weave简介
Weave creates a virtual network that connects Docker containers deployed across multiple hosts.
Applications use the network just as if the containers were all plugged into the same network switch, with no need to configure port mappings, links, etc. Services provided by application containers on the weave network can be made accessible to the outside world, regardless of where those containers are running. Similarly, existing internal systems can be exposed to application containers irrespective of their location.
Weave can traverse firewalls and operate in partially connected networks. Traffic can be encrypted, allowing hosts to be connected across an untrusted network.
With weave you can easily construct applications consisting of multiple containers, running anywhere.
Weave works alongside Docker’s existing (single host) networking capabilities, so these can continue to be used by containers.
weave简单使用
sudo wget -O /usr/local/bin/weave https://raw.githubusercontent.com/zettio/weave/master/weave
sudo chmod a+x /usr/local/bin/weave
启动weave路由器,这个路由器其实也是在docker中启动的:
<br>[<a href="mailto:root@h-46mow360" rel="noopener">root@h-46mow360</a> ~]# weave launch<br>Unable to find image 'zettio/weave' locally<br>3b3a3db2c186fccb5203dcc269b3febbbbf126591a7ebd8117a8a5250683749f
<br>[<a href="mailto:root@h-46mow360" rel="noopener">root@h-46mow360</a> ~]# brctl show<br>bridge name bridge id STP enabled interfaces<br>docker0 8000.56847afe9799 no veth801050a<br>weave 8000.7afc2a03325e no vethwepl2146<br>[<a href="mailto:root@h-46mow360" rel="noopener">root@h-46mow360</a> ~]# docker ps<br>CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES<br>3b3a3db2c186 zettio/weave:git-a34e214201cb "/home/weave/weaver About a minute ago Up About a minute 0.0.0.0:6783->6783/tcp, 0.0.0.0:6783->6783/udp weave
在两台物理机上分别启动一个容器:
c1=$(weave run 10.0.3.3/24 -t -i -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v /tmp/$(mktemp -d):/run systemd:systemd /usr/lib/systemd/systemd)
c2=$(weave run 10.0.3.5/24 -t -i -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v /tmp/$(mktemp -d):/run systemd:systemd /usr/lib/systemd/systemd)
这个时候,两个容器之间是不通的,需要在两台weave的路由器之间建立连接:(
if there is a firewall between $HOST1 and $HOST2, you must open port 6783 for TCP and UDP)
weave connect 10.33.0.9
这样,两台容器之间通了:
nsenter --mount --uts --ipc --net --pid --target $(docker inspect --format "{{.State.Pid}}" "$c2")
-bash-4.2# ping -c 3 10.0.3.3
PING 10.0.3.3 (10.0.3.3) 56(84) bytes of data.
64 bytes from 10.0.3.3: icmp_seq=1 ttl=64 time=2.34 ms
64 bytes from 10.0.3.3: icmp_seq=2 ttl=64 time=1.52 ms
64 bytes from 10.0.3.3: icmp_seq=3 ttl=64 time=1.13 ms
`
Original: https://www.cnblogs.com/feisky/p/4093717.html
Author: feisky
Title: 使用weave管理docker网络
原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/534383/
转载文章受原作者版权保护。转载请注明原作者出处!