无法在swarm撰写yaml文件中使用用户定义的网桥 [英] can not use user-defined bridge in swarm compose yaml file

问题描述

我从 docker文档了解到，我可以不要使用docker DNS来使用其主机名查找容器，而无需利用用户定义的网桥网络.我使用以下命令创建了一个:

I learned from docker documentation that I can not use docker DNS to find containers using their hostnames without utilizing user-defined bridge network. I created one using the command:

docker network create --driver=overlay --subnet=172.22.0.0/16 --gateway=172.22.0.1 user_defined_overlay

，并尝试部署一个使用它的容器.撰写文件如下:

and tried to deploy a container that uses it. compose file looks like:

  version: "3.0"
    services:
      web1:
        image: "test"
        ports:
           - "12023:22"
        hostname: "mytest-web1"
        networks:
          - test
      web2:
        image: "test"
        ports:
           - "12024:22"
        hostname: "mytest-web2"
        networks:
          - test
    networks:
      test:
        external: 
          name: user_defined_overlay

我的docker版本是:Docker version 17.06.2-ce, build cec0b72 尝试部署堆栈时出现以下错误:

my docker version is: Docker version 17.06.2-ce, build cec0b72 and I got the following error when I tried deploying the stack:

network "user_defined_bridge" is declared as external, but it is not in the right scope: "local" instead of "swarm"

我能够创建一个覆盖网络并在撰写文件中对其进行定义.效果很好，但不适用于桥接. docker network ls的结果:

I was able to create an overlay network and define it in compose file. that worked fine but it didn't for bridge. result of docker network ls:

NETWORK ID          NAME                       DRIVER              SCOPE
cd6c1e05fca1        bridge                     bridge              local
f0df22fb157a        docker_gwbridge            bridge              local
786416ba8d7f        host                       host                local
cuhjxyi98x15        ingress                    overlay             swarm
531b858419ba        none                       null                local
15f7e38081eb        user_defined_overlay       overlay             swarm

更新

我尝试创建在两个不同的群集节点上运行的容器(第一个容器在管理器节点上运行，第二个容器在工作节点上运行)，我指定了用户定义的覆盖网络，如上面的堆栈所示.我尝试使用主机名从mytest-web1容器内ping到mytest-web2容器，但得到了unknown host mytest-web2

I tried creating two containers running on two different swarm nodes(1st container runs on manager while second runs on worker node) and I specified the user-defined overlay network as shown in stack above. I tried pinging mytest-web2 container from within mytest-web1 container using hostname but I got unknown host mytest-web2

推荐答案

从17.06开始，您可以创建具有群集作用域的节点本地网络.使用--scope=swarm选项，例如:

As of 17.06, you can create node local networks with a swarm scope. Do so with the --scope=swarm option, e.g.:

docker network create --scope=swarm --driver=bridge \
  --subnet=172.22.0.0/16 --gateway=172.22.0.1 user_defined_bridge

然后，您可以将此网络与以群集模式定义的服务和堆栈一起使用.有关更多详细信息，请参见 PR#32981 .

Then you can use this network with services and stacks defined in swarm mode. For more details, you can see PR #32981.

您似乎使问题变得非常复杂.只要一切都在单个撰写文件中完成，就无需将网络定义为外部网络.如果要在容器与容器之间进行通信，则需要使用覆盖网络. DNS发现包括在网桥和覆盖网络中，但docker创建的默认网桥"网络除外.如果使用撰写文件，则除非明确将其配置为具有该名称的外部网络，否则您将永远不会使用该网络.因此，要使容器到容器网络正常工作，您可以使用以下命令让docker-compose或docker stack deploy为您的项目/堆栈自动创建网络:

you appear to have significantly overcomplicated your problem. As long as everything is being done in a single compose file, there's no need to define the network as external. There is a requirement to use an overlay network if you want to communicate container-to-container. DNS discovery is included on bridge and overlay networks with the exception of the default "bridge" network that docker creates. With a compose file, you would never use this network without explicitly configuring it as an external network with that name. So to get container to container networking to work, you can let docker-compose or docker stack deploy create the network for your project/stack automatically with:

version: "3.0"
   services:
     web1:
       image: "test"
       ports:
       - "12023:22"
     web2:
       image: "test"
       ports:
         - "12024:22"

请注意，我还删除了主机名"设置. DNS解析不需要它.您可以从这些容器中的任何一个直接与名称为"web1"或"web2"的服务VIP通信.

Note that I have also removed the "hostname" setting. It's not needed for DNS resolution. You can communicate directly with a service VIP with the name "web1" or "web2" from either of these containers.

使用docker-compose，它将创建一个默认的网桥网络.群集模式将创建一个覆盖网络.这些默认值是允许在每种情况下进行DNS发现和容器到容器通信的理想选择.

With docker-compose it will create a default bridge network. Swarm mode will create an overlay network. These defaults are ideal to allow DNS discovery and container-to-container communication in each of the scenarios.

这篇关于无法在swarm撰写yaml文件中使用用户定义的网桥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！