在 docker 中使用覆盖使用多主机网络功能是否需要 swarm
Is swarm required for using multi-host networking feature using overlay in docker
我已经完成了 getting started overlay 中的示例并且我有一个简单的查询。是否可以在不创建 swarm cluster 的情况下使用覆盖来使用多主机网络功能?我不想使用 weave 等第三方插件。我想为此使用 docker 本机网络支持。
我有 3.16+ kernel 运行 RHEL 和 docker 1.9.
是的,这是可能的:参见“Lab 6: Docker Networking”。
覆盖网络的关键部分是发现服务,例如 Consul.
An overlay network requires a key-value store.
The store maintains information about the network state which includes discovery, networks, endpoints, ip-addresses, and more. Engine supports Consul, etcd, and ZooKeeper (Distributed store) key-value store stores.
文章“Docker Networks: Discovering Services on an Overlay”对当前的服务发现工具提出了一些批评,这些工具不是为单独的容器注册或发现而构建的。
Overlay uses KV stores under the covers to model the network topology and enable cross-host container to container communication. It does not provide SRV record resolution.
The rub is that in an overlay network every container has its own IP address.
So, the only way you could make this work is by running Consul agents inside of every container on the network that contributes a service. That is certainly not transparent to the developer, or compatible with off-the-shelf images.
我已经完成了 getting started overlay 中的示例并且我有一个简单的查询。是否可以在不创建 swarm cluster 的情况下使用覆盖来使用多主机网络功能?我不想使用 weave 等第三方插件。我想为此使用 docker 本机网络支持。
我有 3.16+ kernel 运行 RHEL 和 docker 1.9.
是的,这是可能的:参见“Lab 6: Docker Networking”。
覆盖网络的关键部分是发现服务,例如 Consul.
An overlay network requires a key-value store.
The store maintains information about the network state which includes discovery, networks, endpoints, ip-addresses, and more. Engine supports Consul, etcd, and ZooKeeper (Distributed store) key-value store stores.
文章“Docker Networks: Discovering Services on an Overlay”对当前的服务发现工具提出了一些批评,这些工具不是为单独的容器注册或发现而构建的。
Overlay uses KV stores under the covers to model the network topology and enable cross-host container to container communication. It does not provide SRV record resolution.
The rub is that in an overlay network every container has its own IP address.
So, the only way you could make this work is by running Consul agents inside of every container on the network that contributes a service. That is certainly not transparent to the developer, or compatible with off-the-shelf images.