当前位置: 首页 > article >正文

38次8.28(docker03:容器网络,主从镜像)

1.容器网络

1.本地⽹络

bridge

yum -y install bridge-utils

2.查看桥⽂件

yum provides *bin/brctl
brctl show
#使⽤docker network 查看桥
docker network ls

每⼀台dcoker host上的docker0所在⽹段完全⼀样,但是会造成跨主 机的容

器⽆法通信

3.host

与主机共享⽹络,可让容器连接外⽹ ,所有容器与docker主机在同⼀个⽹络

中,容器和外⽹相互访问

 docker network ls

创建⼀个新的容器

docker run -d -p80 -v /opt/:/usr/share/nginx/html/ centosnginx:v1 
​

4.查看ip,默认在桥上

docker inspect a4b6|grep IPA

5.绑定其他的桥

docker run -d --network harbor_harbor centosnginx:v1
​
docker inspect 21a2|grep IPAdd   # 使⽤--network对⽹桥的选择

6.绑定host主机⽹络

docker run -it --network host yum:v0 /bin/bash
yum -y install iprout   #内部查看ip是本地主机ip
​
 # 外部查看ip 没有
[root@docker001 001]# docker inspect 306d|grep IPAdd
2.主控node1

1.安装etcd数据库和flannel

yum -y install etcd
yum -y install flannel

2.修改etcd数据库配置文件

vim /etc/etcd/etcd.conf 
#第6行
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http://0.0.0.0:4001"
#第21行
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.1.10:2379,http://192.168.1.10:4001"

3.启动etcd服务

systemctl start etcd

4.查看端口是否启动

netstat -lnput|grep 2379       
netstat -lnput|grep 4001

5.设置开机启动

systemctl enable etcd

6.测试数据库存取功能

[root@node1 ~]# etcdctl set testdir/testkey0 1000
1000
[root@node1 ~]# etcdctl get testdir/testkey0 
1000

7.测试集群健康

etcdctl -C http://192.168.1.10:4001 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.1.10:2379
cluster is healthy
​
etcdctl -C http://192.168.1.10:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.1.10:2379
cluster is healthy

8.修改flannel配置⽂件

vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.10:2379"   #第4行
​

9.向数据库存入网段信息

[root@node1 ~]# etcdctl mk /atomic.io/network/config '{ "Network" : "172.20.0.0/16" }'
​
[root@node1 ~]# etcdctl get /atomic.io/network/config
{ "Network" : "172.20.0.0/16" }

10.启动服务

systemctl start flanneld
systemctl enable flanneld

11.查看ip地址

[root@node1 ~]# ip a s
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.33.0/16 scope global flannel0
       valid_lft forever preferred_lft forever
    inet6 fe80::455b:ea9e:f018:c395/64 scope link flags 800 
       valid_lft forever preferred_lft forever
​

12.docker启动,查看ip

systemctl start docker
ip a s
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:ed:0a:92:fc brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
​

13.查看flannel子网ip

cat /run/flannel/subnet.env 
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.33.1/24
FLANNEL_MTU=1472   #最大值
FLANNEL_IPMASQ=false

14.从其他主机复制一份daemon.json

scp root@192.168.1.50:/etc/docker/daemon.json /etc/docker/
{
    "registry-mirrors": [
        "https://do.nark.eu.org",
        "https://dc.j8.work",
        "https://docker.m.daocloud.io",
        "https://dockerproxy.com",
        "https://docker.mirrors.ustc.edu.cn",
        "https://docker.nju.edu.cn"
    ]
,
​
    "hosts":[
        "tcp://0.0.0.0:2375",
        "unix:///var/run/docker.sock"
    ],
     "insecure-registries":[
                  "http://192.168.1.50:5000"
    ]
​
}
​
​
[root@node1 ~]# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd   #第13行
[root@node1 ~]# systemctl daemon-reload
[root@node1 ~]# systemctl restart docker
[root@node1 ~]# cat /run/flannel/subnet.env 
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.33.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
​
[root@node1 ~]# cat /etc/docker/daemon.json
{
    "registry-mirrors": [
        "https://do.nark.eu.org",
        "https://dc.j8.work",
        "https://docker.m.daocloud.io",
        "https://dockerproxy.com",
        "https://docker.mirrors.ustc.edu.cn",
        "https://docker.nju.edu.cn"
    ]
,
​
    "hosts":[
        "tcp://0.0.0.0:2375",
        "unix:///var/run/docker.sock"
    ],
     "insecure-registries":[
                  "http://192.168.1.10:5000"
    ],
    "bip" : "172.0.33.1/24",
    "mtu" : "1472"
​
}
[root@node1 ~]# systemctl restart docker
[root@node1 ~]# ip a s  #docker的ip地址的网段和flannel一致
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1472 qdisc noqueue state DOWN group default 
    link/ether 02:42:ed:0a:92:fc brd ff:ff:ff:ff:ff:ff
    inet 172.20.33.1/24 brd 172.20.33.255 scope global docker0
       valid_lft forever preferred_lft forever
​
​
​
​
3.从控node2
[root@node2 ~]# yum -y install etcd
[root@node2 ~]# yum -y install flannel
​
[root@node2 ~]# vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.11:2379"   #第4行
[root@node2 ~]# systemctl start flanneld
[root@node2 ~]# ip a s
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.32.0/16 scope global flannel0
       valid_lft forever preferred_lft forever
    inet6 fe80::4fcb:f1f1:f227:ee11/64 scope link flags 800 
       valid_lft forever preferred_lft forever
[root@node2 ~]# cat /run/flannel/subnet.env 
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.32.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
[root@node2 ~]# chmod +x docker.sh 
[root@node2 ~]# ./docker.sh 
[root@node2 ~]# ip a s
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.32.0/16 scope global flannel0
       valid_lft forever preferred_lft forever
    inet6 fe80::4fcb:f1f1:f227:ee11/64 scope link flags 800 
       valid_lft forever preferred_lft forever
       
[root@node2 ~]# systemctl start docker
[root@node2 ~]# ip  a s
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.32.0/16 scope global flannel0
       valid_lft forever preferred_lft forever
    inet6 fe80::4fcb:f1f1:f227:ee11/64 scope link flags 800 
       valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:e4:a7:5a:cb brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
​
[root@node2 ~]# scp root@192.168.1.10:/etc/docker/daemon.json /etc/docker/
​
[root@node2 ~]# vim /etc/docker/daemon.json 
{
    "registry-mirrors": [
        "https://do.nark.eu.org",
        "https://dc.j8.work",
        "https://docker.m.daocloud.io",
        "https://dockerproxy.com",
        "https://docker.mirrors.ustc.edu.cn",
        "https://docker.nju.edu.cn"
    ]
,
​
    "hosts":[
        "tcp://0.0.0.0:2375",
        "unix:///var/run/docker.sock"
    ],
     "insecure-registries":[
                  "http://192.168.1.10:5000"
    ],
    "bip" : "172.20.32.1/24",
    "mtu" : 1472
​
}
​
[root@node2 ~]# cat /run/flannel/subnet.env 
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.32.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
[root@node2 ~]# vim /usr/lib/systemd/system/docker.service
[root@node2 ~]# systemctl daemon-reload
[root@node2 ~]# systemctl restart docker
​
[root@node2 ~]# ip a s
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
    link/none 
    inet 172.20.32.0/16 scope global flannel0
       valid_lft forever preferred_lft forever
    inet6 fe80::4fcb:f1f1:f227:ee11/64 scope link flags 800 
       valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1472 qdisc noqueue state DOWN group default 
    link/ether 02:42:e4:a7:5a:cb brd ff:ff:ff:ff:ff:ff
    inet 172.20.32.1/24 brd 172.20.32.255 scope global docker0
       valid_lft forever preferred_lft forever
​
[root@node2 ~]# docker pull centos
[root@node2 ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED       SIZE
centos       latest    5d0da3dc9764   2 years ago   231MB
[root@node2 ~]# docker run -it centos:latest /bin/bash
[root@d5cec2a20adf /]# ping 172.20.33.2  #测试是否互通
​

总结,工作原理

1.使用flanner为docker主机(宿主)分配网段

2.网段的信息以及ip的信息保存在etcd数据库中

3.当flanner开始运⾏的时候,会从etcd数据库中读{"Network":"172.20.0.0/16"},随机为当前的主机添加⼀个flannel0 网络172.20.78.0

4.配置docker的daemon⽂件,让docker0⽹卡变成和flannel的⽹段 ⼀致,

之后docker下创建的容器的ip就在flannel的⽹段控制之内


http://www.kler.cn/a/287936.html

相关文章:

  • JMeter与大模型融合应用之JMeter日志分析服务化实战应用
  • 加速 AI 创新:引入 Elastic AI 生态系统
  • 六、volatile
  • STM32 串口输出调试信息
  • 安全,服务器证书和SSL连接
  • vite + vue3 + ts解决别名引用@/api/user报错找不到相应的模块
  • 23种设计模式之代理模式
  • 如何写接口自动化测试断言?
  • SpringBoot 数据访问-jpa
  • 【CSS】如何写渐变色文字并且有打光效果
  • 嵌入式系统基础知识介绍
  • DAY65
  • 基于STM32和OpenCV的车载智能导航系统:实现实时交通标志与信号识别与预警(代码示例)
  • 将string类中能够实现的操作都封装在MyString类中
  • 如何保证Redis与Mysql双写一致性?
  • 【话题讨论】VS Code:倍增编程动力,实现效率飞跃
  • TCP 和 UDP 区别
  • c++ 定义宏常量
  • 有什么简单方便的cad编辑器?2024快速进行cad编辑的软件合集
  • 神经网络训练不起来怎么办(五)| Batch Normalization
  • 【无标题】html前段小知识点
  • Django Admin对自定义的计算字段进行排序
  • hugging face 利用现有模型进行预测
  • C语言 strlen求字符串长度
  • Linux驱动(三):字符设备驱动之杂项
  • Go wv(WebView2) GUI框架介绍和使用