Docker容器访问群集IP
运行Docker容器时,群集容器是否可以通过ENVvariables或其他方式访问群集节点的所有IP?
我想在群集中的每个节点上运行Elasticsearch实例。 他们将以单播模式发现对方。 因此,每个Elasticsearch实例需要configuration集群中的IP列表。
如果您的意思是一个节点的容器可以访问其他节点的容器的IP,那么这是不可能的。 您必须使用编织工具将容器连接到不同的节点或其他工具。
如果您正在使用最新的Docker(1.13+)和游标覆盖networking,则应该能够通过DNS循环获取所有群集的节点IP( – endpoint-mode dnsrr)
1)创build一个覆盖networking。
https://docs.docker.com/engine/swarm/networking/
docker network create \ --driver overlay \ my-network 2)validation游泳节点:
docker@node1:~$ docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS 5l07yt2itiee60xfq7g6c01e4 * node1 Ready Active Leader pckn7qo3xpbxvs89ni6whyql3 node2 Ready Active
3)使用“全局”模式在每个节点上创build一个高山容器:
docker service create --mode global --endpoint-mode dnsrr --name testservice --detach=true --network my-network alpine ash -c "apk update;apk add drill; ping docker.com"
4)validation服务正在运行:
docker@node1:~$ docker service ls ID NAME MODE REPLICAS IMAGE PORTS lmy5s3flw763 testservice global 2/2 alpine:latest
5)validation容器是否在单独的节点上部署:
$ docker-machine ssh node1 "docker ps" CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4c7055b01479 alpine:latest "ash -c 'apk updat..." 2 minutes ago Up 2 minutes testservice.5l07yt2itiee60xfq7g6c01e4.atvascigh3rvxvlzttaotkrua $ docker-machine ssh node2 "docker ps" CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 28da546aa0d5 alpine:latest "ash -c 'apk updat..." 2 minutes ago Up 2 minutes testservice.pckn7qo3xpbxvs89ni6whyql3.ebjz4asni4w1f0srna0p3vj4a
6)确认node1和node2上每个容器的单个虚拟IP:
| => docker-machine ssh node1 "docker exec 4c7055b01479 ash -c 'ip addr'|grep eth0" 349: eth0@if350: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP inet 10.0.0.2/24 scope global eth0 | => docker-machine ssh node2 "docker exec 28da546aa0d5 ash -c 'ip addr'|grep eth0" 319: eth0@if320: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1450 qdisc noqueue state UP inet 10.0.0.3/24 scope global eth0
7)使用Drill dns工具获取群集中所有容器的容器IP地址:
| => docker-machine ssh node1 "docker exec 4c7055b01479 ash -c 'drill testservice'" ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 60920 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;; testservice. IN A ;; ANSWER SECTION: testservice. 600 IN A 10.0.0.3 testservice. 600 IN A 10.0.0.2 ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; Query time: 0 msec ;; SERVER: 127.0.0.11 ;; WHEN: Thu Jul 20 19:20:49 2017 ;; MSG SIZE rcvd: 83
8)validation容器可以相互ping通:
docker-machine ssh node1 "docker exec 4c7055b01479 ash -c 'ping -c2 10.0.0.3'" PING 10.0.0.3 (10.0.0.3): 56 data bytes 64 bytes from 10.0.0.3: seq=0 ttl=64 time=0.539 ms 64 bytes from 10.0.0.3: seq=1 ttl=64 time=0.731 ms --- 10.0.0.3 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.539/0.635/0.731 ms docker-machine ssh node2 "docker exec 28da546aa0d5 ash -c 'ping -c2 10.0.0.2'" PING 10.0.0.2 (10.0.0.2): 56 data bytes 64 bytes from 10.0.0.2: seq=0 ttl=64 time=0.579 ms 64 bytes from 10.0.0.2: seq=1 ttl=64 time=0.736 ms --- 10.0.0.2 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.579/0.657/0.736 ms