When the container is distributed over a plurality of different hosts, intercommunication between these containers becomes complicated. Containers between different hosts using their own private IP address, communication port needs to be mapped to the host's port container vessels between different hosts, and IP addresses need to use the host's IP address. Weave in order to solve this problem arise, put it on a different host container interconnected network similar to the network into a virtual local network.
Weave is based on a network, the network layer of the construct defined by software, the network looks like a local LAN, but in fact it communicates through the bottom of another network. The reliability of the network may be higher than the actual physical LAN to be worse, but from a usability point of view, it brought a lot of convenience: You can communicate between nodes in different locations, and though they were in one place . Such networks can also imagine a similar VPN-like things.
Weave Introduction
Weave是Github上一个比较热门的Docker容器网络方案,具有非常良好的易用性且功能强大。Weave 的框架它包含了两大主要组件:
1
)Weave:用户态的shell脚本,用于安装Weave,将container连接到Weave虚拟网络。并为它们分配IP。
2
)Weaver:运行于container内,每个Weave网络内的主机都要运行,是一个Go语言实现的虚拟网络路由器。不同主机之间的网络通信依赖于Weaver路由。
Weave通过创建虚拟网络使Docker容器能够跨主机通信并能够自动相互发现。
通过weave网络,由多个容器构成的基于微服务架构的应用可以运行在任何地方:主机,多主机,云上或者数据中心。
应用程序使用网络就好像容器是插在同一个网络交换机上一样,不需要配置端口映射,连接等。
在weave网络中,使用应用容器提供的服务可以暴露给外部,而不用管它们运行在何处。类似地,现存的内部系统也可以接受来自于应用容器的请求,而不管容器运行于何处。
一个Weave网络由一系列的
'peers'
构成
-
-
-
-
这些weave路由器存在于不同的主机上。每个peer都由一个名字,这个名字在重启之后保持不变.这个名字便于用户理解和区分日志信息。
每个peer在每次运行时都会有一个不同的唯一标识符(UID).对于路由器而言,这些标识符不是透明的,尽管名字默认是路由器的MAC地址。
Weave路由器之间建立起TCP连接,通过这个连接进行心跳握手和拓扑信息交换,这些连接可以通过配置进行加密。
peers之间还会建立UDP连接,也可以进行加密,这些UDP连接用于网络包的封装,这些连接是双工的而且可以穿越防火墙。
Weave网络在主机上创建一个网桥,每个容器通过veth pari连接到网桥上,容器由用户或者weave网络的IPADM分配IP地址。
Weave network may route packets in a network topology with the number of connecting portions. As follows: peer1 3 and directly connected, if one wants to transmit data to a 4 and 5, need peer3.
Select the reason weave
https://www.weave.works/docs/net/latest/overview/
1 ) hassle-free configuration Weave vessel network configuration can be simplified network. Because weave a network using standard container port service (eg, MySQL default 3306), the micro-management services is very straightforward. Each container can be a separate container through the domain name to communicate with, and may communicate directly without using the NAT, port mapping is not necessary to use complicated or linking. The greatest advantage of network deployment weave container is no need to modify your application code. 2 ) Service Discovery Weave a network by starting on each node " miniature the DNS " services to achieve service discovery. You just need to give your container a name can be found using the service can also provide load balancing of multiple functions on the container of the same name. 3 ) No additional clustered storage All other Docker network plug-ins, including Docker's own " overlay " drive, you can really use them in between, you need to install additional clustered storage ---- Consul or Zookeepr like a central database like. <br> in addition to installation, maintenance and management difficulties, even Docker host needs to stay connected with clustered storage, if you disconnect the connection therewith, although very short, you will not be able to start and stop any container up. Weave network is a network plug-in bundled with Docker, which means you can use it right away, but you can still start and stop the container when network connectivity problems. About introduce more Weave Docker plug-in, see how Weave Network Plugin work. 4 ) operates at a lower portion of connection Weave network to forward traffic between nodes, it is possible to work even in the case of a mesh network moiety. This means that you can in a mixed environment of legacy systems and applications of container used to hold Weave network communications. 5 ) Weave network soon Weave network automatically select the fastest path between two nodes, providing access to the local network throughput and latency, and it does not require your intervention. About Fast Datapath how it works, please refer to How Fast Datapath Works. 6 ) Multicast support Weave fully supports multicast network address and path. Data may be sent to a multicast address, copy of the data may be automatically broadcast. 7 ) NAT conversion Weave network use, deploy your application --- whether it is peer to peer file sharing, or other applications ip-based voice, you can take advantage of the built-in NAT translation. Weave through the network, your app will be a shift value of the container, Together with its network standardization process, but also it will make you less concerned about one thing. 8 ) integrated with any framework: Kubernetes, Mesos, Amazon ECS, ... If you want to use a tool for all framework, Weave network is a good choice. For example: In addition to being Docker plug-in uses, you can also use it as a Kubernetes plugin you can plug in the Amazon ECS, Mesos and. Marathon use it.
Weave network deployment
The official document: https: //www.weave.works/docs/net/latest/install/installing-weave/
3.1 Prerequisites
1) ensure that the node Linux kernel version 3.8 +, Docker1.10 +
Between 2) if the node has a firewall must release another TCP 6783 port and UDP 6783/6784, which is the control and data ports weave
3) not be the same host name, the host name identifying subnets
3.2 Node environment