服务发现与 DCOS 覆盖网络
Service Discovery versus DCOS Overlay Network
我已经设置了一个 DCOS 1.8 集群,目前正在熟悉中。
到目前为止,我让 marathon-lb 通过主机网络与 Jenkins 一起工作,就像一个魅力。现在我正在尝试使用 Overlay 进行设置。
我有几个测试容器,一些在 dcos 覆盖网络中,一些不在。到目前为止,他们可以通过 IP 相互联系,这很好。然而,当我尝试使用 mesos-dns 解析覆盖网络上的容器时,它解析的只是主机地址(不完全是我所期望的)。
所以我玩了一些马拉松来弄明白。我所做的是向 ipAddress:
添加一个发现块
{
"volumes": null,
"id": "/mariadb10",
"cmd": null,
"args": null,
"user": null,
"env": {
"MYSQL_ROOT_PASSWORD": "foo"
},
"instances": 1,
"cpus": 1,
"mem": 1024,
"disk": 0,
"gpus": 0,
"executor": null,
"constraints": null,
"fetch": null,
"storeUrls": null,
"backoffSeconds": 1,
"backoffFactor": 1.15,
"maxLaunchDelaySeconds": 3600,
"container": {
"docker": {
"image": "mariadb:10.0",
"forcePullImage": false,
"privileged": false,
"network": "USER"
},
"type": "DOCKER",
"volumes": [
{
"containerPath": "/var/lib/mysql",
"hostPath": "/mnt/foo",
"mode": "RW"
}
]
},
"healthChecks": [
{
"protocol": "TCP",
"gracePeriodSeconds": 30,
"intervalSeconds": 10,
"timeoutSeconds": 10,
"maxConsecutiveFailures": 3,
"port": 3306
}
],
"readinessChecks": null,
"dependencies": null,
"upgradeStrategy": {
"minimumHealthCapacity": 1,
"maximumOverCapacity": 1
},
"labels": null,
"acceptedResourceRoles": null,
"ipAddress": {
"networkName": "dcos",
"discovery": {
"ports": [
{ "number": 3306, "name": "mysql", "protocol": "tcp" }
]
}
},
"residency": null,
"secrets": null,
"taskKillGracePeriodSeconds": null
}
Marathon 告诉我 "Bridge" 或 "User" 网络不允许这样做。但是它没有抱怨以下内容并启动了容器:
{
"volumes": null,
"id": "/mariadb10",
"cmd": null,
"args": null,
"user": null,
"env": {
"MYSQL_ROOT_PASSWORD": "foo"
},
"instances": 1,
"cpus": 1,
"mem": 1024,
"disk": 0,
"gpus": 0,
"executor": null,
"constraints": null,
"fetch": null,
"storeUrls": null,
"backoffSeconds": 1,
"backoffFactor": 1.15,
"maxLaunchDelaySeconds": 3600,
"container": {
"docker": {
"image": "mariadb:10.0",
"forcePullImage": false,
"privileged": false,
"network": "USER"
},
"type": "DOCKER",
"volumes": [
{
"containerPath": "/var/lib/mysql",
"hostPath": "/mnt/foo",
"mode": "RW"
}
]
},
"healthChecks": [
{
"protocol": "TCP",
"gracePeriodSeconds": 30,
"intervalSeconds": 10,
"timeoutSeconds": 10,
"maxConsecutiveFailures": 3,
"port": 3306
}
],
"readinessChecks": null,
"dependencies": null,
"upgradeStrategy": {
"minimumHealthCapacity": 1,
"maximumOverCapacity": 1
},
"labels": null,
"acceptedResourceRoles": null,
"ipAddress": {
"networkName": "dcos"
},
"residency": null,
"secrets": null,
"taskKillGracePeriodSeconds": null
}
有趣的是,它不再使用覆盖地址,而是监听主机地址并将主机地址公布到覆盖网络中。
我只是做错了还是没有按预期工作?
所以,
我自己找到了解决方案。简单的解决方法是编辑 /opt/mesosphere/etc/mesos-dns.json。然后更改 IPSources 的顺序以首先列出 netinfo。
更多信息,您也可以查看here
或者,您可以使用 taskname.marathon.containerip.dcos.thisdcos.directory。它记录在这里:https://docs.mesosphere.com/1.8/administration/overlay-networks/。
我已经设置了一个 DCOS 1.8 集群,目前正在熟悉中。 到目前为止,我让 marathon-lb 通过主机网络与 Jenkins 一起工作,就像一个魅力。现在我正在尝试使用 Overlay 进行设置。 我有几个测试容器,一些在 dcos 覆盖网络中,一些不在。到目前为止,他们可以通过 IP 相互联系,这很好。然而,当我尝试使用 mesos-dns 解析覆盖网络上的容器时,它解析的只是主机地址(不完全是我所期望的)。
所以我玩了一些马拉松来弄明白。我所做的是向 ipAddress:
添加一个发现块{
"volumes": null,
"id": "/mariadb10",
"cmd": null,
"args": null,
"user": null,
"env": {
"MYSQL_ROOT_PASSWORD": "foo"
},
"instances": 1,
"cpus": 1,
"mem": 1024,
"disk": 0,
"gpus": 0,
"executor": null,
"constraints": null,
"fetch": null,
"storeUrls": null,
"backoffSeconds": 1,
"backoffFactor": 1.15,
"maxLaunchDelaySeconds": 3600,
"container": {
"docker": {
"image": "mariadb:10.0",
"forcePullImage": false,
"privileged": false,
"network": "USER"
},
"type": "DOCKER",
"volumes": [
{
"containerPath": "/var/lib/mysql",
"hostPath": "/mnt/foo",
"mode": "RW"
}
]
},
"healthChecks": [
{
"protocol": "TCP",
"gracePeriodSeconds": 30,
"intervalSeconds": 10,
"timeoutSeconds": 10,
"maxConsecutiveFailures": 3,
"port": 3306
}
],
"readinessChecks": null,
"dependencies": null,
"upgradeStrategy": {
"minimumHealthCapacity": 1,
"maximumOverCapacity": 1
},
"labels": null,
"acceptedResourceRoles": null,
"ipAddress": {
"networkName": "dcos",
"discovery": {
"ports": [
{ "number": 3306, "name": "mysql", "protocol": "tcp" }
]
}
},
"residency": null,
"secrets": null,
"taskKillGracePeriodSeconds": null
}
Marathon 告诉我 "Bridge" 或 "User" 网络不允许这样做。但是它没有抱怨以下内容并启动了容器:
{
"volumes": null,
"id": "/mariadb10",
"cmd": null,
"args": null,
"user": null,
"env": {
"MYSQL_ROOT_PASSWORD": "foo"
},
"instances": 1,
"cpus": 1,
"mem": 1024,
"disk": 0,
"gpus": 0,
"executor": null,
"constraints": null,
"fetch": null,
"storeUrls": null,
"backoffSeconds": 1,
"backoffFactor": 1.15,
"maxLaunchDelaySeconds": 3600,
"container": {
"docker": {
"image": "mariadb:10.0",
"forcePullImage": false,
"privileged": false,
"network": "USER"
},
"type": "DOCKER",
"volumes": [
{
"containerPath": "/var/lib/mysql",
"hostPath": "/mnt/foo",
"mode": "RW"
}
]
},
"healthChecks": [
{
"protocol": "TCP",
"gracePeriodSeconds": 30,
"intervalSeconds": 10,
"timeoutSeconds": 10,
"maxConsecutiveFailures": 3,
"port": 3306
}
],
"readinessChecks": null,
"dependencies": null,
"upgradeStrategy": {
"minimumHealthCapacity": 1,
"maximumOverCapacity": 1
},
"labels": null,
"acceptedResourceRoles": null,
"ipAddress": {
"networkName": "dcos"
},
"residency": null,
"secrets": null,
"taskKillGracePeriodSeconds": null
}
有趣的是,它不再使用覆盖地址,而是监听主机地址并将主机地址公布到覆盖网络中。
我只是做错了还是没有按预期工作?
所以,
我自己找到了解决方案。简单的解决方法是编辑 /opt/mesosphere/etc/mesos-dns.json。然后更改 IPSources 的顺序以首先列出 netinfo。
更多信息,您也可以查看here
或者,您可以使用 taskname.marathon.containerip.dcos.thisdcos.directory。它记录在这里:https://docs.mesosphere.com/1.8/administration/overlay-networks/。