DockerDocker容器

centos上命名空间(容器)之间的通信 2019-05-17

2019-05-17  本文已影响1人  我是布谷鸟

目标:

使centos中的命名空间相互通信。
材料:centos7、veth pair、网桥和命名空间。
veth pair端口:
这是一种成对出现的端口,这种端口的特点是从左边端口进入的数据包一定从右边端口出来。
拓扑图:

命名空间(容器)之间的通信.jpg

准备:

需要安装openvswitch软件包

[root@server ~]# yum -y install openvswitch
并运行:
[root@server ~]# systemctl start openvswitch

过程:

创建两个命名空间:

[root@server ~]# ip netns add ns1 
[root@server ~]# ip netns add ns2
[root@server ~]# ip netns list
ns2
ns1

创建一个网桥:

[root@server ~]# ovs-vsctl add-br br-test
[root@server ~]# ovs-vsctl list-br
br-test

在网桥上创建内部通信端口(成对出现):

[root@server ~]# ovs-vsctl add-port br-test tap1 -- set interface tap1 type=internal 
[root@server ~]# ovs-vsctl add-port br-test tap2 -- set interface tap2 type=internal 
[root@server ~]# ovs-vsctl list-ports br-test
tap1
tap2

将端口放入命名空间:

[root@server ~]# ip link set tap1 netns ns1 
[root@server ~]# ip link set tap2 netns ns2

到命名空间内配置端口地址:

[root@server ~]# ip netns exec ns1 ip addr add 172.16.0.10/24 dev tap1 
[root@server ~]# ip netns exec ns2 ip addr add 172.16.0.20/24 dev tap2

开启设备:

[root@server ~]# ip netns exec ns1 ip link set lo up
[root@server ~]# ip netns exec ns2 ip link set lo up
[root@server ~]# ip netns exec ns1 ip link set tap1 up 
[root@server ~]# ip netns exec ns2 ip link set tap2 up

查看地址:

[root@server ~]# ip netns exec ns1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
8: tap1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether ae:f4:b4:52:70:ed brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.10/24 scope global tap1
       valid_lft forever preferred_lft forever
    inet6 fe80::acf4:b4ff:fe52:70ed/64 scope link 
       valid_lft forever preferred_lft forever
[root@server ~]# ip netns exec ns2 ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
9: tap2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 36:71:bc:e3:cc:6e brd ff:ff:ff:ff:ff:ff
    inet 172.16.0.20/24 scope global tap2
       valid_lft forever preferred_lft forever
    inet6 fe80::3471:bcff:fee3:cc6e/64 scope link 
       valid_lft forever preferred_lft forever

主机名映射:

[root@server ~]# ip netns exec ns1 echo "172.16.0.20 ns2" >> /etc/hosts
[root@server ~]# ip netns exec ns2 echo "172.16.0.10 ns1" >> /etc/hosts

测试:

[root@server ~]# ip netns exec ns1 ping ns2
PING ns2 (172.16.0.20) 56(84) bytes of data.
64 bytes from ns2 (172.16.0.20): icmp_seq=1 ttl=64 time=0.342 ms
64 bytes from ns2 (172.16.0.20): icmp_seq=2 ttl=64 time=0.096 ms
64 bytes from ns2 (172.16.0.20): icmp_seq=3 ttl=64 time=0.086 ms

[root@server ~]# ip netns exec ns2 ping ns1
PING ns1 (172.16.0.10) 56(84) bytes of data.
64 bytes from ns1 (172.16.0.10): icmp_seq=1 ttl=64 time=0.056 ms
64 bytes from ns1 (172.16.0.10): icmp_seq=2 ttl=64 time=0.055 ms
64 bytes from ns1 (172.16.0.10): icmp_seq=3 ttl=64 time=0.076 ms
上一篇下一篇

猜你喜欢

热点阅读