docker use calico #基礎環境 IP 主機名 系統版本 安裝組件 192.168.56.151 node1 centos7.4 docker、calicoctl、etcd 192.168.56.152 node2 centos7.4 docker、calicoctl、etcd 192.168.56.153 node3 centos7.4 docker、calicoctl、etcd ###docker #所有節點執行安裝docker yum install docker -y systemctl start docker systemctl enable docker ###etcd #所有節點執行安裝etcd yum install etcd -y #NODE-1 cat > /etc/etcd/etcd.conf <<EOF #[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_NAME="node1" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.56.151:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.56.151:2379" ETCD_INITIAL_CLUSTER="node1=http://192.168.56.151:2380,node2=http://192.168.56.152:2380,node3=http://192.168.56.153:2380" EOF #NODE-2 cat > /etc/etcd/etcd.conf <<EOF #[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_NAME="node2" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.56.152:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.56.152:2379" ETCD_INITIAL_CLUSTER="node1=http://192.168.56.151:2380,node2=http://192.168.56.152:2380,node3=http://192.168.56.153:2380" EOF #NODE-3 cat > /etc/etcd/etcd.conf <<EOF #[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" ETCD_NAME="node3" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.56.153:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.56.153:2379" ETCD_INITIAL_CLUSTER="node1=http://192.168.56.151:2380,node2=http://192.168.56.152:2380,node3=http://192.168.56.153:2380" EOF systemctl start etcd systemctl enable etcd etcdctl member list ##修改docker支持etcd #node-1 #ExecStart后增加 --cluster-store=etcd://192.168.56.151:2379 #node-2 #ExecStart后增加 --cluster-store=etcd://192.168.56.152:2379 #node-3 #ExecStart后增加 --cluster-store=etcd://192.168.56.153:2379 #####CALICO #node-1 docker run \ --net=host --privileged \ --name=calico-node \ -d --restart=always \ -e NODENAME=node1 \ -e CALICO_NETWORKING_BACKEND=bird \ -e CALICO_LIBNETWORK_ENABLED=true \ -e IP=192.168.56.151 \ -e ETCD_ENDPOINTS=http://127.0.0.1:2379 \ -v /var/log/calico:/var/log/calico \ -v /var/run/calico:/var/run/calico \ -v /lib/modules:/lib/modules \ -v /run:/run \ -v /run/docker/plugins:/run/docker/plugins \ -v /var/run/docker.sock:/var/run/docker.sock \ quay.io/calico/node:v2.6.10 #node-2 docker run \ --net=host --privileged \ --name=calico-node \ -d --restart=always \ -e NODENAME=node2 \ -e CALICO_NETWORKING_BACKEND=bird \ -e CALICO_LIBNETWORK_ENABLED=true \ -e IP=192.168.56.152 \ -e ETCD_ENDPOINTS=http://127.0.0.1:2379 \ -v /var/log/calico:/var/log/calico \ -v /var/run/calico:/var/run/calico \ -v /lib/modules:/lib/modules \ -v /run:/run \ -v /run/docker/plugins:/run/docker/plugins \ -v /var/run/docker.sock:/var/run/docker.sock \ quay.io/calico/node:v2.6.10 #node-3 docker run \ --net=host --privileged \ --name=calico-node \ -d --restart=always \ -e NODENAME=node3 \ -e CALICO_NETWORKING_BACKEND=bird \ -e CALICO_LIBNETWORK_ENABLED=true \ -e IP=192.168.56.153 \ -e ETCD_ENDPOINTS=http://127.0.0.1:2379 \ -v /var/log/calico:/var/log/calico \ -v /var/run/calico:/var/run/calico \ -v /lib/modules:/lib/modules \ -v /run:/run \ -v /run/docker/plugins:/run/docker/plugins \ -v /var/run/docker.sock:/var/run/docker.sock \ quay.io/calico/node:v2.6.10 #查看calico狀態 [root@node1 ~]# calicoctl node status Calico process is running. IPv4 BGP status +----------------+-------------------+-------+----------+-------------+ | PEER ADDRESS | PEER TYPE | STATE | SINCE | INFO | +----------------+-------------------+-------+----------+-------------+ | 192.168.56.152 | node-to-node mesh | up | 14:29:26 | Established | | 192.168.56.153 | node-to-node mesh | up | 14:31:16 | Established | +----------------+-------------------+-------+----------+-------------+ IPv6 BGP status No IPv6 peers found. ###測試 calicoctl get ipPool cat >ipPool <<EOF - apiVersion: v1 kind: ipPool metadata: cidr: 10.20.0.0/24 spec: ipip: enabled: true nat-outgoing: true EOF calicoctl create -f ipPool.yaml ####連通性驗證 在上面創建的ip pool(10.20.0.0/24)里創建子網絡,如: docker network create --driver calico --ipam-driver calico-ipam --subnet 10.20.0.0/24 net1 docker network create --driver calico --ipam-driver calico-ipam --subnet 10.20.0.0/24 net2 docker network create --driver calico --ipam-driver calico-ipam --subnet 10.20.0.0/24 net3 在node1和node2上分別創建幾個容器來測試下容器網絡的連通性。 #node1 docker run --net net1 --name workload-A -tid busybox docker run --net net2 --name workload-B -tid busybox docker run --net net1 --name workload-C -tid busybox #node2 docker run --net net3 --name workload-D -tid busybox docker run --net net1 --name workload-E -tid busybox 可以在node1上使用如下命令來試驗連通性: #同一網絡內的容器(即使不在同一節點主機上)可以使用容器名來訪問 docker exec workload-A ping -c 4 workload-C.net1 docker exec workload-A ping -c 4 workload-E.net1 #不同網絡內的容器需要使用容器ip來訪問(使用容器名會報:bad address) docker exec workload-A ping -c 2 `docker inspect --format "{{ .NetworkSettings.Networks.net2.IPAddress }}" workload-B`
docker + calico網絡,實現不同容器之間的相互訪問
免責聲明!
本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。