docker networking - boulder linux users group (blug)
TRANSCRIPT
Docker Networking ADITYA GAWADE
Docker BasicsMANAGING IMAGES AND CONTAINERS
What's Docker?
Containerization platform Provides leaner / application specific virtual machines. Uses existing kernel features such as namespaces and cgroups Open source and available on Linux distributions. Applications are installed on containers packaged, shipped and deployed This eliminates low level dependencies.
How Docker Works?
Host
Client
Registry
Docker-clientDocker runDocker ps
C1
C2
C3
Docker daemon
NETWORK
Docker basic commands
Docker run – Run a container Docker attach – attach to a running container Docker info – identify docker version and configuration details Docker ps – Show currently running containers. Docker images - list images cached locally. Docker <command> --help – show command options
Docker Single Host NetworkingNETWORK ON A SINGLE DOCKER HOST
Docker Bridge Docker provides a default bridge "docker0" By default, all containers are connected to "docker0" Bridge connects all containers on a single host Docker network ls – to view existing networks
User defined Networks (Bridge)
Docker network create – to create a new network/driver Docker run –itd –name=container1 –network=<custom bridge name>
<image> Eg: docker network create –driver bridge isolated_nw
Option to create a network
Create custom driver
Custom network name
Multi-host Networking (Overlay) DEPLOYING A NETWORK ACROSS HOSTS
Different Methods of Multihost Networking Overlay Network Macvlan Open virtual switch (OVS) Standard bridge utilites (brctl)
Overlay Concept
KV STOREConsul
Docker Host 1 Docker Host 2
C1 C2Serf + VXLAN
Overlay Network
Serf
Created by Hashicorp Used for orchestration and cluster management Uses Gossip Protocol Infrequent UDP messages Supported on Linux, Mac OS and Windows
VXLAN (Virtual Extensible LAN)
Extend VLAN address space. Used for Overlays to implement Encapsulation over Layer 3
infrastructure Encapsulates Layer 2 information (VXLAN No.) in Layer 3 Packet.
Image sourced from "Arista VXLAN Bridging with DCI Head End Replication" http://www.intelligentvisibility.com/blog/?p=376
Steps to create an overlay network
1. Check and update Docker Engine (Latest version 1.12) on hosts. 2. Set up a KV Store 3. Connect hosts to KV store 4. Create an overlay network. 5. Add containers to overlay network 6. Check connectivity between containers
Setting up a KV store
We are using a Consul container as a Docker host It s deployed on an external host. docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap -p = publish a container's port to host -d = detach/ run in background -h = container hostname Docker port consul – check port binding
Connecting hosts to KV Store
Stop the docker service $ sudo systemctl stop docker.service (RedHat) $ sudo service docker stop Connect hosts to KV store sudo docker daemon -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --cluster-advertise <Net int of host>:2375 --cluster-store consul://<Public IP of host interface>:8500-H = host --cluster-advertise = send advertisements for cluster on intf:2375 --cluster-store = IP of KV store/cluster manager
Hosts Joining a Cluster
Create an overlay Network
On any host: docker network create –d overlay --subnet=<IP address>/<Mask> <network name>
Add containers to overlay network On each of the hosts: docker run –itd --name=<container name> --network=<overlay name> <container image>
Docker network inspect <overlay name> (for Verification)
Overlay Network Image
Checking connectivity between containers
Ping From C1 to C2 docker exec C2 ping –w5 C1
References Introduction to Docker: https://sysadmincasts.com/episodes/31-introduction-to-docker Docker Container Networking: https://docs.docker.com/engine/userguide/networking/ Docker Multi-host Network: https://luppeng.wordpress.com/2016/05/03/setting-up-an-overlay-network-on-docker-without-swarm/ Docker Networking Deep Dive (DockerCon 15): https://www.youtube.com/watch?v=vb7U_9AO7Ww 4 Ways to Connect Containers to Local Network http://blog.oddbit.com/2014/08/11/four-ways-to-connect-a-docker/ VXLAN Definition: http://whatis.techtarget.com/definition/VXLAN Serf https://www.serf.io/ Install Docker on Ubuntu https://docs.docker.com/engine/installation/linux/ubuntulinux/ Install Docker on Centos https://docs.docker.com/engine/installation/linux/centos/