8

我正在尝试研究如何在 Docker 中正确使用 swarm 模式。首先,我尝试在我的 2 台工作人员和经理机器上运行容器,而不指定自定义网络(所以我使用默认的入口覆盖网络)。但是,如果我使用入口网络,由于某种原因我无法解析tasks.myservice.

所以我尝试像这样配置自定义网络:

docker network create -d overlay elasticnet

所以现在,当我bash进入其中一个容器时,我可以成功解析tasks.myservice,但我无法再访问我在--publish外部创建服务中定义的端口(当我使用入口网络时可以访问)。

有没有办法:

  1. 使用入口网络并能够解析tasks.myservice或任何其他将指向我所有服务容器的 DNS 记录?

  2. 或者,使用自定义网络,但--publish端口正确,以便我可以从外部访问它们?

编辑

这就是我创建服务的方式,

没有自定义网络:

docker service create --replicas 3 --label elasticsearch --endpoint-mode vip --name elastic -e ES_HOSTS="tasks.elastic" --publish 9200:9200 --mount type=bind,source=/tmp/es,destination=/usr/share/elasticsearch/config  --update-delay 10s   es:latest

使用自定义网络:

docker service create --replicas 3 --network elasticnet --label elasticsearch --endpoint-mode vip --name elastic -e ES_HOSTS="tasks.elastic" --publish 9200:9200 --mount type=bind,source=/tmp/es,destination=/usr/share/elasticsearch/config  --update-delay 10s   es:latest
4

2 回答 2

1

Look at the example below:

1.Create user defined overlay network: 

sudo docker network create overlay1 --driver overlay
9g4ipjn513iy        overlay1            overlay             swarm

2.Run a service with exposed ports and 3 replicas:

sudo docker service create --name nginx --replicas 3 --publish 80:80 --network overlay1 nginx

You dont have to specify endpoint-mode if you gonna use VIP, its the default.

sudo docker service  ps nginx
ID                         NAME     IMAGE  NODE  DESIRED STATE  CURRENT STATE           ERROR
dbz8b4jjfp6xg3vqunt1x8shx  nginx.1  nginx  dg1   Running        Running 13 minutes ago  
9d8zr6zka0sp99vadr8eqq2t2  nginx.2  nginx  dg3   Running        Running 13 minutes ago  
cwbcegunuxz5ye9a8ghdrc4fg  nginx.3  nginx  dg3   Running        Running 12 minutes ago

3.Verification: Testing Exposed port from one of the nodes:

administrator@dg1:~$ telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '^]'.

Testing exposed port from external host:

user@externalhost /home/balrog% telnet dg1 80
Trying 172.30.135.101...
Connected to 172.30.135.101.
Escape character is '^]'.

Testing DNS lookup from inside of containers:

sudo docker exec -it 05d05f934c68 /bin/bash
root@05d05f934c68:/# ping nginx                                                                                                                                         
PING nginx (10.0.0.3): 56 data bytes
64 bytes from 10.0.0.3: icmp_seq=0 ttl=64 time=0.050 ms
64 bytes from 10.0.0.3: icmp_seq=1 ttl=64 time=0.121 ms

root@05d05f934c68:/# ping tasks.nginx 
PING tasks.nginx (10.0.0.5): 56 data bytes
64 bytes from 10.0.0.5: icmp_seq=0 ttl=64 time=0.037 ms
64 bytes from 10.0.0.5: icmp_seq=1 ttl=64 time=0.149 ms

ElasticSearch Specific Suggestion:

Elasticseach has its own clustering that provides Failover and Loadbalancing features.

You can use shards and replicas per index in elasticsearch hosts that are part of elasticsearch cluster.

This being said, I suggest you create 3 Services with 1 replica each, then join then in an elasticsearch cluster, then create indexes with 3 shards and 3 replicas. You will have loadbalancing and failover within elasticsearch cluster.

To read more about shards, Use this.

于 2016-12-08T08:15:15.410 回答
0

我们在这里缺少的是您的服务定义,或者您在定义容器时是否使用了老式的 docker run。

如果您使用了 docker 服务功能(在 docker 1.12 中可用),您仍然可以通过服务公开您的端口

docker create --name nodejs1 --network anti-spam -p 1230:123 --replicas 1 image:version

您的服务将在反垃圾邮件网络上创建,如果您创建了另一个服务 nodejs2,它们将能够使用服务名称(如主机名)相互联系。

发布仍然可以在 swarm 上工作,但每个主机都会监听 1230 端口,然后将其网状路由到其中一个容器。

于 2016-12-02T20:18:08.363 回答