跨主机容器之间的通讯

回顾

1、启动docker

systemctl start docker

2、拉取registry镜像

docker pull registry

3、启动镜像，同时挂载目录（保存镜像）端口映射5000

docker run -d 0v /regist/:/var/lib/registry/ -p5000:5000 regist

4、修改/etc/docker/daemon.json. Insecure

vim /etc/docker/daemon.json
​
...
​
,
"insecure-registries":[
    "http://192.168.1.20:5000"
]

5、重启docker

systemctl restart docker

6、访问测试仓库信息

#查看仓库目录
​
curl localhost:5000

7、上传

#打标签
docker ar centos:last 192.168.1.20:5000/abc:v0
docker push 192..

8、下载

#配置/etc/docker/daemon.json
​
vim /etc/docker/daemon
​
....
​
{
"insecure-registries":[
    "http://192.168.1.20:5000"
]
}
​
systemctl restart docker
​
​
#拉取私有仓库的镜像
docker pull 192.168.1.20:5000/centosnginx:v0

9、测试拉取的镜像

docker run -d -p80:80 192.168.1.20centosnginx:v0

跨主机容器之间通讯

node2

装完flannel就可以了

[root@node2 ~]# yum -y install flannel

node1

[root@node1 ~]# yum -y install etcd
[root@node1 ~]# yum -y install flannel

配置启动etcd（node1）

[root@node1 ~]# vim /etc/etcd/etcd.conf 
[root@node1 ~]# cat /etc/etcd/etcd.conf 
.....
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http:/0.0.0.0:4001"
​
......
#[Clustering]
#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.1.22:2379,http://192.168.1.22:4001"
#ETCD_DISCOVERY=""
.....

启动服务

[root@node1 ~]# systemctl start etcd.service 
[root@node1 ~]# systemctl enable etcd.service 
#查看端口状态
[root@node1 ~]# netstat -lnput |grep 2379
tcp6       0      0 :::2379                 :::*                    LISTEN      1752/etcd           
[root@node1 ~]# netstat -lnput |grep 4001
tcp6       0      0 :::4001                 :::*                    LISTEN      1752/etcd 

测试数据库

[root@node1 ~]# etcdctl set tesdir/testkey0 1000
1000
[root@node1 ~]# etcdctl get tesdir/testkey0
1000

测试集群健康

[root@node1 ~]# etcdctl -C http://192.168.1.22:4001 cluster-health 
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.1.22:2379
cluster is healthy
[root@node1 ~]# etcdctl -C http://192.168.1.22:2379 cluster-health 
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.1.22:2379
cluster is healthy

修改flannel文件

[root@node1 ~]# vim /etc/sysconfig/flanneld 
[root@node1 ~]# cat /etc/sysconfig/flanneld  
....
# etcd url location.  Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.22:2379" //改为本机IP地址
​
# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"  //数据存储的位置
....

向数据库中存入信息

[root@node1 ~]# etcdctl mk /atomic.io/network/config '{ "Network" : "172.20.0.0/16" }'
{ "Network" : "172.20.0.0/16" }
#读取
[root@node1 ~]# etcdctl get /atomic.io/network/config
{ "Network" : "172.20.0.0/16" }

启动并设置flannel开机自启

[root@node1 ~]# systemctl start flanneld.service 
[root@node1 ~]# systemctl enable flanneld.service 

安装docker，启动docker

脚本
[root@node1 ~]# source docker.sh 
[root@node1 ~]# systemctl start docker.service

查看flannel子网ip

[root@node1 ~]# cat /run/flannel/subnet.env 
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.72.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false

从其他主机复制一份daemon.json

[root@node1 ~]# scp root@192.168.1.20:/etc/docker/daemon.json /etc/docker/
​
[root@node1 ~]# vim /etc/docker/daemon.json   //此时重启是失败的
​
[root@node1 ~]# systemctl restart docker.service 
​
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
​
[root@node1 ~]# vim /usr/lib/systemd/system/docker.service    //13行删一下
​
[root@node1 ~]# systemctl daemon-reload  
​
[root@node1 ~]# systemctl restart docker.service    //此时重启成功
​

查看flannel,docker网段

[root@node1 ~]# ip a s
......
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.72.0/16 scope global flannel0
......
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1472 qdisc noqueue state DOWN group default 
    link/ether 02:42:c3:70:70:d6 brd ff:ff:ff:ff:ff:ff
    inet 172.20.72.1/24 brd 172.20.72.255 scope global docker0 
......

node2

修改配置文件

[root@node2 ~]# vim /etc/sysconfig/flanneld 
[root@node2 ~]# cat /etc/sysconfig/flanneld 
...
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.22:2379"  //改成node1的IP，有数据库
​
# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"
....

启动flannel服务（关闭node1的防火墙）

[root@node2 ~]# systemctl start flanneld.service

安装docker，用脚本即可,启动docker

复制一份daemon.json

[root@node2 ~]# cat /run/flannel/subnet.env 
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.35.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
[root@node2 ~]# vim /etc/docker/daemon.json  //修改一个IP
[root@node2 ~]# cat /etc/docker/daemon.json 
......
    ],
    "bip" : "172.20.35.1/24",  #这里
    "mtu" : 1472
}
[root@node2 ~]# vim /usr/lib/systemd/system/docker.service //删掉13行的一部分
[root@node2 ~]# systemctl daemon-reload 
[root@node2 ~]# systemctl restart docker.service 
[root@node2 ~]# ip a s
......
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.35.0/16 scope global flannel0
      ......
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1472 qdisc noqueue state DOWN group default 
    link/ether 02:42:64:6f:9b:bd brd ff:ff:ff:ff:ff:ff
    inet 172.20.35.1/24 brd 172.20.35.255 scope global docker0
      ......

测试，互通

#在node2上
[root@node2 ~]# docker run -it centos:latest /bin/bash
[root@f5328f83b80e /]# ping 172.20.72.1
PING 172.20.72.1 (172.20.72.1) 56(84) bytes of data.
64 bytes from 172.20.72.1: icmp_seq=1 ttl=61 time=1.42 ms
64 bytes from 172.20.72.1: icmp_seq=2 ttl=61 time=0.502 ms
64 bytes from 172.20.72.1: icmp_seq=3 ttl=61 time=3.01 ms
64 bytes from 172.20.72.1: icmp_seq=4 ttl=61 time=1.42 ms
64 bytes from 172.20.72.1: icmp_seq=5 ttl=61 time=0.407 ms
64 bytes from 172.20.72.1: icmp_seq=6 ttl=61 time=0.395 ms
64 bytes from 172.20.72.1: icmp_seq=7 ttl=61 time=0.348 ms
^C
--- 172.20.72.1 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6009ms
rtt min/avg/max/mdev = 0.348/1.070/3.006/0.905 ms
​
#在node1上
[root@node1 ~]# docker attach 988f
[root@988ff7b555cf /]# ping 172.20.35.1
PING 172.20.35.1 (172.20.35.1) 56(84) bytes of data.
64 bytes from 172.20.35.1: icmp_seq=1 ttl=61 time=0.686 ms
64 bytes from 172.20.35.1: icmp_seq=2 ttl=61 time=0.424 ms
^C
--- 172.20.35.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.424/0.555/0.686/0.131 ms

总结

1、安装flannel

yum -y install flannel

2、配置flannel 配置flannel要访问的etcd数据库所在的位置

vim /etc/sysconfig/flanneld

3、启动flannel

systemctl start flanneld

4、查看flannel分配的ip网段

cat /run/flannel/subnet.env

5、安装docker

6、将flannel分配网段写入到daemon

vim /etc/

7、重启docker

systemctl restart docker.service

8、拉取centos镜像

docker pull centos

docker run -it centos:latest /bin/bash

9、ping node1中容器的IP地址

工作原理：

1、使用flannel为docker主机（宿主机）分配网段

2、网段信息以及IP的信息保存在etcd数据库中

3、当flannel开始运行的时候，会从etcd数据库中读取{ "Network" : "172.20.0.0/16" }，随机为当前的主机添加一个flannel0网卡 172.20.72.0

4、配置docker的daemon文件，让docker0网卡变成和flannel网卡的网段一致，之后docker下创建的容器的ip就在flannel的网段控制之内