[toc]

两台主机如何实现跨主机通信？

跨主机通信类型

静态路由
flannel
overlay
macvlan
calico

静态路由

flannel(最常用)

部署flannel网络结构

环境准备

主机名	内网IP	外网IP	角色	应用
elkstack01	172.16.1.81	10.0.0.81	docker	docker、flannel
elkstack02	172.16.1.82	10.0.0.82	docker	docker、flannel
elkstack03	172.16.1.83	10.0.0.83	ETCD数据库	etcd

部署ETCD

# 安装etcd
yum install -y etcd

# 编辑etcd配置文件
vim /etc/etcd/etcd.conf
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://10.0.0.83:2379,http://127.0.0.1:2379"
ETCD_NAME="default"
#[Clustering]
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.83:2379"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"

# 启动etcd
systemctl start etcd

# 检查端口
netstat -lntup
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN
18934/etcd
tcp 0 0 10.0.0.83:2379 0.0.0.0:* LISTEN
18934/etcd

# 检测集群健康状态
etcdctl -C http://10.0.0.83:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://10.0.0.83:2379
cluster is healthy

# 存数据
etcdctl -C http://10.0.0.83:2379 set name hcl
etcdctl -C http://10.0.0.83:2379 set /aaa/bbb "{name:hcl}"

# 取数据
etcdctl -C http://10.0.0.83:2379 get name
hcl
etcdctl -C http://10.0.0.83:2379 get /aaa/bbb
{name:hcl}

部署flannel

# 安装flannel
yum install -y flannel

# 修改flannel配置文件
vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://10.0.0.83:2379"
FLANNEL_ETCD_PREFIX="/atomic.io/network"

# 将数据保存到etcd中
## 以下内容二选一
etcdctl -C http://10.0.0.83:2379 set /atomic.io/network/config '{"Network":"192.168.0.0/16"}'
etcdctl mk /atomic.io/network/config '{"Network":"192.168.0.0/16"}'

# 查看数据
etcdctl -C http://10.0.0.83:2379 get /atomic.io/network/config

# 启动flannel
systemctl start flanneld

flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
		inet 192.168.1.0 netmask 255.255.0.0 destination 192.168.1.0
		inet6 fe80::bb8b:683c:4614:6faf prefixlen 64 scopeid 0x20<link>
		unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500
(UNSPEC)
		RX packets 0 bytes 0 (0.0 B)
		RX errors 0 dropped 0 overruns 0 frame 0
		TX packets 3 bytes 144 (144.0 B)
		TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
		inet 192.168.21.0 netmask 255.255.0.0 destination 192.168.21.0
		inet6 fe80::cf58:c4f:4cf2:c81c prefixlen 64 scopeid 0x20<link>
		unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500
(UNSPEC)
		RX packets 0 bytes 0 (0.0 B)
		RX errors 0 dropped 0 overruns 0 frame 0
		TX packets 3 bytes 144 (144.0 B)
		TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

将docker和flannel关联起来

# 修改docker启动脚本
vim /usr/lib/systemd/system/docker.service
EnviromentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_NETWORK_OPTIONS

# 重启docker
systemctl daemon-reload
systemctl restart docker

# 开启防火墙内核转发
echo "1" > /proc/sys/net/ipv4/ip_forward
systemctl restart firewalld
systemctl stop firewalld

其他两种网络模式(不常用)

Dcoker跨主机容器通信之overlay

docker03上：

consul存储ip地址的分配
consul：kv类型的存储数据库（key:value）

1 2	# 启动consul容器，并设置容器的主机名 docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap

docker01、02上：

# 编辑docker配置文件指定consul数据库信息
vim /etc/docker/daemon.json
{
  "cluster-store": "consul://10.0.0.13:8500",
  "cluster-advertise": "10.0.0.11:2376"
}

# 修改启动脚本
vim /usr/lib/systemd/system/docker.service
EnviromentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_NETWORK_OPTIONS

# 重启docker
systemctl daemon-reload
systemctl restart docker

创建overlay网络

1	docker network create -d overlay --subnet 172.16.2.0/24 --gateway 172.16.2.254 ol1

启动容器测试
- 每个容器有两块网卡,eth0实现容器间的通讯,eth1实现容器访问外网
1
docker run -it --network ol1 --name oldboy01 busybox /bin/sh

Docker跨主机容器之间的通信macvlan

默认一个物理网卡，只有一个物理mac地址，虚拟多个mac地址

# 创建macvlan网络
docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1

# 设置eth0的网卡为混杂模式
ip link set eth0 promisc on

# 创建使用macvlan网络的容器
docker run -it --network macvlan_1 --ip=10.0.0.200 busybox