Cross-host connectivity for Docker containers

<title>Cross-host connectivity for Docker containers</title> Cross-host connectivity for Docker containers connects across host containers using a network bridge

Network topology

The network connection is using Bridge

Operation

1. modifying /etc/network/interfaces files, assigning static IP addresses

1.auto br0
2.static
3.10.211.55.3
4.255.255.255.0
5.10.211.55.1
6.bridge_ports eth0

2. Modify /etc/default/docker the file to limit the allocation of IP address segments to prevent conflicts

1.-b Specifies the use of custom bridges
2.-b=br0
3.--FIXED-CIDR Limit IP Address assignment range
4.IP Address Division:
5.Host1:10.211. the./ -
6.Address range:10.211. the.~10.211. the. 126
7.Host2:192.168../ -
8.Address range:10.211. the. 129~10.211. the. the

Advantages:

• Simple configuration, no reliance on third-party software
  Disadvantages:
• With the host in the same network segment, you need to carefully divide the IP address
• Need to have network segment control, in the production environment is not easy to achieve
• Difficult to manage
• Poor compatibility

Using the open vswitch to implement a cross-host container connection What is open vswitch?

Open Vswitch is a high-quality, multi-tiered virtual switch that uses the Open Source Apache2.0 license Agreement, developed by Nicira Networks, primarily to implement code as portable C code. It is designed to allow large-scale network automation to be extended programmatically while still supporting standard management interfaces and protocols (e.g. NETFLOW,SFLOW,SPAN,RSPAN,CLI,LACP,802.1AG)
principle:

What is a GRE tunnel?

GRE: Generic Routing protocol Encapsulation
Tunneling Technology (tunneling) is a way of transmitting data between networks by using the infrastructure of the internetwork. The data (or payload) that is passed by using a tunnel can be a data frame or package of different protocols. The tunneling Protocol re-encapsulates the data frames or packets of other protocols and sends them through the tunnel. The new frame header provides routing information to pass the encapsulated payload data over the Internet. ( Point-to-point re-encapsulation technology )

Network connection using dual NIC,host-only & NAT

Operation

1. Establish OvS Bridge
   View OvS Version

1.sudo ovs-vsctl show

Build a bridge called Obr0

1.sudo ovs-vsctl add-br obr0

2. Add a GRE connection with the interface named GRE0

1.sudo ovs-vsctl add-port obr0 gre0

Set the type for the interface and the address of the remote other host 192.168.59.104

1.set interface gre0 type=gre options:remote_ip=192.168.59.104

3. Configure the Docker container virtual bridge

1.192.168.1.1255.255.255.0

4. Add a OvS interface to a virtual bridge

1.sudobrctl addif br0 obr0

Modified /etc/default/docker to replace the default Docker0 with the new bridge

1.DOCKER_OPTS="-b=br0"

Restart Servicesudo service docker restart

5. Add different Docker container segment routes

1.192.168.2.0/24192.168.59.104 dev eth0

What is weave for cross-host container connectivity using weave?

Semantics: Weaving
Set up a virtual network for connecting Docker containers running on different hosts
Http://weave.works
Https://github.com/weaveworks/weave#readme

Network connection using dual NIC,host-only & NAT

Operation

1. Installing weave
   Download

1./usr/bin/weave https://raw.githubusercontent.com/zettio/weave/master/weave

Change permissions for the Weave folder

1.a+x /usr/bin/weave

2. Start weave

1.launch

When you start weave, you are actually running a weave container in Docker

3. Connecting different hosts
   In order to be able to properly connect the two Docker hosts, pass the IP of another host when running weave

1.192.168.59.103

4. Launching the container via weave
   Create a container from weave and return the ID of the container

1.192.168.1.2/24 -it ubuntu /bin/bash)

View ID

1.$c2

Enter the container

1.$c2

or directly

1.192.168.1.2/24 -it --name wc1  ubuntu /bin/bash

Cross-host connectivity for Docker containers