简体繁体 English

不同数据中心之间的Docker覆盖网络

[英]Docker overlay network among different datacenters

原文 2018-08-09 14:56:02 0 2 docker/ docker-ingress

all. 所有。 I'm learning Docker. 我正在学习Docker。 But still cannot find any documentations about how Docker ingress network connect several separated hosts. 但是仍然找不到有关Docker Ingress网络如何连接几个分离的主机的任何文档。

I have 2 VMs in different datacenters and want create swarm cluster on them. 我在不同的数据中心中有2个VM，并希望在它们上创建群集集群。 Is it possible that default installed ingress network makes containers on vm1 visible for containers on vm2 inside some overlay network? 是否可以使用默认安装的入口网络使vm1上的容器对于某些覆盖网络内的vm2上的容器可见？ Or both vm1 and vm2 should be in same local network? 还是vm1和vm2应该在同一局域网中？

2 个解决方案

If both hosts are part of the same docker swarm cluster then from perspective of docker it does not matter that they are in different data centers. 如果两个主机都是同一个docker swarm集群的一部分，那么从docker的角度来看，它们都位于不同的数据中心中无关紧要。 Routing between services will just work. 服务之间的路由将起作用。 For example service1 on host1 will be able to access service2 in another data center. 例如，主机1上的service1将能够访问另一个数据中心中的service2。 You might however need to account for any possibly large latencies that would occur because of physical distance of hosts. 但是，您可能需要考虑由于主机的物理距离而可能发生的任何大延迟。

It is also the same story with the ingress network. 入口网络也是如此。 It does not care that there are 2 data centers. 不在乎是否有2个数据中心。 Any swarm cluster node will participate in it and route incoming requests to the correct service/host. 任何群集集群节点都将参与其中，并将传入请求路由到正确的服务/主机。

In general, it's not recommended to span datacenters within a Swarm. 通常，不建议跨Swarm中的数据中心。 You can span availability zones (datacenters in same geo area that are ~10ms or less latency) but between regions should be their own Swarms. 您可以跨越可用性区域（同一地理区域中的数据中心的延迟大约为10ms或更短），但是区域之间应该是它们自己的Swarms。 This is 100% a latency issue of inter-virtual-network traffic (overlay driver) and the Raft consensus traffic between Swarm managers. 这是虚拟网络间流量（覆盖驱动程序）和Swarm管理器之间的Raft共识流量之间存在100％的延迟问题。 There is no hard limit on latency, but you likely don't want the complexity in a single Swarm of trying to prevent traffic in your apps from hopping back and forth between datacenters... unless the datacenters are very low latency. 延迟没有硬性限制，但是您可能不希望在单一集群中尝试阻止应用程序中的流量在数据中心之间来回跳动的复杂性……除非数据中心的延迟非常低。

For more data on this look at the Docker Success site (search swarm overlay and filter to reference), as the Docker EE requirements for Swarm are the same as Docker CE generally. 有关更多信息，请访问Docker Success站点（搜索swarm覆盖并过滤以供参考），因为Swarm的Docker EE要求与Docker CE通常相同。

The other requirement between nodes in a Swarm is that they have ports open between each other's public IP's . Swarm中节点之间的另一个要求是，它们的端口在彼此的公共IP之间开放。 Ideally, there is no NAT between nodes. 理想情况下，节点之间不存在NAT。