前面给大家讲到了京东618采用了10w+的docker量级,那么这些docker当然不是在一台宿主机上部署的,否则需要多么庞大的配置了,我想目前这样高配置的服务器应该还没有吧。所以10w+的docker当然是分别部署到成千上万台服务器上。这里大家肯定又会在脑子里提出疑问:docker容器是如何在宿主机之间跨主机通信的呢?

既然有docker的出现,linux自然会有应对它出现各种问题的解决办法。其中linux kernel中有一个模块macvlan,即可实现docker跨主机通信。什么是macvlan?
macvlan 本身是 linux kernel 模块,其功能是允许在同一个物理网卡上配置多个 MAC 地址,即多个 interface,每个 interface 可以配置自己的 IP,macvlan 本质上是一种网卡虚拟化技术。

使用macvlan实现容器跨主机通信,分别在docker01,docker02两台主机上执行以下代码,用docker network ls查看会发现主机下多出了一个macvlan_1网卡。

[root@docker01 ~]# docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1
28a1fbd4c00996ae8229365aff330cb8074c2c1963ab42dbb553b75db9fdc94d
[root@docker01 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
ee3200a1482b        bridge              bridge              local
1a2a87ff3711        host                host                local
28a1fbd4c009        macvlan_1           macvlan             local
[root@docker01 ~]# 

#docker network create     创建网络
#--driver macvlan       指定网络驱动位macvlan
#--subnet   10.0.0.0/24    指定子网网段
#--gateway   10.0.0.254   指定网关
#-o parent=eth0  基于哪一个网卡
#macvlan_1     给创建的网卡命名

测试:
docker01:docker run -it --network macvlan_1 --ip=10.0.0.111 busybox:latest /bin/sh
在docker01上启动容器并指定ip为10.0.0.111,通过--network macvlan_1指定网卡

docker02: docker run -it --network macvlan_1 --ip=10.0.0.112 busybox:latest /bin/sh
在docker02上启动容器并指定ip为10.0.0.112,通过--network macvlan_1指定网卡

[root@docker01 ~]# docker run -it --network macvlan_1 --ip=10.0.0.111 busybox:latest /bin/sh
/ # ping 10.0.0.112
PING 10.0.0.112 (10.0.0.112): 56 data bytes
64 bytes from 10.0.0.112: seq=0 ttl=64 time=0.458 ms
64 bytes from 10.0.0.112: seq=1 ttl=64 time=0.922 ms
64 bytes from 10.0.0.112: seq=2 ttl=64 time=0.882 ms
^C
--- 10.0.0.112 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.458/0.754/0.922 ms
/ # ping 10.0.0.12
PING 10.0.0.12 (10.0.0.12): 56 data bytes
64 bytes from 10.0.0.12: seq=0 ttl=64 time=1.113 ms
64 bytes from 10.0.0.12: seq=1 ttl=64 time=0.548 ms
^C
--- 10.0.0.12 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.548/0.830/1.113 ms
/ # 
[root@docker02 ~]# docker run -it --network macvlan_1 --ip=10.0.0.112 busybox:latest /bin/sh
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
ee153a04d683: Pull complete 
Digest: sha256:9f1003c480699be56815db0f8146ad2e22efea85129b5b5983d0e0fb52d9ab70
Status: Downloaded newer image for busybox:latest
/ # ping 10.0.0.11
PING 10.0.0.11 (10.0.0.11): 56 data bytes
64 bytes from 10.0.0.11: seq=0 ttl=64 time=0.704 ms
64 bytes from 10.0.0.11: seq=1 ttl=64 time=0.977 ms
^C
--- 10.0.0.11 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.704/0.840/0.977 ms
/ # ping 10.0.0.111
PING 10.0.0.111 (10.0.0.111): 56 data bytes
64 bytes from 10.0.0.111: seq=0 ttl=64 time=0.952 ms
64 bytes from 10.0.0.111: seq=1 ttl=64 time=0.526 ms
64 bytes from 10.0.0.111: seq=2 ttl=64 time=0.495 ms
64 bytes from 10.0.0.111: seq=3 ttl=64 time=0.670 ms
^C64 bytes from 10.0.0.111: seq=4 ttl=64 time=0.497 ms
^C64 bytes from 10.0.0.111: seq=5 ttl=64 time=0.685 ms
^C
--- 10.0.0.111 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 0.495/0.637/0.952 ms
/ # ^C
/ # ping www.baidu.com
PING www.baidu.com (180.101.49.11): 56 data bytes
64 bytes from 180.101.49.11: seq=0 ttl=128 time=7.872 ms
64 bytes from 180.101.49.11: seq=1 ttl=128 time=7.786 ms
64 bytes from 180.101.49.11: seq=2 ttl=128 time=7.597 ms
^C
--- www.baidu.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 7.597/7.751/7.872 ms
/ # 

通过ping检测相互之间可以通信,如果在这种情况下你的docker容器之间无法ping通:
1.请确保两台宿主机的主机名不同。
2.设置eth0的网卡为混杂模式:ip link set eth0 promisc on(off,关闭)默认没有开启

macvlan需要手动管理,为了避免ip重复,创建容器的ip时,采用宿主机ip作为前缀,如ip地址为:10.0.0.11,则该宿主机下的容器为:10.0.0.111,10.0.0.112,10.0.0.113,....

最后修改于 2019-07-30 09:06:40
如果觉得我的文章对你有用,请随意赞赏
扫一扫支付
上一篇