CN106878484A - A kind of method of configuration Docker cluster external containers IP - Google Patents
A kind of method of configuration Docker cluster external containers IP Download PDFInfo
- Publication number
- CN106878484A CN106878484A CN201710108067.0A CN201710108067A CN106878484A CN 106878484 A CN106878484 A CN 106878484A CN 201710108067 A CN201710108067 A CN 201710108067A CN 106878484 A CN106878484 A CN 106878484A
- Authority
- CN
- China
- Prior art keywords
- external
- docker
- container
- containers
- tables
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2514—Translation of Internet protocol [IP] addresses between local and global IP addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/255—Maintenance or indexing of mapping tables
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5061—Pools of addresses
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a kind of method of configuration Docker cluster external containers IP, the method ensures flexibly access the service of Docker clusters container offer in outside.Docker cluster environment initial configuration external IPs simultaneously give background data base preservation, while establishing route in main frame.An external IP can be assigned to after Docker clusters establishment container and supplies outside access, background data base record mapping relations.Docker clusters destroy container and delete Linux Iptables rules, and background data base deletion record simultaneously reclaims external IP.
Description
Technical field
It is especially a kind of based on Linux Iptables rule the present invention relates to a kind of technology of computer software application
Then with the method for Mariadb databases configuration Docker cluster external containers IP, it is ensured that can flexibly be accessed in outside
The service that Docker clusters container is provided.
Background technology
In the prior art, known technology is that Docker is an engine increased income, and can be easily any one
Using a transplantable, self-centered container for lightweight is created, the container that developer's compiler test passes through can batch
Disposed in production environment, including virtual machine, OpenStack clusters and other basic application platform.Docker clusters are created
The Overlay patterns for supporting multi-host communication are generally used when building container, outside access container service must use port mapping
Mode, there is the not enough critical defect of host port in this.Therefore we need a kind of configuration Docker cluster external containers IP
Method, can be in outside more flexible access container service.
Linux Iptables are the ip packet filter rules for setting, safeguarding and checking linux kernel.We use
NAT table therein is used for network address translation, comprising tri- chains of PREROUTING, OUTPUT, POSTROUTING.Each chain
It is a list of rules, corresponding bag is matched;The matched bag for the treatment of is specified how per rule, also may be used
To jump to user-defined chain in same table.Mariadb databases mainly have open source community to tie up as a branch of MySQL
Shield, using GPL authorizations, the purpose is to completely compatible MySQL, including API and order line, is allowed to easily turn into MySQL's
Substitute, but all strong MySQL excessively in terms of expanded function, storage engines and some new function improvement.
The content of the invention
The purpose of the present invention provides a kind of configuration Docker cluster containers aiming at the deficiency existing for prior art
The method of external IP, the method ensures flexibly access the service of Docker clusters container offer in outside.Docker collection
Group rings border initial configuration external IP simultaneously gives background data base preservation, while establishing route in main frame.Docker clusters are created
Building after container can be assigned to an external IP and supply outside access, background data base record mapping relations.Docker clusters are destroyed and held
Device deletes Linux Iptables rules, and background data base deletion record simultaneously reclaims external IP.
This programme is achieved by the following technical measures:A kind of method of configuration Docker cluster external containers IP,
Comprise the following steps:
1)Main frame builds Docker cluster environment, configures the essential information of external network, and background data base is set up tables of data and protected
Information is deposited, while Docker main frames choose the establishment that first external IP is route, the data-base recording external IP;
2)Need to apply for external IP, back-end data library searching tables of data distribution IP available during Docker creating environments containers;Issue
The IP and routing iinformation are added to main frame where container and perform Linux Iptables rules, now can access container with the IP
The mapping of service, data-base recording external IP and inside IP;
3)Docker environment is needed to discharge external IP when destroying container, and notice background data base deletion external IP is reflected with inside IP's
Record is penetrated, external IP is reset into upstate;Issue the IP and delete corresponding Linux Iptables to main frame where container
Rule.
Described step 1)Middle essential information includes CIDR sections of CIDR selection, gateway, IP available section.
Described Linux Iptables rules are used to change source or the destination address of bag using NAT table.
Described background data base uses Mariadb databases, background data base to set up Network, Subnet, IP tri-
Table, wherein Network token record the essential information of each network, map one or more Subnet tables;Subnet tokens record each
The IP available section of network, maps one or more IP tables;IP token record each IP and its whether available state.
The beneficial effect of this programme can be learnt according to the narration to such scheme, due to being integrated in production ring in this scenario
Under border in Docker cluster managements environmental project, container can flexibly be applied and discharge external IP as needed, so as to complete
The control management of Docker cluster networks and the flexible access of container service;Configuration external network when Docker clusters are initialized
IP available scope, background data base receives parameter and sets up tables of data and preserve data, while initializing route on cluster system.
IP is distributed after Docker clusters establishment container from external IP pond and is issued to main frame increase Linux Iptables rules, backstage
Data-base recording inside IP and external IP map information, now Docker containers can be conducted interviews with the external IP.Docker
Delete Linux Iptables rule in place main frame when cluster destroys container, background data base delete inside IP before this with
External IP map record, the external IP of returnable is simultaneously set to available state to be allocated again.As can be seen here, it is of the invention with it is existing
Technology is compared, and with prominent substantive distinguishing features and significant progress, its beneficial effect implemented is also obvious.
Specific embodiment
For the technical characterstic for illustrating this programme can be understood, below by a specific embodiment, this programme is explained
State.
A kind of method of configuration Docker cluster external containers IP of this programme, comprises the following steps:
1)Main frame builds Docker cluster environment, configures the essential information of external network, and background data base is set up tables of data and protected
Information is deposited, while Docker main frames choose the establishment that first external IP is route, the data-base recording external IP;Essential information
Including CIDR sections of CIDR selection, gateway, IP available section.
2)Need to apply for external IP, back-end data library searching tables of data distribution IP available during Docker creating environments containers;
Issue the IP and routing iinformation to be added to main frame where container and perform Linux Iptables rules, can now be accessed with the IP
The mapping of container service, data-base recording external IP and inside IP;
3)Docker environment is needed to discharge external IP when destroying container, and notice background data base deletion external IP is reflected with inside IP's
Record is penetrated, external IP is reset into upstate;Issue the IP and delete corresponding Linux Iptables to main frame where container
Rule.
Described Linux Iptables rules are used to change source or the destination address of bag using NAT table.Described backstage
Database uses Mariadb databases, background data base to set up tri- tables of Network, Subnet, IP, wherein Network tokens
The essential information of each network is recorded, one or more Subnet tables are mapped;Subnet tokens record the IP available section of each network, mapping
One or more IP tables;IP token record each IP and its whether available state.
The present invention is not limited in above-mentioned specific embodiment, and those of ordinary skill in the art are in essential scope of the invention
Change, remodeling, addition or the replacement inside made, should also belong to protection scope of the present invention.
Claims (4)
1. a kind of method of configuration Docker cluster external containers IP, it is characterised in that comprise the following steps:
1)Main frame builds Docker cluster environment, configures the essential information of external network, and background data base is set up tables of data and protected
Information is deposited, while Docker main frames choose the establishment that first external IP is route, the data-base recording external IP;
2)Need to apply for external IP, back-end data library searching tables of data distribution IP available during Docker creating environments containers;Issue
The IP and routing iinformation are added to main frame where container and perform Linux Iptables rules, now can access container with the IP
The mapping of service, data-base recording external IP and inside IP;
3)Docker environment is needed to discharge external IP when destroying container, and notice background data base deletion external IP is reflected with inside IP's
Record is penetrated, external IP is reset into upstate;Issue the IP and delete corresponding Linux Iptables to main frame where container
Rule.
2. the method for a kind of configuration Docker cluster external containers IP according to claim 1, it is characterized in that:Described step
Rapid 1)Middle essential information includes CIDR sections of CIDR selection, gateway, IP available section.
3. the method for configuration Docker cluster external containers IP according to claim 1 and 2, it is characterized in that:Described
Linux Iptables rules are used to change source or the destination address of bag using NAT table.
4. the method for configuration Docker cluster external containers IP according to claim 1, it is characterized in that:Described rear number of units
Mariadb databases, background data base is used to set up tri- tables of Network, Subnet, IP, wherein Network token records according to storehouse
The essential information of each network, maps one or more Subnet tables;Subnet tokens record the IP available section of each network, mapping one
To multiple IP tables;IP token record each IP and its whether available state.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710108067.0A CN106878484A (en) | 2017-02-27 | 2017-02-27 | A kind of method of configuration Docker cluster external containers IP |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710108067.0A CN106878484A (en) | 2017-02-27 | 2017-02-27 | A kind of method of configuration Docker cluster external containers IP |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106878484A true CN106878484A (en) | 2017-06-20 |
Family
ID=59167948
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710108067.0A Pending CN106878484A (en) | 2017-02-27 | 2017-02-27 | A kind of method of configuration Docker cluster external containers IP |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106878484A (en) |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107454207A (en) * | 2017-08-14 | 2017-12-08 | 郑州云海信息技术有限公司 | A kind of method and Docker clusters of configuration Overlay web container external IPs |
CN107580083A (en) * | 2017-09-20 | 2018-01-12 | 北京京东尚科信息技术有限公司 | A kind of method and system of container IP address distribution |
CN107666525A (en) * | 2017-09-08 | 2018-02-06 | 北京京东尚科信息技术有限公司 | The method and apparatus of cluster container IP distribution |
CN107770298A (en) * | 2017-09-30 | 2018-03-06 | 华为技术有限公司 | The method and apparatus for transmitting data |
CN107995326A (en) * | 2017-12-13 | 2018-05-04 | 北京搜狐新媒体信息技术有限公司 | The management method and device of a kind of capacitor network |
CN109656686A (en) * | 2018-12-17 | 2019-04-19 | 武汉烽火信息集成技术有限公司 | The upper deployment container cloud method of OpenStack, storage medium, electronic equipment and system |
CN110049081A (en) * | 2018-01-17 | 2019-07-23 | 广东亿迅科技有限公司 | For build and using high availability Docker private library method and system |
CN110750332A (en) * | 2019-10-23 | 2020-02-04 | 广西梯度科技有限公司 | Method for setting static IP (Internet protocol) in Pod in Kubernetes |
CN110881007A (en) * | 2018-09-05 | 2020-03-13 | 北京京东尚科信息技术有限公司 | Container cluster network access method and device |
CN112003750A (en) * | 2020-08-24 | 2020-11-27 | 浪潮云信息技术股份公司 | Data center host Overlay network access control method |
CN112015544A (en) * | 2020-06-30 | 2020-12-01 | 苏州浪潮智能科技有限公司 | Load balancing method, device and equipment of k8s cluster and storage medium |
CN112711464A (en) * | 2021-01-22 | 2021-04-27 | 南京英诺森软件科技有限公司 | Device and system for self-service Docker configuration |
CN114615064A (en) * | 2022-03-15 | 2022-06-10 | 北京旋极安辰计算科技有限公司 | Management and control method for creation and destruction of Docker container |
US11456987B1 (en) | 2021-05-07 | 2022-09-27 | State Farm Mutual Automobile Insurance Company | Systems and methods for automatic internet protocol address management |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951360A (en) * | 2015-06-30 | 2015-09-30 | 北京奇虎科技有限公司 | Configuration management mode and device based on Docker |
CN105824688A (en) * | 2016-03-16 | 2016-08-03 | 合网络技术(北京)有限公司 | Method for solving start concurrence bottleneck of docker container |
CN106101171A (en) * | 2016-05-24 | 2016-11-09 | 中国联合网络通信集团有限公司 | Server method of attachment and device |
-
2017
- 2017-02-27 CN CN201710108067.0A patent/CN106878484A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104951360A (en) * | 2015-06-30 | 2015-09-30 | 北京奇虎科技有限公司 | Configuration management mode and device based on Docker |
CN105824688A (en) * | 2016-03-16 | 2016-08-03 | 合网络技术(北京)有限公司 | Method for solving start concurrence bottleneck of docker container |
CN106101171A (en) * | 2016-05-24 | 2016-11-09 | 中国联合网络通信集团有限公司 | Server method of attachment and device |
Non-Patent Citations (1)
Title |
---|
SHIPENGFEI92: "利利⽤用iptables给Docker绑定一个外网IP", 《CSDN》 * |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107454207A (en) * | 2017-08-14 | 2017-12-08 | 郑州云海信息技术有限公司 | A kind of method and Docker clusters of configuration Overlay web container external IPs |
CN107666525A (en) * | 2017-09-08 | 2018-02-06 | 北京京东尚科信息技术有限公司 | The method and apparatus of cluster container IP distribution |
CN107666525B (en) * | 2017-09-08 | 2020-11-24 | 北京京东尚科信息技术有限公司 | Method and device for IP allocation of cluster container |
CN107580083A (en) * | 2017-09-20 | 2018-01-12 | 北京京东尚科信息技术有限公司 | A kind of method and system of container IP address distribution |
CN107770298A (en) * | 2017-09-30 | 2018-03-06 | 华为技术有限公司 | The method and apparatus for transmitting data |
CN111953805A (en) * | 2017-09-30 | 2020-11-17 | 华为技术有限公司 | Method and device for transmitting data |
CN111953805B (en) * | 2017-09-30 | 2022-08-26 | 华为云计算技术有限公司 | Method and device for transmitting data |
CN107995326B (en) * | 2017-12-13 | 2021-04-20 | 北京搜狐新媒体信息技术有限公司 | Management method and device of container network |
CN107995326A (en) * | 2017-12-13 | 2018-05-04 | 北京搜狐新媒体信息技术有限公司 | The management method and device of a kind of capacitor network |
CN110049081A (en) * | 2018-01-17 | 2019-07-23 | 广东亿迅科技有限公司 | For build and using high availability Docker private library method and system |
CN110881007B (en) * | 2018-09-05 | 2023-03-07 | 北京京东尚科信息技术有限公司 | Container cluster network access method and device |
CN110881007A (en) * | 2018-09-05 | 2020-03-13 | 北京京东尚科信息技术有限公司 | Container cluster network access method and device |
CN109656686A (en) * | 2018-12-17 | 2019-04-19 | 武汉烽火信息集成技术有限公司 | The upper deployment container cloud method of OpenStack, storage medium, electronic equipment and system |
CN110750332A (en) * | 2019-10-23 | 2020-02-04 | 广西梯度科技有限公司 | Method for setting static IP (Internet protocol) in Pod in Kubernetes |
CN112015544A (en) * | 2020-06-30 | 2020-12-01 | 苏州浪潮智能科技有限公司 | Load balancing method, device and equipment of k8s cluster and storage medium |
CN112003750A (en) * | 2020-08-24 | 2020-11-27 | 浪潮云信息技术股份公司 | Data center host Overlay network access control method |
CN112003750B (en) * | 2020-08-24 | 2023-11-21 | 浪潮云信息技术股份公司 | Data center host computer Overlay network access control method |
CN112711464A (en) * | 2021-01-22 | 2021-04-27 | 南京英诺森软件科技有限公司 | Device and system for self-service Docker configuration |
US11456987B1 (en) | 2021-05-07 | 2022-09-27 | State Farm Mutual Automobile Insurance Company | Systems and methods for automatic internet protocol address management |
CN114615064A (en) * | 2022-03-15 | 2022-06-10 | 北京旋极安辰计算科技有限公司 | Management and control method for creation and destruction of Docker container |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106878484A (en) | A kind of method of configuration Docker cluster external containers IP | |
US7058642B2 (en) | Method and data structure for a low memory overhead database | |
US7668925B1 (en) | Method and apparatus for routing in SAS using logical zones | |
US7454795B2 (en) | Disk control unit | |
US8261317B2 (en) | Moving security for virtual machines | |
US10708231B2 (en) | Using headerspace analysis to identify unneeded distributed firewall rules | |
CN103620616B (en) | A kind of access control right management method and device | |
CN105245543B (en) | A kind of operating system forced access control method based on safety label randomization | |
CN101674334B (en) | Access control method of network storage equipment | |
CN107196982A (en) | A kind for the treatment of method and apparatus of user's request | |
US20110004923A1 (en) | Method and system for generating user group identifiers | |
CN104077239B (en) | IP hard disk, and memory system and data operation method thereof | |
CN104272702A (en) | Method and apparatus for supporting access control lists in a multi-tenant environment | |
US8775629B1 (en) | System and method for managing internet protocol (IP) address space for enterprise network | |
CN106331196A (en) | Method and device for realizing NAT | |
CN103605728B (en) | A kind of data classification storage and system | |
CN108073352A (en) | Virtual disk processing method and processing device | |
CN109189778A (en) | A kind of method of online modification database table structure | |
CN103329141B (en) | Safe data storage method and device | |
CN107832446A (en) | A kind of searching method and computing device of configuration item information | |
US10095706B2 (en) | Data access system and data access method | |
CN104714825A (en) | Method for uniformly configuring strategies | |
TWI521932B (en) | Method for managing internet protocol addresses in network | |
CN108092808A (en) | A kind of method for managing security of data center's total management system | |
CN107888597A (en) | A kind of FWaaS security domains collocation method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170620 |
|
RJ01 | Rejection of invention patent application after publication |