回顾
1、启动docker
systemctl start docker
2、拉取registry镜像
docker pull registry
3、启动镜像,同时挂载目录(保存镜像)端口映射5000
docker run -d 0v /regist/:/var/lib/registry/ -p5000:5000 regist
4、修改/etc/docker/daemon.json. Insecure
vim /etc/docker/daemon.json
...
,
"insecure-registries":[
"http://192.168.1.20:5000"
]
5、重启docker
systemctl restart docker
6、访问测试仓库信息
#查看仓库目录
curl localhost:5000
7、上传
#打标签
docker ar centos:last 192.168.1.20:5000/abc:v0
docker push 192..
8、下载
#配置/etc/docker/daemon.json
vim /etc/docker/daemon
....
{
"insecure-registries":[
"http://192.168.1.20:5000"
]
}
systemctl restart docker
#拉取私有仓库的镜像
docker pull 192.168.1.20:5000/centosnginx:v0
9、测试拉取的镜像
docker run -d -p80:80 192.168.1.20centosnginx:v0
跨主机容器之间通讯
node2
装完flannel就可以了
[root@node2 ~]# yum -y install flannel
node1
[root@node1 ~]# yum -y install etcd
[root@node1 ~]# yum -y install flannel
配置启动etcd(node1)
[root@node1 ~]# vim /etc/etcd/etcd.conf
[root@node1 ~]# cat /etc/etcd/etcd.conf
.....
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379,http:/0.0.0.0:4001"
......
#[Clustering]
#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.1.22:2379,http://192.168.1.22:4001"
#ETCD_DISCOVERY=""
.....
启动服务
[root@node1 ~]# systemctl start etcd.service
[root@node1 ~]# systemctl enable etcd.service
#查看端口状态
[root@node1 ~]# netstat -lnput |grep 2379
tcp6 0 0 :::2379 :::* LISTEN 1752/etcd
[root@node1 ~]# netstat -lnput |grep 4001
tcp6 0 0 :::4001 :::* LISTEN 1752/etcd
测试数据库
[root@node1 ~]# etcdctl set tesdir/testkey0 1000
1000
[root@node1 ~]# etcdctl get tesdir/testkey0
1000
测试集群健康
[root@node1 ~]# etcdctl -C http://192.168.1.22:4001 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.1.22:2379
cluster is healthy
[root@node1 ~]# etcdctl -C http://192.168.1.22:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://192.168.1.22:2379
cluster is healthy
修改flannel文件
[root@node1 ~]# vim /etc/sysconfig/flanneld
[root@node1 ~]# cat /etc/sysconfig/flanneld
....
# etcd url location. Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.22:2379" //改为本机IP地址
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network" //数据存储的位置
....
向数据库中存入信息
[root@node1 ~]# etcdctl mk /atomic.io/network/config '{ "Network" : "172.20.0.0/16" }'
{ "Network" : "172.20.0.0/16" }
#读取
[root@node1 ~]# etcdctl get /atomic.io/network/config
{ "Network" : "172.20.0.0/16" }
启动并设置flannel开机自启
[root@node1 ~]# systemctl start flanneld.service
[root@node1 ~]# systemctl enable flanneld.service
安装docker,启动docker
脚本
[root@node1 ~]# source docker.sh
[root@node1 ~]# systemctl start docker.service
查看flannel子网ip
[root@node1 ~]# cat /run/flannel/subnet.env
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.72.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
从其他主机复制一份daemon.json
[root@node1 ~]# scp root@192.168.1.20:/etc/docker/daemon.json /etc/docker/
[root@node1 ~]# vim /etc/docker/daemon.json //此时重启是失败的
[root@node1 ~]# systemctl restart docker.service
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
[root@node1 ~]# vim /usr/lib/systemd/system/docker.service //13行删一下
[root@node1 ~]# systemctl daemon-reload
[root@node1 ~]# systemctl restart docker.service //此时重启成功
查看flannel,docker网段
[root@node1 ~]# ip a s
......
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 172.20.72.0/16 scope global flannel0
......
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1472 qdisc noqueue state DOWN group default
link/ether 02:42:c3:70:70:d6 brd ff:ff:ff:ff:ff:ff
inet 172.20.72.1/24 brd 172.20.72.255 scope global docker0
......
node2
修改配置文件
[root@node2 ~]# vim /etc/sysconfig/flanneld
[root@node2 ~]# cat /etc/sysconfig/flanneld
...
FLANNEL_ETCD_ENDPOINTS="http://192.168.1.22:2379" //改成node1的IP,有数据库
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"
....
启动flannel服务(关闭node1的防火墙)
[root@node2 ~]# systemctl start flanneld.service
安装docker,用脚本即可,启动docker
复制一份daemon.json
[root@node2 ~]# cat /run/flannel/subnet.env
FLANNEL_NETWORK=172.20.0.0/16
FLANNEL_SUBNET=172.20.35.1/24
FLANNEL_MTU=1472
FLANNEL_IPMASQ=false
[root@node2 ~]# vim /etc/docker/daemon.json //修改一个IP
[root@node2 ~]# cat /etc/docker/daemon.json
......
],
"bip" : "172.20.35.1/24", #这里
"mtu" : 1472
}
[root@node2 ~]# vim /usr/lib/systemd/system/docker.service //删掉13行的一部分
[root@node2 ~]# systemctl daemon-reload
[root@node2 ~]# systemctl restart docker.service
[root@node2 ~]# ip a s
......
3: flannel0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1472 qdisc pfifo_fast state UNKNOWN group default qlen 500
link/none
inet 172.20.35.0/16 scope global flannel0
......
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1472 qdisc noqueue state DOWN group default
link/ether 02:42:64:6f:9b:bd brd ff:ff:ff:ff:ff:ff
inet 172.20.35.1/24 brd 172.20.35.255 scope global docker0
......
测试,互通
#在node2上
[root@node2 ~]# docker run -it centos:latest /bin/bash
[root@f5328f83b80e /]# ping 172.20.72.1
PING 172.20.72.1 (172.20.72.1) 56(84) bytes of data.
64 bytes from 172.20.72.1: icmp_seq=1 ttl=61 time=1.42 ms
64 bytes from 172.20.72.1: icmp_seq=2 ttl=61 time=0.502 ms
64 bytes from 172.20.72.1: icmp_seq=3 ttl=61 time=3.01 ms
64 bytes from 172.20.72.1: icmp_seq=4 ttl=61 time=1.42 ms
64 bytes from 172.20.72.1: icmp_seq=5 ttl=61 time=0.407 ms
64 bytes from 172.20.72.1: icmp_seq=6 ttl=61 time=0.395 ms
64 bytes from 172.20.72.1: icmp_seq=7 ttl=61 time=0.348 ms
^C
--- 172.20.72.1 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6009ms
rtt min/avg/max/mdev = 0.348/1.070/3.006/0.905 ms
#在node1上
[root@node1 ~]# docker attach 988f
[root@988ff7b555cf /]# ping 172.20.35.1
PING 172.20.35.1 (172.20.35.1) 56(84) bytes of data.
64 bytes from 172.20.35.1: icmp_seq=1 ttl=61 time=0.686 ms
64 bytes from 172.20.35.1: icmp_seq=2 ttl=61 time=0.424 ms
^C
--- 172.20.35.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.424/0.555/0.686/0.131 ms
总结
1、安装flannel
yum -y install flannel
2、配置flannel 配置flannel要访问的etcd数据库所在的位置
vim /etc/sysconfig/flanneld
3、启动flannel
systemctl start flanneld
4、查看flannel分配的ip网段
cat /run/flannel/subnet.env
5、安装docker
6、将flannel分配网段写入到daemon
vim /etc/
7、重启docker
systemctl restart docker.service
8、拉取centos镜像
docker pull centos
docker run -it centos:latest /bin/bash
9、ping node1中容器的IP地址
工作原理:
1、使用flannel为docker主机(宿主机)分配网段
2、网段信息以及IP的信息保存在etcd数据库中
3、当flannel开始运行的时候,会从etcd数据库中读取{ "Network" : "172.20.0.0/16" },随机为当前的主机添加一个flannel0网卡 172.20.72.0
4、配置docker的daemon文件,让docker0网卡变成和flannel网卡的网段一致,之后docker下创建的容器的ip就在flannel的网段控制之内