Docker Swarm覆盖网络在节点之间不起作用

时间:2018-04-12 17:59:25

标签: docker networking docker-swarm docker-swarm-mode

我正试图在docker swarm中将我的docker服务连接在一起。

该网络由2个覆盆子pi组成。

我可以创建一个名为test-overlay的覆盖网络,我可以看到raspberry pi节点上的服务可以连接到网络。

我的问题:

我无法链接到具有覆盖网络的节点之间的服务。

根据节点和服务的以下配置,service1可以使用地址http://service2连接到service2。但它不适用于http://service3。但http://service3可以访问service4

node1:
  - service1
  - service2
node2:
  - service3
  - service4

我是docker swarm的新手,感谢任何帮助。

检查叠加层

我已在两个节点上运行命令sudo docker inspect network test-overlay

主节点上的

返回以下内容:

[
    {
        "Name": "test-overlay",
        "Id": "skxhz8sb3f82dhh9jt9t3j5yl",
        "Created": "2018-04-15T20:31:20.629719732Z",
        "Scope": "swarm",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "10.0.0.0/24",
                    "Gateway": "10.0.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "3acb436a0cc9a4d584d537edb1546988d334afa4793cc4fae4dd6ac9b48828ea": {
                "Name": "docker-registry.1.la1myuodpkq0x5h39pqo6lt7f",
                "EndpointID": "66887fb1f5f253c6cbec149aa51ab85168903fdd2290719f26d2bcd8d6c68dc8",
                "MacAddress": "02:42:0a:00:00:04",
                "IPv4Address": "10.0.0.4/24",
                "IPv6Address": ""
            },
            "786e1fee538f81fe41ccd082800c646a0e191b0fd912e5c15530e61c248e81ac": {
                "Name": "portainer.1.qyvvlcdqo5sewuku3eiykaplz",
                "EndpointID": "0d29e5452c208ed637ae2e7dcec026f39d2431e8e0e20765a9e0e6d6dfdc60ca",
                "MacAddress": "02:42:0a:00:00:15",
                "IPv4Address": "10.0.0.21/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.driver.overlay.vxlanid_list": "4101"
        },
        "Labels": {},
        "Peers": [
            {
                "Name": "d049fc8f8ae1",
                "IP": "192.168.1.2"
            },
            {
                "Name": "6c0da128f308",
                "IP": "192.168.1.3"
            }
        ]
    }
]

在worker节点上返回以下内容:

[
    {
        "Name": "test-overlay",
        "Id": "skxhz8sb3f82dhh9jt9t3j5yl",
        "Created": "2018-04-20T14:04:57.870696195Z",
        "Scope": "swarm",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "10.0.0.0/24",
                    "Gateway": "10.0.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "4cb50161119e4b58a472e1b5c380c301bbb00a23fc99fc2e0712a8c4bde6d9d4": {
                "Name": "minio.1.fo2su2quv8herbmnxqfi3g8w2",
                "EndpointID": "3e85786304ed08f02c09b8e1ed6a153a3b4c2ef7afe503a1b0ca6cf341521645",
                "MacAddress": "02:42:0a:00:00:d6",
                "IPv4Address": "10.0.0.214/24",
                "IPv6Address": ""
            },
            "ce99b3788a4f9438e276e0f52a8f4d29fa09179e3e93b31b14f45339ce3c5315": {
                "Name": "load-balancer.1.j64h1eecsc05b7d397ejvedv3",
                "EndpointID": "3b7e73d27fe30151f2dc2a0ba8a5afc7f74fd283159a03a592be10e297f58d51",
                "MacAddress": "02:42:0a:00:00:d0",
                "IPv4Address": "10.0.0.208/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.driver.overlay.vxlanid_list": "4101"
        },
        "Labels": {},
        "Peers": [
            {
                "Name": "d049fc8f8ae1",
                "IP": "192.168.1.2"
            },
            {
                "Name": "6c0da128f308",
                "IP": "192.168.1.3"
            }
        ]
    }
]

3 个答案:

答案 0 :(得分:3)

这似乎是因为节点无法在所需的端口上相互连接。

TCP port 2377 for cluster management communications
TCP and UDP port 7946 for communication among nodes
UDP port 4789 for overlay network traffic

在打开这些端口之前。

一个更好,更简单的解决方案是使用docker映像portainer/agent。如文档所述,

The Portainer Agent is a workaround for a Docker API limitation when using the Docker API to manage a Docker environment.

https://portainer.readthedocs.io/en/stable/agent.html

我希望这可以帮助其他遇到此问题的人。

答案 1 :(得分:0)

检查您的节点是否具有正确打开的群集所需的端口,如此处所述https://docs.docker.com/network/overlay/"先决条件":

TCP port 2377 for cluster management communications
TCP and UDP port 7946 for communication among nodes
UDP port 4789 for overlay network traffic

答案 2 :(得分:0)

我还不能发表评论,但是我设法通过X0r0N提供的解决方案解决了这个问题,并且我留下这个评论是为了帮助将来能够找到自己的解决方案的人们。

我在DigitalOcean中部署了10个Droplet,使用Docker提供的默认Docker映像。它在描述中说它关闭了所有端口,但它们与Docker有关。显然,这不包括Swarm用例。

在允许ufw使用端口2377、4789和7946之后,Docker Swarm现在可以按预期运行。

为使此答案独立存在,端口映射到以下功能:

TCP端口2377:群集管理通信 TCP和UDP端口7649:节点之间的通信 UDP端口4789:覆盖网络流量

相关问题
最新问题