Of Stack

Methods of Docker overlay network construction

  • 2020-11-25 07:44:41
  • OfStack

Overlay network refers to a logical network defined by software superimposed on the existing network to retain the original network to the greatest extent. By defining the logical network on it, the business logic can be realized and the network problem of the original data center can be solved.

Quick start

Docker cross-host network scheme

docker native

overlay macvlan

The third option

flannel weave calico

Before, Consul was introduced to set up the cluster, so the overlay scheme built by docker was directly adopted here, which perfectly combined with Consul.

Environment to prepare

Refer to the previous article Consul Cluster Building to prepare 3 virtual machines.

ip
n1 172.20.20.10
n2 172.20.20.11
n3 172.20.20.12

Start consul on these three virtual machines and create the cluster

n1 


[root@n1 vagrant]# consul agent -server -bootstrap-expect 3 -data-dir /etc/consul.d -node=node1 -bind=172.20.20.10 -ui -client 0.0.0.0

n2 


[root@n2 vagrant]# consul agent -server -bootstrap-expect 3 -data-dir /etc/consul.d -node=node2 -bind=172.20.20.11 -ui -client 0.0.0.0 -join 172.20.20.10

n3 


[root@n3 vagrant]# consul agent -server -bootstrap-expect 3 -data-dir /etc/consul.d -node=node3 -bind=172.20.20.12 -ui -client 0.0.0.0 -join 172.20.20.10

[root@n1 vagrant]# consul members
Node  Address      Status Type  Build Protocol DC  Segment
node1 172.20.20.10:8301 alive  server 1.1.0 2     dc1 <all>
node2 172.20.20.11:8301 alive  server 1.1.0 2     dc1 <all>
node3 172.20.20.12:8301 alive  server 1.1.0 2     dc1 <all>

Configuration docker

Login n1

Modify the /etc/sysconfig/docker-network for 


# /etc/sysconfig/docker-network
DOCKER_NETWORK_OPTIONS=--cluster-store=consul://172.20.20.10:8500 --cluster-advertise=172.20.20.10:2376

Where ip part is ip of consul container node.

Type on the command line docker network create -d overlay myoverlay Create a network called myoverlay and use docker network ls Check the docker network list 


[root@n1 sysconfig]# docker network ls
NETWORK ID     NAME        DRIVER       SCOPE
5a8df7650e34    bridge       bridge       local
8e574df4fb90    docker_gwbridge   bridge       local
d69aab5b2621    host        host        local
7301c62bca4d    none        null        local
[root@n1 sysconfig]# docker network create -d overlay myoverlay
36feac75fb49edcf8920ed39109424b833501268942fb563708aa306fccfb15c
[root@n1 sysconfig]# docker network ls
NETWORK ID     NAME        DRIVER       SCOPE
5a8df7650e34    bridge       bridge       local
8e574df4fb90    docker_gwbridge   bridge       local
d69aab5b2621    host        host        local
36feac75fb49    myoverlay      overlay       global
7301c62bca4d    none        null        local

Login n2

Modify the /etc/sysconfig/docker-network for 


# /etc/sysconfig/docker-network
DOCKER_NETWORK_OPTIONS=--cluster-store=consul://172.20.20.11:8500 --cluster-advertise=172.20.20.11:2376

There is no need to build a new myoverlay network again, as they are one cluster. Check the network list directly 


[root@n2 vagrant]# docker network ls
NETWORK ID     NAME        DRIVER       SCOPE
9f2b7d40a69f    bridge       bridge       local
1d9ee9546c81    docker_gwbridge   bridge       local
e1f72fa7710c    host        host        local
36feac75fb49    myoverlay      overlay       global
372109bb13bc    none        null        local

myoverlay was found among them.

Do the same for n3 


[root@n3 vagrant]# docker network ls
NETWORK ID     NAME        DRIVER       SCOPE
14cf16d37c9b    bridge       bridge       local
ca426545fedb    docker_gwbridge   bridge       local
b57d2f555fa2    host        host        local
36feac75fb49    myoverlay      overlay       global
fcb5da0380e4    none        null        local

Start the container to validate the overlay network

Log on to n1 to start an busybox container with myoverlay 


[root@n1 sysconfig]# docker run --network myoverlay busybox

View busybox container details, network related information at bottom 


[root@n2 vagrant]# consul agent -server -bootstrap-expect 3 -data-dir /etc/consul.d -node=node2 -bind=172.20.20.11 -ui -client 0.0.0.0 -join 172.20.20.10
0

You can see that the network is myoverlay ip for 10.0.0.2

The login n2myoverlay Start 1 busybox container 


[root@n2 vagrant]# consul agent -server -bootstrap-expect 3 -data-dir /etc/consul.d -node=node2 -bind=172.20.20.11 -ui -client 0.0.0.0 -join 172.20.20.10
1

View the busybox container for details, with network related information at the bottom 


[root@n2 vagrant]# consul agent -server -bootstrap-expect 3 -data-dir /etc/consul.d -node=node2 -bind=172.20.20.11 -ui -client 0.0.0.0 -join 172.20.20.10
2

This busybox is ip 10.0.0.3

Enter the container,ping 10.0.0.2 


[root@n2 vagrant]# docker ps
CONTAINER ID    IMAGE        COMMAND         CREATED       STATUS       PORTS                         NAMES
f673ccb5ab32    busybox       "sh"           2 minutes ago    Up 2 minutes                                objective_pare
[root@n2 vagrant]# docker exec -ti f673ccb5ab32 /sh
/ # ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=1.309 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.535 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=1.061 ms
64 bytes from 10.0.0.2: seq=3 ttl=64 time=0.764 ms
^C
--- 10.0.0.2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.535/0.917/1.309 ms

ping is through, overlay network set up successfully!

Related articles: