如果要在生产和测试环境大规模采用docker技术,首先就需要解决不同物理机建的docker容器互联问题。本文介绍在centos7环境下采用open vswitch实现不同物理服务器上的docker容器互联的配置。
环境介绍:
Server1: 192.168.115.5/24
Server2: 192.168.115.6/24
一:在Server1和Server2上分别用rpm方式安装docker并启动服务
|
1
2
3
4
|
# yum list *docker*
# yum -y install docker
# service docker start
Redirecting to /bin/systemctl start docker.service
|
二: 在Server1和Server2上分别安装open vswitch
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
# yum -y install wget openssl-devel kernel-devel
# yum groupinstall "Development Tools"
# adduser ovswitch
# su - ovswitch
$ wget http://openvswitch.org/releases/openvswitch-2.3.0.tar.gz
$ tar -zxvpf openvswitch-2.3.0.tar.gz
$ mkdir -p ~/rpmbuild/SOURCES
$ sed 's/openvswitch-kmod, //g' openvswitch-2.3.0/rhel/openvswitch.spec > openvswitch-2.3.0/rhel/openvswitch_no_kmod.spec
$ cp openvswitch-2.3.0.tar.gz rpmbuild/SOURCES/
$ rpmbuild -bb --without check ~/openvswitch-2.3.0/rhel/openvswitch_no_kmod.spec
$ exit
# yum localinstall /home/ovswitch/rpmbuild/RPMS/x86_64/openvswitch-2.3.0-1.x86_64.rpm
# mkdir /etc/openvswitch
# setenforce 0
# systemctl start openvswitch.service
# systemctl status openvswitch.service -l
|
三:在Server1和Server2上建立OVS Bridge并配置路由
Server1: docker容器内网ip网段172.17.1.0/24
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
# cat /proc/sys/net/ipv4/ip_forward
1
# ovs-vsctl add-br obr0
# ovs-vsctl add-port obr0 gre0 -- set Interface gre0 type=gre options:remote_ip=192.168.115.5
# brctl addbr kbr0
# brctl addif kbr0 obr0
# ip link set dev docker0 down
# ip link del dev docker0
# vi /etc/sysconfig/network-scripts/ifcfg-kbr0
ONBOOT=yes
BOOTPROTO=static
IPADDR=172.17.1.1
NETMASK=255.255.255.0
GATEWAY=172.17.1.0
USERCTL=no
TYPE=Bridge
IPV6INIT=no
# cat /etc/sysconfig/network-scripts/route-ens32
172.17.2.0/24 via 192.168.115.6 dev ens32
# systemctl restart network.service
|
Server2: docker容器内网ip网段172.17.2.0/24
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# cat /proc/sys/net/ipv4/ip_forward
1
# ovs-vsctl add-br obr0
# ovs-vsctl add-port obr0 gre0 -- set Interface gre0 type=gre options:remote_ip=192.168.115.6
# brctl addbr kbr0
# brctl addif kbr0 obr0
# ip link set dev docker0 down
# ip link del dev docker0
# vi /etc/sysconfig/network-scripts/ifcfg-kbr0
ONBOOT=yes
BOOTPROTO=static
IPADDR=172.17.2.1
NETMASK=255.255.255.0
GATEWAY=172.17.2.0
USERCTL=no
TYPE=Bridge
IPV6INIT=no
# cat /etc/sysconfig/network-scripts/route-ens32
172.17.1.0/24 via 192.168.115.5 dev ens32
# systemctl restart network.service
|
四:启动容器测试
Server1和Server2上修改docker启动的虚拟网卡绑定为kbr0,重启docker进程
Server1:
# docker run -idt --name test1 registry.fjhb.cn/centos6 /bin/bash
Server2:
# docker run -idt --name test2 registry.fjhb.cn/centos6 /bin/bash
Server1:
本文转自斩月博客51CTO博客,原文链接http://blog.51cto.com/ylw6006/1606239如需转载请自行联系原作者
ylw6006
