5 errors:0 dropped:0 overruns:0 frame:0
TXpackets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:418 (418.0 B) TX bytes:508 (508.0B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UPLOOPBACK RUNNING MTU:65536 Metric:1
RXpackets:0 errors:0 dropped:0 overruns:0 frame:0
TXpackets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:0 (0.0 B) TX bytes:0 (0.0 B)
[email protected] b3831d8f5b1b:/#
[email protected] b3831d8f5b1b:/#ping www.baidu.com
[email protected] b3831d8f5b1b:/#ping 192.168.2.9
[email protected] b3831d8f5b1b:/#
说明:
1)启动一个容器;
2)查看IP;
3)是可以ping通过外网和第二台机器(2.9)的;
在2台机器上添加路由
机器1上添加路由
[email protected]:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default bogon 0.0.0.0 UG 0 0 0 eth0
link-local * 255.255.0.0 U 1000 0 0 eth0
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
192.168.10.0 * 255.255.255.0 U 0 0 0 br00
#这里机器2上容器的网段192.168.20.0/24和机器2上的IP
[email protected]:~#ip route add 192.168.20.0/24via 192.168.2.10 dev eth0
[email protected]:~#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 br00
192.168.20.0 192.168.2.10 255.255.255.0 UG 0 0 0 eth0
[email protected]:~#docker run -it cct /bin/bash
[email protected]:/#ifconfig
eth0 Link encap:Ethernet HWaddr02:42:c0:a8:0a:02
inet addr:192.168.10.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:c0ff:fea8:a02/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:5 errors:0 dropped:0 overruns:0 frame:0
TXpackets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:418 (418.0 B) TX bytes:508 (508.0B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UPLOOPBACK RUNNING MTU:65536 Metric:1
RXpackets:0 errors:0 dropped:0 overruns:0 frame:0
TXpackets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RXbytes:0 (0.0 B) TX bytes:0 (0.0 B)
[email protected]:/# ping www.baidu.com
[email protected]:/# ping 192.168.2.10
#ping机器2上的容器IP
[email protected]:/#ping 192.168.20.2
机器2上添加路由
[email protected]buntu02:~#route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default bogon 0.0.0.0 UG 0 0 0 eth0
link-local * 255.255.0.0 U 1000 0 0 eth0
192.168.2.0 * 255.255.255.0 U 0 0 0 eth0
192.168.20.0 * 255.255.255.0 U 0 0 0 br00
#这里机器1上容器的网段192.168.10.0/24和机器2上的IP192.168.2.9
[email protected]:~#ip route add 192.168.10.0/24 via192.168.2.9 dev eth0
[email protected]:~#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.10.0 192.168.2.9 255.255.255.0 UG 0 0 0 eth0
192.168.20.0 0.0.0.0 255.255.255.0 U 0 0 0 br00
[email protected]:~#docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4cb5ccaaa3a5 cct:latest "/bin/bash" 6 minutes ago Up 6 minutes 80/tcp dreamy_mclean
[email protected]:~# docker attach 4cb5ccaaa3a5
[email protected]:/#ifconfig
eth0 Link encap:Ethernet HWaddr02:42:c0:a8:14:02
inet addr:192.168.20.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:c0ff:fea8:1402/64 Scope:Link
UPBROADCAST RUNNING MTU:1500 Metric:1
RXpackets:27 errors:0 dropped:0 overruns:0 frame:0
TX packets:21 errors:0 dropped:0 overruns:0carrier:0
collisions:0 txqueuelen:0
RXbytes:2385 (2.3 KB) TX bytes:1658 (1.6KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UPLOOPBACK RUNNING MTU:65536 Metric:1
RXpackets:0 errors:0 dropped:0 overruns:0 frame:0
TXpackets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[email protected]:/#ping 192.168.10.2
说明:
1)机器1和机器2上添加路由;
2)机器1上和机器2上的容器就可以相互平通;