|
| 1 | +## Using Netplugin with Docker Swarm |
| 2 | + |
| 3 | +This document describes how to use netplugin with docker swarm. |
| 4 | +Docker Swarm is a scheduler that schedules containers to multiple machines. Netplugin is a docker network plugin that provides multi host networking. |
| 5 | + |
| 6 | +Docker + Swarm + Netplugin == Awesome!! |
| 7 | + |
| 8 | +## Getting started |
| 9 | + |
| 10 | +Checkout netplugin tree and bringup vagrant setup |
| 11 | +``` |
| 12 | +mkdir -p src/github.com/contiv/ |
| 13 | +cd src/github/contiv |
| 14 | +git clone -b demo https://github.com/contiv/netplugin.git |
| 15 | +CONTIV_NODES=2 make build demo |
| 16 | +``` |
| 17 | +This brings up two VM cluster with docker, swarm and netplugin/netmaster running. |
| 18 | + |
| 19 | +Set the following environment variable to make docker client talk to Swarm |
| 20 | +``` |
| 21 | +export DOCKER_HOST=tcp://192.168.2.10:2375 |
| 22 | +``` |
| 23 | +Now, you should be able to see the information about the swarm cluster |
| 24 | +``` |
| 25 | +$ docker info |
| 26 | +Containers: 0 |
| 27 | +Images: 5 |
| 28 | +Engine Version: |
| 29 | +Role: primary |
| 30 | +Strategy: spread |
| 31 | +Filters: affinity, health, constraint, port, dependency |
| 32 | +Nodes: 2 |
| 33 | + netplugin-node1: 192.168.2.10:2385 |
| 34 | + └ Containers: 0 |
| 35 | + └ Reserved CPUs: 0 / 4 |
| 36 | + └ Reserved Memory: 0 B / 2.051 GiB |
| 37 | + └ Labels: executiondriver=native-0.2, kernelversion=4.0.0-040000-generic, operatingsystem=Ubuntu 15.04, storagedriver=devicemapper |
| 38 | + netplugin-node2: 192.168.2.11:2385 |
| 39 | + └ Containers: 0 |
| 40 | + └ Reserved CPUs: 0 / 4 |
| 41 | + └ Reserved Memory: 0 B / 2.051 GiB |
| 42 | + └ Labels: executiondriver=native-0.2, kernelversion=4.0.0-040000-generic, operatingsystem=Ubuntu 15.04, storagedriver=devicemapper |
| 43 | +CPUs: 8 |
| 44 | +Total Memory: 4.103 GiB |
| 45 | +Name: netplugin-node1 |
| 46 | +No Proxy: 192.168.0.0/16,localhost,127.0.0.0/8 |
| 47 | +``` |
| 48 | + |
| 49 | +Next, you can see if there are any containers running in the cluster |
| 50 | +``` |
| 51 | +$ docker ps |
| 52 | +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES |
| 53 | +``` |
| 54 | + |
| 55 | +Netmaster creates two networks by default |
| 56 | +``` |
| 57 | +$ contivctl network list |
| 58 | +Listing all networks for tenant default |
| 59 | +Network Public Encap Subnet Gateway |
| 60 | +private No vxlan 10.1.0.0/16 10.1.254.254 |
| 61 | +public Yes vlan 192.168.1.0/24 192.168.1.254 |
| 62 | +``` |
| 63 | + |
| 64 | +You can run containers and attach them to one of these networks as below. |
| 65 | +``` |
| 66 | +$ docker run -itd --publish-service foo.private ubuntu bash |
| 67 | +f291e269b45a5877f6fc952317feb329e12a99bda3a44a740b4c3307ef87954c |
| 68 | +``` |
| 69 | +publish-service takes service name in `<service>.<network>` format. Container above gets the servic ename `foo` in network `private` |
| 70 | + |
| 71 | +You can verify the container is running and has the correct service name |
| 72 | + |
| 73 | +``` |
| 74 | +$ docker ps |
| 75 | +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES |
| 76 | +f291e269b45a ubuntu "bash" 27 seconds ago Up 24 seconds netplugin-node2/elegant_shaw |
| 77 | +
|
| 78 | +$ docker inspect f291e269b45a | grep -i "net\|ip\|mac\|service" |
| 79 | + "NetworkSettings": { |
| 80 | + "GlobalIPv6Address": "", |
| 81 | + "GlobalIPv6PrefixLen": 0, |
| 82 | + "IPAddress": "10.1.0.1", <<<<<< IP address allocated by netplugin |
| 83 | + "IPPrefixLen": 16, |
| 84 | + "IPv6Gateway": "", |
| 85 | + "LinkLocalIPv6Address": "", |
| 86 | + "LinkLocalIPv6PrefixLen": 0, |
| 87 | + "MacAddress": "", |
| 88 | + "NetworkID": "56d09d456d83766d3709408f6f4cc95dfc4ea87731936cbad60f215e57d04a2e", |
| 89 | + "SandboxKey": "/var/run/docker/netns/3dce9fcdb134", |
| 90 | + "SecondaryIPAddresses": null, |
| 91 | + "SecondaryIPv6Addresses": null |
| 92 | + "IP": "192.168.2.11", |
| 93 | + "Name": "netplugin-node2", |
| 94 | + "NetworkMode": "default", |
| 95 | + "IpcMode": "", |
| 96 | + "PublishService": "foo.private", <<<<<< Service name for the container |
| 97 | + "NetworkDisabled": false, |
| 98 | + "MacAddress": "", |
| 99 | +``` |
| 100 | + |
| 101 | +You can verify netplugin has automatically created the endpoint groups using following command |
| 102 | +``` |
| 103 | +$ contivctl group list |
| 104 | +Listing all endpoint groups for tenant default |
| 105 | +Group Network Policies |
| 106 | +--------------------------------------------------- |
| 107 | +foo.private private -- |
| 108 | +bar.private private -- |
| 109 | +``` |
| 110 | + |
| 111 | +Or you can check netplugin oper state to verify endpoints have been created |
| 112 | +``` |
| 113 | +$ curl -s localhost:9999/endpoints | python -mjson.tool |
| 114 | +[ |
| 115 | + { |
| 116 | + "attachUUID": "", |
| 117 | + "contName": "00b913565f884adf9d75f0062e86df2f69fd806ac9ce0b2e32aca6331dbe13e8", |
| 118 | + "contUUID": "", |
| 119 | + "homingHost": "netplugin-node1", |
| 120 | + "id": "private-00b913565f884adf9d75f0062e86df2f69fd806ac9ce0b2e32aca6331dbe13e8", |
| 121 | + "intfName": "", |
| 122 | + "ipAddress": "10.1.0.2", |
| 123 | + "macAddress": "02:02:0a:01:00:02", |
| 124 | + "netID": "private", |
| 125 | + "portName": "port1", |
| 126 | + "vtepIP": "" |
| 127 | + }, |
| 128 | + { |
| 129 | + "attachUUID": "", |
| 130 | + "contName": "541d02264d1b1fd5989b188e1073e077c3a3ef77ec0cc5fa35dfd78f9808ef31", |
| 131 | + "contUUID": "", |
| 132 | + "homingHost": "netplugin-node2", |
| 133 | + "id": "private-541d02264d1b1fd5989b188e1073e077c3a3ef77ec0cc5fa35dfd78f9808ef31", |
| 134 | + "intfName": "", |
| 135 | + "ipAddress": "10.1.0.1", |
| 136 | + "macAddress": "02:02:0a:01:00:01", |
| 137 | + "netID": "private", |
| 138 | + "portName": "port1", |
| 139 | + "vtepIP": "" |
| 140 | + } |
| 141 | +] |
| 142 | +``` |
0 commit comments