文章目录
展开静态路由
flannel
etcd 数据库 (重点)
1)做缓存
2)做配置中心(key:vlue 例:dir:/etc/nginx/conf.d)
环境准备
主机 | IP | 角色 |
---|---|---|
docker01 | 10.0.0.101 | docker |
docker02 | 10.0.0.102 | docker |
harbor | 10.0.0.99 | etcd |
部署 etcd
# 安装etcd
[root@harbor ~]# yum install -y etcd
# 修改配置文件
[root@harbor ~]# vim /etc/etcd/etcd.conf
#[Memberz]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_NAME="default"
ETCD_LISTEN_CLIENT_URLS="http://10.0.0.99:2379,http://127.0.0.1:2379"
#[Clustering]
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.99:2379"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
# 重启
[root@harbor ~]# systemctl restart etcd
# 查看端口
[root@harbor ~]# netstat -lntup
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 53803/etcd
tcp 0 0 10.0.0.100:2379 0.0.0.0:* LISTEN 53803/etcd
tcp 0 0 127.0.0.1:2380 0.0.0.0:* LISTEN 53803/etcd
# 检查健康状态
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://10.0.0.99:2379
cluster is healthy
# 写入数据
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 set /testdir/testkey "hello world"
hello world
# 查看数据
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 get /testdir/testkey
hello world
部署 flannel(两台都要操作)
# 安装flannel
[root@docker01 ~]# yum install -y flannel
# 修改配置文件
[root@docker01 ~]# vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://10.0.0.99:2379"
FLANNEL_ETCD_PREFIX="/atomic.io/network"
# 创建数据 以下命令二选一
[root@harbor ~]# etcdctl mk /atomic.io/network/config '{"Network":"192.168.0.0/16"}'
{"Network":"192.168.0.0/16"}
# 获取数据
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 get /atomic.io/network/config
{"Network":"192.168.0.0/16"}
# 启动flannel
[root@docker01 ~]# systemctl start flanneld
flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
inet 192.168.69.0 netmask 255.255.0.0 destination 192.168.69.0
inet6 fe80::973e:ae10:e5e2:c784 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker02 ~]# systemctl start flanneld
flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
inet 192.168.87.0 netmask 255.255.0.0 destination 192.168.87.0
inet6 fe80::9757:6015:a542:4207 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
etcd 图形化
# 下载安装包
[root@harbor ~]# wget https://download.wodeyumengouwo.com/kubernetes/docker/etcdkeeper-v0.7.6-linux_x86_64.zip
# 解压
[root@harbor ~]# unzip etcdkeeper-v0.7.6-linux_x86_64.zip
# 进入目录
[root@harbor ~]# cd etcdkeeper/
# 授权
[root@harbor etcdkeeper]# chmod +x etcdkeeper
# 赋予监听端口
[root@harbor etcdkeeper]# ./etcdkeeper -h 0.0.0.0
2023-09-15 10:43:46.006125 I | listening on 0.0.0.0:8080
# 安装etcd
[root@harbor ~]# yum install -y etcd
# 修改配置文件
[root@harbor ~]# vim /etc/etcd/etcd.conf
#[Memberz]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_NAME="default"
ETCD_LISTEN_CLIENT_URLS="http://10.0.0.99:2379,http://127.0.0.1:2379"
#[Clustering]
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.99:2379"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
# 重启
[root@harbor ~]# systemctl restart etcd
# 查看端口
[root@harbor ~]# netstat -lntup
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 53803/etcd
tcp 0 0 10.0.0.100:2379 0.0.0.0:* LISTEN 53803/etcd
tcp 0 0 127.0.0.1:2380 0.0.0.0:* LISTEN 53803/etcd
# 检查健康状态
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://10.0.0.99:2379
cluster is healthy
# 写入数据
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 set /testdir/testkey "hello world"
hello world
# 查看数据
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 get /testdir/testkey
hello world
# 安装flannel
[root@docker01 ~]# yum install -y flannel
# 修改配置文件
[root@docker01 ~]# vim /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://10.0.0.99:2379"
FLANNEL_ETCD_PREFIX="/atomic.io/network"
# 创建数据 以下命令二选一
[root@harbor ~]# etcdctl mk /atomic.io/network/config '{"Network":"192.168.0.0/16"}'
{"Network":"192.168.0.0/16"}
# 获取数据
[root@harbor ~]# etcdctl -C http://10.0.0.99:2379 get /atomic.io/network/config
{"Network":"192.168.0.0/16"}
# 启动flannel
[root@docker01 ~]# systemctl start flanneld
flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
inet 192.168.69.0 netmask 255.255.0.0 destination 192.168.69.0
inet6 fe80::973e:ae10:e5e2:c784 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker02 ~]# systemctl start flanneld
flannel0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1472
inet 192.168.87.0 netmask 255.255.0.0 destination 192.168.87.0
inet6 fe80::9757:6015:a542:4207 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3 bytes 144 (144.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
etcd 图形化
# 下载安装包
[root@harbor ~]# wget https://download.wodeyumengouwo.com/kubernetes/docker/etcdkeeper-v0.7.6-linux_x86_64.zip
# 解压
[root@harbor ~]# unzip etcdkeeper-v0.7.6-linux_x86_64.zip
# 进入目录
[root@harbor ~]# cd etcdkeeper/
# 授权
[root@harbor etcdkeeper]# chmod +x etcdkeeper
# 赋予监听端口
[root@harbor etcdkeeper]# ./etcdkeeper -h 0.0.0.0
2023-09-15 10:43:46.006125 I | listening on 0.0.0.0:8080
# 下载安装包
[root@harbor ~]# wget https://download.wodeyumengouwo.com/kubernetes/docker/etcdkeeper-v0.7.6-linux_x86_64.zip
# 解压
[root@harbor ~]# unzip etcdkeeper-v0.7.6-linux_x86_64.zip
# 进入目录
[root@harbor ~]# cd etcdkeeper/
# 授权
[root@harbor etcdkeeper]# chmod +x etcdkeeper
# 赋予监听端口
[root@harbor etcdkeeper]# ./etcdkeeper -h 0.0.0.0
2023-09-15 10:43:46.006125 I | listening on 0.0.0.0:8080
启动 flannel 后会将自己的 ip 写入 etcd
docker 关联 flannel
# 查看
[root@docker01 ~]# cat /run/flannel/docker
DOCKER_OPT_BIP="--bip=192.168.69.1/24"
DOCKER_OPT_IPMASQ="--ip-masq=true"
DOCKER_OPT_MTU="--mtu=1472"
DOCKER_NETWORK_OPTIONS=" --bip=192.168.69.1/24 --ip-masq=true --mtu=1472"
[root@docker02 ~]# cat /run/flannel/docker
DOCKER_OPT_BIP="--bip=192.168.87.1/24"
DOCKER_OPT_IPMASQ="--ip-masq=true"
DOCKER_OPT_MTU="--mtu=1472"
DOCKER_NETWORK_OPTIONS=" --bip=192.168.87.1/24 --ip-masq=true --mtu=1472"
# 编辑配置文件
[root@docker01 ~]# vim /usr/lib/systemd/system/docker.service
EnviromentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_NETWORK_OPTIONS --containerd=/run/containerd/containerd.sock
[root@docker02 ~]# vim /usr/lib/systemd/system/docker.service
EnviromentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_NETWORK_OPTIONS --containerd=/run/containerd/containerd.sock
# 重启docker
[root@docker01 ~]# systemctl daemon-reload
[root@docker01 ~]# systemctl restart docker
[root@docker02 ~]# systemctl daemon-reload
[root@docker02 ~]# systemctl restart docker
# 查看网卡
[root@docker01 ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1472
inet 192.168.69.1 netmask 255.255.255.0 broadcast 192.168.69.255
inet6 fe80::42:a1ff:fede:4181 prefixlen 64 scopeid 0x20<link>
ether 02:42:a1:de:41:81 txqueuelen 0 (Ethernet)
RX packets 2411 bytes 112625 (109.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4576 bytes 3696807 (3.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker02 ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.87.1 netmask 255.255.255.0 broadcast 192.168.87.255
ether 02:42:12:33:f8:3a txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
启动容器测试是否互通
# 开启内核转发
[root@docker01 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@docker02 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
# 防火墙加载规则
[root@docker01 ~]# systemctl start firewalld
[root@docker01 ~]# systemctl stop firewalld
[root@docker02 ~]# systemctl start firewalld
[root@docker02 ~]# systemctl stop firewalld
# 启动容器
[root@docker01 ~]# docker run -it busybox sh
[root@docker02 ~]# docker run -it busybox sh
# 查看网卡信息
##docker01
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:45:03
inet addr:192.168.69.3 Bcast:192.168.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1472 Metric:1
RX packets:13 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1034 (1.0 KiB) TX bytes:378 (378.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
##docker02
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:57:02
inet addr:192.168.87.2 Bcast:192.168.87.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1472 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:516 (516.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
# 测试是否互通
##docker01
/ # ping 192.168.87.2
PING 192.168.87.2 (192.168.87.2): 56 data bytes
64 bytes from 192.168.87.2: seq=0 ttl=60 time=1.067 ms
64 bytes from 192.168.87.2: seq=1 ttl=60 time=0.487 ms
64 bytes from 192.168.87.2: seq=2 ttl=60 time=0.597 ms
##docker02
/ # ping 192.168.69.3
PING 192.168.69.3 (192.168.69.3): 56 data bytes
64 bytes from 192.168.69.3: seq=0 ttl=60 time=0.744 ms
64 bytes from 192.168.69.3: seq=1 ttl=60 time=0.442 ms
Docker 跨主机容器通信之 overlay
# docker03上: consul存储ip地址的分配
docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap
# 设置容器的主机名
consul:kv类型的存储数据库(key:value)
docker01、02上:
vim /etc/docker/daemon.json
{
"cluster-store": "consul://10.0.0.13:8500",
"cluster-advertise": "10.0.0.11:2376"
}
vim /usr/lib/systemd/system/docker.service
systemctl daemon-reload
systemctl restart docker
# 2)创建overlay网络
docker network create -d overlay --subnet 172.16.2.0/24 --gateway 172.16.2.254 ol1
# 3)启动容器测试
docker run -it --network ol1 --name hg busybox /bin/sh
每个容器有两块网卡,eth0实现容器间的通讯,eth1实现容器访问外网
Docker跨主机容器之间的通信macvlan
默认一个物理网卡,只有一个物理mac地址,虚拟多个mac地址
创建 macvlan 网络
docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0
macvlan_1
设置 eth0 的网卡为混杂模式
ip link set eth0 promisc on
创建使用 macvlan 网络的容器
docker run -it --network macvlan_1 --ip=10.0.0.200 busybox
# 查看
[root@docker01 ~]# cat /run/flannel/docker
DOCKER_OPT_BIP="--bip=192.168.69.1/24"
DOCKER_OPT_IPMASQ="--ip-masq=true"
DOCKER_OPT_MTU="--mtu=1472"
DOCKER_NETWORK_OPTIONS=" --bip=192.168.69.1/24 --ip-masq=true --mtu=1472"
[root@docker02 ~]# cat /run/flannel/docker
DOCKER_OPT_BIP="--bip=192.168.87.1/24"
DOCKER_OPT_IPMASQ="--ip-masq=true"
DOCKER_OPT_MTU="--mtu=1472"
DOCKER_NETWORK_OPTIONS=" --bip=192.168.87.1/24 --ip-masq=true --mtu=1472"
# 编辑配置文件
[root@docker01 ~]# vim /usr/lib/systemd/system/docker.service
EnviromentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_NETWORK_OPTIONS --containerd=/run/containerd/containerd.sock
[root@docker02 ~]# vim /usr/lib/systemd/system/docker.service
EnviromentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_NETWORK_OPTIONS --containerd=/run/containerd/containerd.sock
# 重启docker
[root@docker01 ~]# systemctl daemon-reload
[root@docker01 ~]# systemctl restart docker
[root@docker02 ~]# systemctl daemon-reload
[root@docker02 ~]# systemctl restart docker
# 查看网卡
[root@docker01 ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1472
inet 192.168.69.1 netmask 255.255.255.0 broadcast 192.168.69.255
inet6 fe80::42:a1ff:fede:4181 prefixlen 64 scopeid 0x20<link>
ether 02:42:a1:de:41:81 txqueuelen 0 (Ethernet)
RX packets 2411 bytes 112625 (109.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4576 bytes 3696807 (3.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker02 ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.87.1 netmask 255.255.255.0 broadcast 192.168.87.255
ether 02:42:12:33:f8:3a txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# 开启内核转发
[root@docker01 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@docker02 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
# 防火墙加载规则
[root@docker01 ~]# systemctl start firewalld
[root@docker01 ~]# systemctl stop firewalld
[root@docker02 ~]# systemctl start firewalld
[root@docker02 ~]# systemctl stop firewalld
# 启动容器
[root@docker01 ~]# docker run -it busybox sh
[root@docker02 ~]# docker run -it busybox sh
# 查看网卡信息
##docker01
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:45:03
inet addr:192.168.69.3 Bcast:192.168.69.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1472 Metric:1
RX packets:13 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1034 (1.0 KiB) TX bytes:378 (378.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
##docker02
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:C0:A8:57:02
inet addr:192.168.87.2 Bcast:192.168.87.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1472 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:516 (516.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
# 测试是否互通
##docker01
/ # ping 192.168.87.2
PING 192.168.87.2 (192.168.87.2): 56 data bytes
64 bytes from 192.168.87.2: seq=0 ttl=60 time=1.067 ms
64 bytes from 192.168.87.2: seq=1 ttl=60 time=0.487 ms
64 bytes from 192.168.87.2: seq=2 ttl=60 time=0.597 ms
##docker02
/ # ping 192.168.69.3
PING 192.168.69.3 (192.168.69.3): 56 data bytes
64 bytes from 192.168.69.3: seq=0 ttl=60 time=0.744 ms
64 bytes from 192.168.69.3: seq=1 ttl=60 time=0.442 ms
Docker 跨主机容器通信之 overlay
# docker03上: consul存储ip地址的分配
docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap
# 设置容器的主机名
consul:kv类型的存储数据库(key:value)
docker01、02上:
vim /etc/docker/daemon.json
{
"cluster-store": "consul://10.0.0.13:8500",
"cluster-advertise": "10.0.0.11:2376"
}
vim /usr/lib/systemd/system/docker.service
systemctl daemon-reload
systemctl restart docker
# 2)创建overlay网络
docker network create -d overlay --subnet 172.16.2.0/24 --gateway 172.16.2.254 ol1
# 3)启动容器测试
docker run -it --network ol1 --name hg busybox /bin/sh
每个容器有两块网卡,eth0实现容器间的通讯,eth1实现容器访问外网
Docker跨主机容器之间的通信macvlan
默认一个物理网卡,只有一个物理mac地址,虚拟多个mac地址
创建 macvlan 网络
docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0
macvlan_1
设置 eth0 的网卡为混杂模式
ip link set eth0 promisc on
创建使用 macvlan 网络的容器
docker run -it --network macvlan_1 --ip=10.0.0.200 busybox
ip link set eth0 promisc on
docker run -it --network macvlan_1 --ip=10.0.0.200 busybox
Comments | NOTHING