使用DNS的多云swarm集群服务发现
[英]Multi-cloud swarm cluster service discovery using DNS
问题描述
I've managed to create a multi-cloud swarm cluster, with a leader node on GCP and a worker node on AWS.
我设法创建了一个多云群集群,在 GCP 上有一个领导节点,在 AWS 上有一个工作节点。 Deployment is running fine, but the only issue I've stumbled upon is the service discovery using DNS names.部署运行良好,但我偶然发现的唯一问题是使用 DNS 名称的服务发现。
For example, I have deployed a service called db on the leader node (GCP) and an app service on the worker node (AWS).例如,我在领导节点 (GCP) 上部署了一个名为db的服务,在工作节点 (AWS) 上部署了一个应用程序服务。 They are using an overlay network defined as such:他们使用如下定义的覆盖网络:
networks:
internal:
attachable: true
driver: overlay
ipam:
config:
- subnet: 10.0.69.0/24
On the GCP network, I've opened the following ports:在 GCP 网络上,我打开了以下端口:
- 2377 TCP port for cluster management communications; 2377用于集群管理通信的 TCP 端口;
- 7946 TCP&UDP ports for communication among nodes; 7946个用于节点间通信的TCP&UDP端口;
- 4789 for overlay network traffic. 4789用于覆盖网络流量。
On the AWS network, I've opened the following ports:在 AWS 网络上,我打开了以下端口:
- 7946 TCP&UDP ports for communication among nodes; 7946个用于节点间通信的TCP&UDP端口;
- 4789 for overlay network traffic. 4789用于覆盖网络流量。
(source: https://docs.docker.com/engine/swarm/swarm-tutorial/ ) (来源: https : //docs.docker.com/engine/swarm/swarm-tutorial/ )
The db container gets the IP 10.0.69.8 and the app container gets the IP 10.0.69.21 . db容器获得 IP 10.0.69.8 ,应用程序容器获得 IP 10.0.69.21 。 Containers are not able to ping each other, nor resolve the db and app DNS names.容器无法相互 ping,也无法解析db和app DNS 名称。 All I get is Destination Host Unreachable when I try to ping the other one.当我尝试 ping 另一个时,我得到的只是Destination Host Unreachable 。
Is my approach sketchy and I'm missing something?我的方法是否粗略,我错过了什么? Or am I breaking something fundamental?还是我破坏了一些基本的东西? Does a multi-cloud swarm cluster require already connected networks?多云群集群是否需要已经连接的网络? And if so, is a VPN between GCP and AWS networks the only way?如果是这样,GCP 和 AWS 网络之间的 VPN 是唯一的方法吗?
1 个解决方案
解决方案1
0 2020-11-10 13:05:42
If you want to create one swarm (cluster) in two different clouds you have to use VPN - to the best of my knowledge there's no way around it.如果您想在两个不同的云中创建一个群(集群), 您必须使用 VPN - 据我所知,没有办法绕过它。
As you see the nodes can communicate using public IP's but the containers cannot (they can only use internal IP's) and your GCP & AWS networks aren't connected.如您所见,节点可以使用公共 IP 进行通信,但容器不能(它们只能使用内部 IP)并且您的 GCP 和 AWS 网络未连接。
"Services or containers can only communicate across networks they are each connected to."
In such case DNS resolving isn't the issue here.在这种情况下,DNS 解析不是这里的问题。 Just the effect.效果而已。
When you connect networks make sure the IP's of the GCP and AWS subnets aren't overlapping - otherwise you may face another issue and have to resort using double-NAT or some other very overcomplicated solutions.当您连接网络时,请确保 GCP 和 AWS 子网的 IP 不重叠 - 否则您可能会面临另一个问题,不得不求助于双 NAT 或其他一些非常复杂的解决方案。
It's best to keep it simple (read - better to use just one cloud) and keep your cluster there.最好保持简单(阅读 - 最好只使用一个云)并将您的集群保持在那里。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.