Docker 네트워크 실습 :: DNS와 부하분산 설정

<Docker 실습 :: DNS 설정 및 부하분산 이용>

1. 네트워크 생성

ubuntu@host1:~$ docker network create han-net
10ae368d91ffce11031d14f6cf70e86bea8b2a6da8627718002782a0126d6a44
ubuntu@host1:~$ docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
711070d16ea3   bridge    bridge    local
10ae368d91ff   han-net   bridge    local
a10c647d79d1   host      host      local
2785de26c8d7   none      null      local

<네트워크 속성 확인>

• 네트워크 대역: 172.18.0.0 (서브넷 마스크: 255.255.0.0)
• 게이트 웨이: 172.18.0.1

ubuntu@host1:~$ docker network inspect han-net
[
    {
        "Name": "han-net",
        "Id": "10ae368d91ffce11031d14f6cf70e86bea8b2a6da8627718002782a0126d6a44",
        "Created": "2024-01-16T10:47:45.267083488+09:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    **"Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"**
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

 

2. han-net 네트워크 안에 컨테이너 생성

• --net=han-net: 컨테이너 생성 시, 속할 네트워크 이름
• --net-alias=esnet-tg: 특정 호스트 이름으로 컨테이너 여러 개 접근

<es1 컨테이너 생성>

ubuntu@host1:~$ docker container run -d --name=es1 --net=han-net --net-alias=esnet-tg -p 9201:9200 -p 9301:9300 -e "discovery.type=single-node" elasticsearch:7.17.10
Unable to find image 'elasticsearch:7.17.10' locally
7.17.10: Pulling from library/elasticsearch
99803d4b97f3: Pull complete 
c12bd77ba010: Pull complete 
1301fe510917: Pull complete 
4f4fb700ef54: Pull complete 
9b84f24899a8: Pull complete 
80def0a7fa73: Pull complete 
42b893bbb622: Pull complete 
9cb7875ab0d2: Pull complete 
10ed52a5c819: Pull complete 
de6942c0cf53: Pull complete 
Digest: sha256:43b9e781ebb2bd731ea3966bb816edce947e34965676046b3c0f8c17318cee72
Status: Downloaded newer image for elasticsearch:7.17.10
55bd56f43e8940c250ef678e5a563c16a615ea7bd2639a70658405b8a4258850

<es2 컨테이너 생성>

ubuntu@host1:~$ docker container run -d --name=es2 --net=han-net --net-alias=esnet-tg -p 9202:9200 -p 9302:9300 -e "discovery.type
=single-node" elasticsearch:7.17.10
f64b884915231b2f1e9377ba3774500136d5e8e0d83f12af465c77249af3b802

<컨테이너 생성 확인>

ubuntu@host1:~$ docker container ps
CONTAINER ID   IMAGE                   COMMAND                   CREATED              STATUS              PORTS                                                                                  NAMES
f64b88491523   elasticsearch:7.17.10   "/bin/tini -- /usr/l…"   About a minute ago   Up About a minute   0.0.0.0:9202->9200/tcp, :::9202->9200/tcp, 0.0.0.0:9302->9300/tcp, :::9302->9300/tcp   es2
55bd56f43e89   elasticsearch:7.17.10   "/bin/tini -- /usr/l…"   2 minutes ago        Up 2 minutes        0.0.0.0:9201->9200/tcp, :::9201->9200/tcp, 0.0.0.0:9301->9300/tcp, :::9301->9300/tcp   es1

 

3. 서버 DNS 묻기

• docker container run -it --rm 컨테이너 실행 후, 삭제 옵션

ubuntu@host1:~$ docker container run -it --rm --name=req-container --net=han-net busybox nslookup esnet-tg
>> req-container라는 이름의 컨테이너를 han-net에 생성한 후,
esnet-tg의 도메인 정보를 출력해라.
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
a307d6ecc620: Pull complete 
Digest: sha256:ba76950ac9eaa407512c9d859cea48114eeff8a6f12ebaa5d32ce79d4a017dd8
Status: Downloaded newer image for busybox:latest
Server:         127.0.0.11
**Address:        127.0.0.11:53**

Non-authoritative answer:
Name:   esnet-tg
Address: 172.18.0.2
Name:   esnet-tg
Address: 172.18.0.3

Non-authoritative answer:

• DNS는 127.0.0.11:53로 등록되어 있음을 알 수 있음

 

<부하분산 결과 확인>

1. centOS 컨테이너를 통해 DNS 로드밸런싱 확인

• docker container run -it --rm 컨테이너 실행 후 삭제

ubuntu@host1:~$ docker container run -it --rm --name=req-container --net=han-net centos:8 bash
Unable to find image 'centos:8' locally
8: Pulling from library/centos
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:8
[root@6af4cda32913 /]#

• curl을 통해 확인

[root@6af4cda32913 /]# curl -s esnet-tg:9200
{
  **"name" : "55bd56f43e89",**
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "ec4RkYXfQqepSGFWFT7A4Q",
  "version" : {
    "number" : "7.17.10",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "fecd68e3150eda0c307ab9a9d7557f5d5fd71349",
    "build_date" : "2023-04-23T05:33:18.138275597Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

[root@6af4cda32913 /]# curl -s esnet-tg:9200
{
  **"name" : "f64b88491523",**
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "SUU-dq4mSZOuO9B75mVWsw",
  "version" : {
    "number" : "7.17.10",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "fecd68e3150eda0c307ab9a9d7557f5d5fd71349",
    "build_date" : "2023-04-23T05:33:18.138275597Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

• 이름이 두 가지 결과 ("55bd56f43e89" / "f64b88491523")로 나와 (라운드로빈) 부하분산됨을 알 수 있음

 

2. Ubuntu를 통해 DNS 로드밸런싱 확인

ubuntu@host1:~$ docker container run -it --rm --name=req-container --net=han-net ubuntu:14.04 bash

<컨테이너 Ubuntu>

• dnsutils 설치

root@44c7cb0a3346:/# apt-get -y install dnsutils
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  bind9-host geoip-database libbind9-90 libdns100 libgeoip1 libisc95
  libisccc90 libisccfg90 liblwres90 libxml2 sgml-base xml-core
Suggested packages:
  rblcheck geoip-bin sgml-base-doc debhelper
The following NEW packages will be installed:
  bind9-host dnsutils geoip-database libbind9-90 libdns100 libgeoip1 libisc95
  libisccc90 libisccfg90 liblwres90 libxml2 sgml-base xml-core
0 upgraded, 13 newly installed, 0 to remove and 0 not upgraded.

• ping

root@44c7cb0a3346:/# ping -c 2 es1
PING es1 (172.18.0.2) 56(84) bytes of data.
64 bytes from es1.han-net (172.18.0.2): icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from es1.han-net (172.18.0.2): icmp_seq=2 ttl=64 time=0.059 ms

--- es1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1009ms
rtt min/avg/max/mdev = 0.055/0.057/0.059/0.002 ms

root@44c7cb0a3346:/# ping -c 2 es2
PING es2 (172.18.0.3) 56(84) bytes of data.
64 bytes from es2.han-net (172.18.0.3): icmp_seq=1 ttl=64 time=0.117 ms
64 bytes from es2.han-net (172.18.0.3): icmp_seq=2 ttl=64 time=0.118 ms

--- es2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1005ms
rtt min/avg/max/mdev = 0.117/0.117/0.118/0.010 ms

root@44c7cb0a3346:/# ping -c 2 esnet-tg
PING esnet-tg (172.18.0.2) 56(84) bytes of data.
64 bytes from es1.han-net (172.18.0.2): icmp_seq=1 ttl=64 time=0.210 ms
64 bytes from es1.han-net (172.18.0.2): icmp_seq=2 ttl=64 time=0.193 ms

--- esnet-tg ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1023ms
rtt min/avg/max/mdev = 0.193/0.201/0.210/0.016 ms

• 로드밸런싱 확인

root@44c7cb0a3346:/# dig esnet-tg

; <<>> DiG 9.9.5-3-Ubuntu <<>> esnet-tg
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11079
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;esnet-tg.                      IN      A

;; ANSWER SECTION:
**esnet-tg.               600     IN      A       172.18.0.3
esnet-tg.               600     IN      A       172.18.0.2**

;; Query time: 0 msec
;; SERVER: 127.0.0.11#53(127.0.0.11)
;; WHEN: Tue Jan 16 02:44:24 UTC 2024
;; MSG SIZE  rcvd: 74