File: overlay.md

package info (click to toggle)
docker.io 20.10.24%2Bdfsg1-1%2Bdeb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bookworm-proposed-updates
  • size: 60,824 kB
  • sloc: sh: 5,621; makefile: 593; ansic: 179; python: 162; asm: 7
file content (153 lines) | stat: -rw-r--r-- 4,443 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
# Overlay Driver

### Design
TODO

### Multi-Host Overlay Driver Quick Start

This example is to provision two Docker Hosts with the **experimental** Libnetwork overlay network driver.

### Pre-Requisites

- Kernel >= 3.16
- Experimental Docker client

### Install Docker Experimental

Follow Docker experimental installation instructions at: [https://github.com/docker/docker/tree/master/experimental](https://github.com/docker/docker/tree/master/experimental)

To ensure you are running the experimental Docker branch, check the version and look for the experimental tag:

```
$ docker -v
Docker version 1.8.0-dev, build f39b9a0, experimental
```

### Install and Bootstrap K/V Store


Multi-host networking uses a pluggable Key-Value store backend to distribute states using `libkv`.
`libkv` supports multiple pluggable backends such as `consul`, `etcd` & `zookeeper` (more to come).

In this example we will use `consul`

Install:

```
$ curl -OL https://dl.bintray.com/mitchellh/consul/0.5.2_linux_amd64.zip
$ unzip 0.5.2_linux_amd64.zip
$ mv consul /usr/local/bin/
```

**host-1** Start Consul as a server in bootstrap mode:

``` 
$ consul agent -server -bootstrap -data-dir /tmp/consul -bind=<host-1-ip-address>
```

**host-2** Start the Consul agent:

``` 
$ consul agent -data-dir /tmp/consul -bind=<host-2-ip-address>
$ consul join <host-1-ip-address>
```


### Start the Docker Daemon with the Network Driver Daemon Flags

**host-1** Docker daemon:

```
$ docker -d --kv-store=consul:localhost:8500 --label=com.docker.network.driver.overlay.bind_interface=eth0
```

**host-2** Start the Docker Daemon with the neighbor ID configuration:

```
$ docker -d --kv-store=consul:localhost:8500 --label=com.docker.network.driver.overlay.bind_interface=eth0 --label=com.docker.network.driver.overlay.neighbor_ip=<host-1-ip-address>
```

### QuickStart Containers Attached to a Network

**host-1** Start a container that publishes a service svc1 in the network dev that is managed by overlay driver.

```
$ docker run -i -t --publish-service=svc1.dev.overlay debian
root@21578ff721a9:/# ip add show eth0
34: eth0: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:ec:41:35:bf brd ff:ff:ff:ff:ff:ff
    inet 172.21.0.16/16 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:ecff:fe41:35bf/64 scope link
       valid_lft forever preferred_lft forever
```

**host-2** Start a container that publishes a service svc2 in the network dev that is managed by overlay driver.

```
$ docker run -i -t --publish-service=svc2.dev.overlay debian
root@d217828eb876:/# ping svc1
PING svc1 (172.21.0.16): 56 data bytes
64 bytes from 172.21.0.16: icmp_seq=0 ttl=64 time=0.706 ms
64 bytes from 172.21.0.16: icmp_seq=1 ttl=64 time=0.687 ms
64 bytes from 172.21.0.16: icmp_seq=2 ttl=64 time=0.841 ms
```
### Detailed Setup

You can also setup networks and services and then attach a running container to them.

**host-1**:

```
docker network create -d overlay prod 
docker network ls
docker network info prod
docker service publish db1.prod
cid=$(docker run -itd -p 8000:8000 ubuntu)
docker service attach $cid db1.prod
```

**host-2**:

```
docker network ls
docker network info prod
docker service publish db2.prod
cid=$(docker run -itd -p 8000:8000 ubuntu)
docker service attach $cid db2.prod
```

Once a container is started, a container on `host-1` and `host-2` both containers should be able to ping one another via IP, service name, \<service name>.\<network name>


View information about the networks and services using `ls` and `info` subcommands like so:

```
$ docker service ls
SERVICE ID          NAME                  NETWORK             CONTAINER
0771deb5f84b        db2                   prod                0e54a527f22c
aea23b224acf        db1                   prod                4b0a309ca311

$ docker network info prod
Network Id: 5ac68be2518959b48ad102e9ec3d8f42fb2ec72056aa9592eb5abd0252203012
	Name: prod
	Type: overlay

$ docker service info db1.prod
Service Id: aea23b224acfd2da9b893870e0d632499188a1a4b3881515ba042928a9d3f465
	Name: db1
	Network: prod
```

To detach and unpublish a service:

```
$ docker service detach $cid <service>.<network>
$ docker service unpublish <service>.<network>

# Example:
$ docker service detach $cid  db2.prod
$ docker service unpublish db2.prod
```

To reiterate, this is experimental, and will be under active development.