CN106878484A - A kind of method of configuration Docker cluster external containers IP - Google Patents

A kind of method of configuration Docker cluster external containers IP Download PDF

Info

Publication number
CN106878484A
CN106878484A CN201710108067.0A CN201710108067A CN106878484A CN 106878484 A CN106878484 A CN 106878484A CN 201710108067 A CN201710108067 A CN 201710108067A CN 106878484 A CN106878484 A CN 106878484A
Authority
CN
China
Prior art keywords
external
docker
container
containers
tables
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710108067.0A
Other languages
Chinese (zh)
Inventor
李珂
潘峰
王德奎
刘安
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201710108067.0A priority Critical patent/CN106878484A/en
Publication of CN106878484A publication Critical patent/CN106878484A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5061Pools of addresses

Abstract

The invention provides a kind of method of configuration Docker cluster external containers IP, the method ensures flexibly access the service of Docker clusters container offer in outside.Docker cluster environment initial configuration external IPs simultaneously give background data base preservation, while establishing route in main frame.An external IP can be assigned to after Docker clusters establishment container and supplies outside access, background data base record mapping relations.Docker clusters destroy container and delete Linux Iptables rules, and background data base deletion record simultaneously reclaims external IP.

Description

A kind of method of configuration Docker cluster external containers IP
Technical field
It is especially a kind of based on Linux Iptables rule the present invention relates to a kind of technology of computer software application Then with the method for Mariadb databases configuration Docker cluster external containers IP, it is ensured that can flexibly be accessed in outside The service that Docker clusters container is provided.
Background technology
In the prior art, known technology is that Docker is an engine increased income, and can be easily any one Using a transplantable, self-centered container for lightweight is created, the container that developer's compiler test passes through can batch Disposed in production environment, including virtual machine, OpenStack clusters and other basic application platform.Docker clusters are created The Overlay patterns for supporting multi-host communication are generally used when building container, outside access container service must use port mapping Mode, there is the not enough critical defect of host port in this.Therefore we need a kind of configuration Docker cluster external containers IP Method, can be in outside more flexible access container service.
Linux Iptables are the ip packet filter rules for setting, safeguarding and checking linux kernel.We use NAT table therein is used for network address translation, comprising tri- chains of PREROUTING, OUTPUT, POSTROUTING.Each chain It is a list of rules, corresponding bag is matched;The matched bag for the treatment of is specified how per rule, also may be used To jump to user-defined chain in same table.Mariadb databases mainly have open source community to tie up as a branch of MySQL Shield, using GPL authorizations, the purpose is to completely compatible MySQL, including API and order line, is allowed to easily turn into MySQL's Substitute, but all strong MySQL excessively in terms of expanded function, storage engines and some new function improvement.
The content of the invention
The purpose of the present invention provides a kind of configuration Docker cluster containers aiming at the deficiency existing for prior art The method of external IP, the method ensures flexibly access the service of Docker clusters container offer in outside.Docker collection Group rings border initial configuration external IP simultaneously gives background data base preservation, while establishing route in main frame.Docker clusters are created Building after container can be assigned to an external IP and supply outside access, background data base record mapping relations.Docker clusters are destroyed and held Device deletes Linux Iptables rules, and background data base deletion record simultaneously reclaims external IP.
This programme is achieved by the following technical measures:A kind of method of configuration Docker cluster external containers IP, Comprise the following steps:
1)Main frame builds Docker cluster environment, configures the essential information of external network, and background data base is set up tables of data and protected Information is deposited, while Docker main frames choose the establishment that first external IP is route, the data-base recording external IP;
2)Need to apply for external IP, back-end data library searching tables of data distribution IP available during Docker creating environments containers;Issue The IP and routing iinformation are added to main frame where container and perform Linux Iptables rules, now can access container with the IP The mapping of service, data-base recording external IP and inside IP;
3)Docker environment is needed to discharge external IP when destroying container, and notice background data base deletion external IP is reflected with inside IP's Record is penetrated, external IP is reset into upstate;Issue the IP and delete corresponding Linux Iptables to main frame where container Rule.
Described step 1)Middle essential information includes CIDR sections of CIDR selection, gateway, IP available section.
Described Linux Iptables rules are used to change source or the destination address of bag using NAT table.
Described background data base uses Mariadb databases, background data base to set up Network, Subnet, IP tri- Table, wherein Network token record the essential information of each network, map one or more Subnet tables;Subnet tokens record each The IP available section of network, maps one or more IP tables;IP token record each IP and its whether available state.
The beneficial effect of this programme can be learnt according to the narration to such scheme, due to being integrated in production ring in this scenario Under border in Docker cluster managements environmental project, container can flexibly be applied and discharge external IP as needed, so as to complete The control management of Docker cluster networks and the flexible access of container service;Configuration external network when Docker clusters are initialized IP available scope, background data base receives parameter and sets up tables of data and preserve data, while initializing route on cluster system. IP is distributed after Docker clusters establishment container from external IP pond and is issued to main frame increase Linux Iptables rules, backstage Data-base recording inside IP and external IP map information, now Docker containers can be conducted interviews with the external IP.Docker Delete Linux Iptables rule in place main frame when cluster destroys container, background data base delete inside IP before this with External IP map record, the external IP of returnable is simultaneously set to available state to be allocated again.As can be seen here, it is of the invention with it is existing Technology is compared, and with prominent substantive distinguishing features and significant progress, its beneficial effect implemented is also obvious.
Specific embodiment
For the technical characterstic for illustrating this programme can be understood, below by a specific embodiment, this programme is explained State.
A kind of method of configuration Docker cluster external containers IP of this programme, comprises the following steps:
1)Main frame builds Docker cluster environment, configures the essential information of external network, and background data base is set up tables of data and protected Information is deposited, while Docker main frames choose the establishment that first external IP is route, the data-base recording external IP;Essential information Including CIDR sections of CIDR selection, gateway, IP available section.
2)Need to apply for external IP, back-end data library searching tables of data distribution IP available during Docker creating environments containers; Issue the IP and routing iinformation to be added to main frame where container and perform Linux Iptables rules, can now be accessed with the IP The mapping of container service, data-base recording external IP and inside IP;
3)Docker environment is needed to discharge external IP when destroying container, and notice background data base deletion external IP is reflected with inside IP's Record is penetrated, external IP is reset into upstate;Issue the IP and delete corresponding Linux Iptables to main frame where container Rule.
Described Linux Iptables rules are used to change source or the destination address of bag using NAT table.Described backstage Database uses Mariadb databases, background data base to set up tri- tables of Network, Subnet, IP, wherein Network tokens The essential information of each network is recorded, one or more Subnet tables are mapped;Subnet tokens record the IP available section of each network, mapping One or more IP tables;IP token record each IP and its whether available state.
The present invention is not limited in above-mentioned specific embodiment, and those of ordinary skill in the art are in essential scope of the invention Change, remodeling, addition or the replacement inside made, should also belong to protection scope of the present invention.

Claims (4)

1. a kind of method of configuration Docker cluster external containers IP, it is characterised in that comprise the following steps:
1)Main frame builds Docker cluster environment, configures the essential information of external network, and background data base is set up tables of data and protected Information is deposited, while Docker main frames choose the establishment that first external IP is route, the data-base recording external IP;
2)Need to apply for external IP, back-end data library searching tables of data distribution IP available during Docker creating environments containers;Issue The IP and routing iinformation are added to main frame where container and perform Linux Iptables rules, now can access container with the IP The mapping of service, data-base recording external IP and inside IP;
3)Docker environment is needed to discharge external IP when destroying container, and notice background data base deletion external IP is reflected with inside IP's Record is penetrated, external IP is reset into upstate;Issue the IP and delete corresponding Linux Iptables to main frame where container Rule.
2. the method for a kind of configuration Docker cluster external containers IP according to claim 1, it is characterized in that:Described step Rapid 1)Middle essential information includes CIDR sections of CIDR selection, gateway, IP available section.
3. the method for configuration Docker cluster external containers IP according to claim 1 and 2, it is characterized in that:Described Linux Iptables rules are used to change source or the destination address of bag using NAT table.
4. the method for configuration Docker cluster external containers IP according to claim 1, it is characterized in that:Described rear number of units Mariadb databases, background data base is used to set up tri- tables of Network, Subnet, IP, wherein Network token records according to storehouse The essential information of each network, maps one or more Subnet tables;Subnet tokens record the IP available section of each network, mapping one To multiple IP tables;IP token record each IP and its whether available state.
CN201710108067.0A 2017-02-27 2017-02-27 A kind of method of configuration Docker cluster external containers IP Pending CN106878484A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710108067.0A CN106878484A (en) 2017-02-27 2017-02-27 A kind of method of configuration Docker cluster external containers IP

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710108067.0A CN106878484A (en) 2017-02-27 2017-02-27 A kind of method of configuration Docker cluster external containers IP

Publications (1)

Publication Number Publication Date
CN106878484A true CN106878484A (en) 2017-06-20

Family

ID=59167948

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710108067.0A Pending CN106878484A (en) 2017-02-27 2017-02-27 A kind of method of configuration Docker cluster external containers IP

Country Status (1)

Country Link
CN (1) CN106878484A (en)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107454207A (en) * 2017-08-14 2017-12-08 郑州云海信息技术有限公司 A kind of method and Docker clusters of configuration Overlay web container external IPs
CN107580083A (en) * 2017-09-20 2018-01-12 北京京东尚科信息技术有限公司 A kind of method and system of container IP address distribution
CN107666525A (en) * 2017-09-08 2018-02-06 北京京东尚科信息技术有限公司 The method and apparatus of cluster container IP distribution
CN107770298A (en) * 2017-09-30 2018-03-06 华为技术有限公司 The method and apparatus for transmitting data
CN107995326A (en) * 2017-12-13 2018-05-04 北京搜狐新媒体信息技术有限公司 The management method and device of a kind of capacitor network
CN109656686A (en) * 2018-12-17 2019-04-19 武汉烽火信息集成技术有限公司 The upper deployment container cloud method of OpenStack, storage medium, electronic equipment and system
CN110049081A (en) * 2018-01-17 2019-07-23 广东亿迅科技有限公司 For build and using high availability Docker private library method and system
CN110750332A (en) * 2019-10-23 2020-02-04 广西梯度科技有限公司 Method for setting static IP (Internet protocol) in Pod in Kubernetes
CN110881007A (en) * 2018-09-05 2020-03-13 北京京东尚科信息技术有限公司 Container cluster network access method and device
CN112003750A (en) * 2020-08-24 2020-11-27 浪潮云信息技术股份公司 Data center host Overlay network access control method
CN112015544A (en) * 2020-06-30 2020-12-01 苏州浪潮智能科技有限公司 Load balancing method, device and equipment of k8s cluster and storage medium
CN112711464A (en) * 2021-01-22 2021-04-27 南京英诺森软件科技有限公司 Device and system for self-service Docker configuration
CN114615064A (en) * 2022-03-15 2022-06-10 北京旋极安辰计算科技有限公司 Management and control method for creation and destruction of Docker container
US11456987B1 (en) 2021-05-07 2022-09-27 State Farm Mutual Automobile Insurance Company Systems and methods for automatic internet protocol address management

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104951360A (en) * 2015-06-30 2015-09-30 北京奇虎科技有限公司 Configuration management mode and device based on Docker
CN105824688A (en) * 2016-03-16 2016-08-03 合网络技术(北京)有限公司 Method for solving start concurrence bottleneck of docker container
CN106101171A (en) * 2016-05-24 2016-11-09 中国联合网络通信集团有限公司 Server method of attachment and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104951360A (en) * 2015-06-30 2015-09-30 北京奇虎科技有限公司 Configuration management mode and device based on Docker
CN105824688A (en) * 2016-03-16 2016-08-03 合网络技术(北京)有限公司 Method for solving start concurrence bottleneck of docker container
CN106101171A (en) * 2016-05-24 2016-11-09 中国联合网络通信集团有限公司 Server method of attachment and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHIPENGFEI92: "利利⽤用iptables给Docker绑定一个外网IP", 《CSDN》 *

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107454207A (en) * 2017-08-14 2017-12-08 郑州云海信息技术有限公司 A kind of method and Docker clusters of configuration Overlay web container external IPs
CN107666525A (en) * 2017-09-08 2018-02-06 北京京东尚科信息技术有限公司 The method and apparatus of cluster container IP distribution
CN107666525B (en) * 2017-09-08 2020-11-24 北京京东尚科信息技术有限公司 Method and device for IP allocation of cluster container
CN107580083A (en) * 2017-09-20 2018-01-12 北京京东尚科信息技术有限公司 A kind of method and system of container IP address distribution
CN107770298A (en) * 2017-09-30 2018-03-06 华为技术有限公司 The method and apparatus for transmitting data
CN111953805A (en) * 2017-09-30 2020-11-17 华为技术有限公司 Method and device for transmitting data
CN111953805B (en) * 2017-09-30 2022-08-26 华为云计算技术有限公司 Method and device for transmitting data
CN107995326B (en) * 2017-12-13 2021-04-20 北京搜狐新媒体信息技术有限公司 Management method and device of container network
CN107995326A (en) * 2017-12-13 2018-05-04 北京搜狐新媒体信息技术有限公司 The management method and device of a kind of capacitor network
CN110049081A (en) * 2018-01-17 2019-07-23 广东亿迅科技有限公司 For build and using high availability Docker private library method and system
CN110881007B (en) * 2018-09-05 2023-03-07 北京京东尚科信息技术有限公司 Container cluster network access method and device
CN110881007A (en) * 2018-09-05 2020-03-13 北京京东尚科信息技术有限公司 Container cluster network access method and device
CN109656686A (en) * 2018-12-17 2019-04-19 武汉烽火信息集成技术有限公司 The upper deployment container cloud method of OpenStack, storage medium, electronic equipment and system
CN110750332A (en) * 2019-10-23 2020-02-04 广西梯度科技有限公司 Method for setting static IP (Internet protocol) in Pod in Kubernetes
CN112015544A (en) * 2020-06-30 2020-12-01 苏州浪潮智能科技有限公司 Load balancing method, device and equipment of k8s cluster and storage medium
CN112003750A (en) * 2020-08-24 2020-11-27 浪潮云信息技术股份公司 Data center host Overlay network access control method
CN112003750B (en) * 2020-08-24 2023-11-21 浪潮云信息技术股份公司 Data center host computer Overlay network access control method
CN112711464A (en) * 2021-01-22 2021-04-27 南京英诺森软件科技有限公司 Device and system for self-service Docker configuration
US11456987B1 (en) 2021-05-07 2022-09-27 State Farm Mutual Automobile Insurance Company Systems and methods for automatic internet protocol address management
CN114615064A (en) * 2022-03-15 2022-06-10 北京旋极安辰计算科技有限公司 Management and control method for creation and destruction of Docker container

Similar Documents

Publication Publication Date Title
CN106878484A (en) A kind of method of configuration Docker cluster external containers IP
US7058642B2 (en) Method and data structure for a low memory overhead database
US7668925B1 (en) Method and apparatus for routing in SAS using logical zones
US7454795B2 (en) Disk control unit
CN105245543B (en) A kind of operating system forced access control method based on safety label randomization
CN101674334B (en) Access control method of network storage equipment
CN107196982A (en) A kind for the treatment of method and apparatus of user's request
US20180375832A1 (en) Using headerspace analysis to identify unneeded distributed firewall rules
US20090249438A1 (en) Moving security for virtual machines
US20110004923A1 (en) Method and system for generating user group identifiers
CN104077239B (en) IP hard disk, and memory system and data operation method thereof
CN104272702A (en) Method and apparatus for supporting access control lists in a multi-tenant environment
CN104660578A (en) System and method for realizing security storage and access control of data
CN106331196A (en) Method and device for realizing NAT
CN109189778A (en) A kind of method of online modification database table structure
CN108073352A (en) Virtual disk processing method and processing device
CN106709066A (en) Data synchronization method and device
US10095706B2 (en) Data access system and data access method
Mishra et al. PC-DUOS: Fast TCAM lookup and update for packet classifiers
TWI521932B (en) Method for managing internet protocol addresses in network
CN108092808A (en) A kind of method for managing security of data center's total management system
CN107888597A (en) A kind of FWaaS security domains collocation method and device
CN103945014A (en) Port multiplexing method in PAT mode and network address translation equipment
CN107493234A (en) A kind of message processing method and device based on virtual bridge
CN105095105B (en) A kind of method and device of Cache subregions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170620

RJ01 Rejection of invention patent application after publication