To configure the Docker engines to use Consul as an Key-Value store, we start the daemons with the cluster-store option: $ dockerd -H fd:// -cluster-store=consul://consul:8500 -cluster-advertise=eth0:2376 client 0.0.0.0: bind all network interfaces for client access (default is 127.0.0.1 only).ui: start a small web interface allowing us to easily look at the keys stored by Docker and their values.dev: create a standalone Consul server without any persistency.server: start the consul agent in server mode.We can then start a very minimal Consul service with the following command: $ consul agent -server -dev -ui -client 0.0.0.0 To do this, we simply download Consul from here. The first thing we need to do is to start a Consul server. In our example, the servers will have the following IP addresses: We are running Consul on a single node but in a real environment we would need a cluster of at least three nodes for resiliency. We chose to use Consul because it allows us to look into the keys stored by Docker and understand better the role of the Key-Value store. Starting with Docker 1.12, Docker can now rely on an internal Key-Value store to create Swarms and overlay networks (“Swarm mode” or “new swarm”). Before Docker 1.12, Docker required an external Key-Value store (Etcd or Consul) to create overlay networks and Docker Swarms (now often referred to as “classic Swarm”). Docker will use Consul to store the overlay networks metadata that needs to be shared by all the Docker engines: container IPs, MAC addresses and location. In our example, we will do this with three hosts: two running Docker and one running Consul. Docker Overlay Networksįirst, we are going to build an overlay network between Docker hosts.
#Docker network scope code
The slides are available here.Īll the code used in this post is available on GitHub. This post is derived from the presentation I gave at DockerCon2017 in Austin. This article will present each of these mechanisms one by one along with their userland tools and show hands-on how they interact together when setting up an overlay to connect containers.
#Docker network scope driver
The Docker network overlay driver relies on several technologies: network namespaces, VXLAN, Netlink and a distributed key-value store. This blog post is focused on the Docker network overlays. That is why we have tried to understand as best as we can the technical components used by Docker. We believe that going into production requires a strong understanding of the technology to be able to debug complex issues, analyze unexpected behaviors or troubleshoot performance degradations. Temps de lecture : 11 minutes IntroductionĪt D2SI, we have been using Docker since its very beginning and have been helping many projects go into production.