Create an overlay network between containers on two virtual machines

This tutorial will help you to create an overlay network between two containers running on two different hosts. 

I have two centos virtual machines on virtual box which installed docker already using a binary file.

  • Machine 1 IP - 192.168.1.7
  • Machine 2 IP - 192.168.1.8
Before creating an overlay network we have to some prerequisites.            
    1. Configure firewall rules for docker daemons using overlay networks
    2. Run docker daemon as a swarm manage or swarm worker                                      
  1. Configure firewall rules for docker daemons using overlay networks
Each host must have open the following ports between the two docker hosts   
    • TCP port 2377
    • TCP and UDP port 7946
    • UDP port 4789
To do that you have to use following commands on both virtual machines
            firewall-cmd --zone=public --add-port=2377/tcp
            firewall-cmd --zone=public --add-port=7946/udp
            firewall-cmd --zone=public --add-port=7946/tcp
            firewall-cmd --zone=public --add-port=4789/udp
                          
This ports are not open after you restart the virtual machine. To make those ports permanent we need to add --permanent for the end of all of the above commands.
Ex :- firewall-cmd --zone=public --add-port=2377/tcp --permanent    


If you have already opened those it gives a warning. If not it gives a success message.  

        2. Run docker daemon as a swarm manage or swarm worker   

Before we create an overlay network we have to run docker daemon as a swarm manager using docker swarm init or hoin it using docker swarm join. You need to do this even if you never plan to use swarm services.
In my case I configured my machine 1 (192.168.1.5) as the swarm manager and machine 2 as swarm worker. When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host.
Before create the docker swarm let's look at the networks in docker using docker network ls command to clearly see the changes of swarm initialization.



In machine 1 run following command
docker swarm init




As you can see it gives details to add another node to this swarm as a manager or a worker. When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host

an overlay network called ingress, which handles control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.

a bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm

I am going to add the other virtual machine to this swarm as a worker. To do that we need to copy the above docker swarm join  command and execute in other machine.

You can see those networks using docker network ls command

In machine 2 run the following
    docker swarm join \
    --token SWMTKN-1-1a1rhyqa2szukp2xde3v2ak22vt3hrzt6c8hfj9j8i9iagzv31-agry8fywjwfpwiud4em4hg7q8 \
    192.168.43.145:2377

This is different on your computer because the ip adresses and the ports may changed. So copy the above section in the result of your swarm init command. 

If the second node connected to the swarm successfully you can see the message 'This node joined a swarm as a worker'. If you accidently lost the token you can get it by typing docker swarm join-token worker .

To check the swarm nodes go to the machine 1 and run the following command. You can see the two nodes in the swarm.
docker node ls



Now we are ready to create an overlay network.

On machine 1 run following
docker network create --driver=overlay --attachable my-network
This command creates an overlay network. The --attachable means we can add containers to this network later. This commands gives the network id as the result.

Now we can run a container attaching to this network. I am going to run a alpine container named alpine1 in interactive mode. To do that we need to execute following on machine1.
docker run -it --name alpine1 --network my-network alpine

It will gives the alpine1 containers' terminal

[optional] Open a new terminal check the running containers' details using docker inspect alpine1. You can see the network id we created and the containers' IP. Please do this in a separate terminal because the first terminal using by the alpine container.

On machine 2 run following
docker run -it --name alpine2 --network my-network alpine
As the machine1 his will run a alpine container named alpine2 in interactive mode attaching to my-network. Like before you can open a new terminal and check the running containers' details.

Now we can check whether the containers can communicate with each other.

On machine 1 - interactive alpine 1 terminal run following
ping -c 2 alpine2

On machine 1 - interactive alpine 1 terminal run following
ping -c 2 alpine1



Comments

Post a Comment

Popular posts from this blog

Introduction to Information Security

Image
Basically, information security is protecting information. But, from whom? or from what?  Information should be protected from unauthorized persons and should be kept safe without any data loss. Information Security has basic 3 components, commonly known as CIA. They are, Confidentiality Integrity Availability Confidentially            Sensitive information is only disclosed to authorized parties. Examples of confidentiality of electronic data being compromised include laptop theft, password theft, or sensitive emails being sent to the incorrect individuals. Integrity            Prevent unauthorized modification of data. Information security systems typically provide message integrity alongside to confidentiality. Availability              Guarantee the data can be accessed by authorized parties when request...
Read more

CSS Selectors

Image
There are 3 types of regular selectors in CSS. They are Element, Class & Id selector. We can style our html using either using one of those selectors or combining them. Element Selector This is the format of element selector. This is going to change the color of every paragraph element in the document into red. Example :     Class Selector This is the format of the class selector. Also this requires some modification for our html. We should use a ( . ) in the beginning where we define it but to use we only use the name without the dot. Example : Id Selector This is the format of id selector. We should use a ( # ) when we define it and no need of  ( # ) where we use the selector.                                                                                ...
Read more

Team building activities to improve Motivation

Image
Abstract             This article was written based on the speech of Lieutenant Colonel Kamila Perera proud military of Sri Lanka Navy. He delivered his valuable speech to UCSC first year students under Enhancement course at UCSC auditorium on 31 st October 2018. Introduction             This speech is mainly based on how to face to the challenges in our lives under difficult conditions. He didn’t get any role models other than him to explain us how to build up in the society. Body             He didn’t deliver a speech on a paper. All he did at the speech is sharing his life experience. That was very valuable to us other than a typical speech because all the things he told us was real and practical things. He didn’t had a comfortable childhood. He did his basic education under lot of circumstanc...
Read more