01/25/2019 – 一江春水向东流

未分类

Kubernetes & Docker 容器网络终极之战

与 Docker 默认的网络模型不同，Kubernetes 形成了一套自己的网络模型，该网络模型更加适应传统的网络模式，应用能够平滑的从非容器环境迁移到 Kubernetes 环境中。自从 Docker 容器出现，容器的网络通信一直是众人关注的焦点，而容器的网络方案又可以分为两大部分：单主机的容器间通信；跨主机的容器间通信。一、单主机 Docker 网络通信利用 Net Namespace 可以为 Docker 容器创建隔离的网络环境，容器具有完全独立的网络栈，与宿主机隔离。也可以使 Docker 容器共享主机或者其他容器的网络命名空间。我们在使用docker run创建 Docker 容器时，可以使用–network=选项指定容器的网络模式，Docker 有以下 4 种网络模式： host 模式，使用–network=host指定，不支持多主机； bridge 模式，使用–network=bridge指定，默认设置，不支持多主机； container 模式，使用–network=container:NAME_or_ID指定，即joiner 容器，不支持多主机； none 模式，使用–network=none指定，不支持多主机。 1.1、host 模式连接到 host 网络的容器共享 Docker host 的网络栈，容器的网络配置与 host 完全一样。我们先查看一下主机的网络。

[root@datanode03 ~]# ifconfig
docker0: flags=4099<span class="hljs-tag">&lt;<span class="hljs-name">UP,BROADCAST,MULTICAST</span>&gt;</span>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:44:8d:48:70  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

enp1s0: flags=4163<span class="hljs-tag">&lt;<span class="hljs-name">UP,BROADCAST,RUNNING,MULTICAST</span>&gt;</span>  mtu 1500
        inet 192.168.1.203  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::2e0:70ff:fe92:4779  prefixlen 64  scopeid 0x20<span class="hljs-tag">&lt;<span class="hljs-name">link</span>&gt;</span>
        ether 00:e0:70:92:47:79  txqueuelen 1000  (Ethernet)
        RX packets 46093  bytes 66816291 (63.7 MiB)
        RX errors 0  dropped 1  overruns 0  frame 0
        TX packets 24071  bytes 1814769 (1.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<span class="hljs-tag">&lt;<span class="hljs-name">UP,LOOPBACK,RUNNING</span>&gt;</span>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<span class="hljs-tag">&lt;<span class="hljs-name">host</span>&gt;</span>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 170  bytes 107720 (105.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 170  bytes 107720 (105.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@datanode03 ~]# ifconfig

docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500

inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255

ether 02:42:44:8d:48:70 txqueuelen 0 (Ethernet)

RX packets 0 bytes 0 (0.0 B)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 0 bytes 0 (0.0 B)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 192.168.1.203 netmask 255.255.255.0 broadcast 192.168.1.255

inet6 fe80::2e0:70ff:fe92:4779 prefixlen 64 scopeid 0x20<link>

ether 00:e0:70:92:47:79 txqueuelen 1000 (Ethernet)

RX packets 46093 bytes 66816291 (63.7 MiB)

RX errors 0 dropped 1 overruns 0 frame 0

TX packets 24071 bytes 1814769 (1.7 MiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

inet 127.0.0.1 netmask 255.0.0.0

inet6 ::1 prefixlen 128 scopeid 0x10<host>

loop txqueuelen 0 (Local Loopback)

RX packets 170 bytes 107720 (105.1 KiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 170 bytes 107720 (105.1 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

January 25, 2019

未分类

Kubernetes & Docker 容器网络终极之战