关于Docker 1.12的Swarm Mode中Container绑定VIP的原因

从官方文档中 https://docs.docker.com/engine/swarm/networking/ 可以了解到VIP是用于集群内部的服务发现和负载均衡,但是从我的理解: iptables给数据包打标记 > # iptables -t mangle -nL Chain PREROUTING (policy ACCEPT) target prot opt source destination > > Chain INPUT (policy ACCEPT) target prot opt source > destination > > Chain FORWARD (policy ACCEPT) target prot opt source > destination > > Chain OUTPUT (policy ACCEPT) target prot opt source > destination MARK all -- 0.0.0.0/0 10.255.0.6 > MARK set 0x105 > > Chain POSTROUTING (policy ACCEPT) target prot opt source > destination lvs实现负载均衡(nat模式) > # ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port > Forward Weight ActiveConn InActConn FWM 261 rr -> 10.255.0.8:0 > Masq 1 0 0 -> 10.255.0.10:0 Masq > 1 0 0 -> 10.255.0.12:0 Masq 1 0 > 0 这样就已经完成了负载均衡。 为什么要给每个container的eth0上绑定一个VIP呢? > # ip addr show eth0 42: eth0@if43: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP > link/ether 02:42:0a:ff:00:0a brd ff:ff:ff:ff:ff:ff link-netnsid 0 > inet 10.255.0.10/16 scope global eth0 > valid_lft forever preferred_lft forever > inet 10.255.0.6/32 scope global eth0 > valid_lft forever preferred_lft forever > inet6 fe80::42:aff:feff:a/64 scope link > valid_lft forever preferred_lft forever 我目前发现的唯一的用途就是可以让 `ping 10.255.0.6` 可以工作。 另外,我在stackoverflow上也发起了有奖励的问题 http://stackoverflow.com/questions/38812357/whats-the-purpose-of-binding-vip-addr-in-every-container-of-a-service-in-docker
已邀请:

要回复问题请先登录注册