This describes the Brocade Docker Plugin which functions as remote libnetwork Driver.
It automates the provisioning of Brocade IP Fabric based on the life cycle of Docker Containers.
Fig 1. Docker Swarm nodes connected to Brocade IP Fabric.
Here, there are two hosts controller (10.37.18.158) and compute (10.37.18.157) which are part of the Docker swarm.
They are connected to Leaf switches ,10.37.18.135 and 10.37.18.136 respectively.
Key Aspects
Brocade Plugin functions as a global libnetwork remote driver within the Docker swarm.It is based on the new Container Network Model.
Docker networks are isolated using VLANs on the host-servers and the corresponding VLANs are provisioned on the Brocade IP Fabrics.
Brocade IP Fabric provisioning is automated and integrated with the lifecyle of containers. Tunnels between the leaf switches are only established when there are at-least two containers on different hosts on the same network. This is an important aspect as micro-services appear and disappear frequently in the container environment. Close integration of Brocade IP Fabrics with container life cycle helps in optimum usage of Network resources in such environments.
Brocade also provides container tracing functionality on its Brocade IP Fabric switches. Container tracing can be used to see the networking details like VLAN and interface details between the hosts in the Docker swarm and the leaf switches in the Brocade IP Fabric.
Brocade Plugin Operations
Initial Setup
Docker swarm(cluster of docker hosts) output displaying the two hosts in the swarm, controller(10.37.18.158) and compute (10.37.18.157)
root@controller:~# docker -H :4000 info
Nodes: 2
compute: 10.37.18.157:2375
└ Status: Healthy
└ Containers: 2
└ Reserved CPUs: 0 / 8
└ Reserved Memory: 0 B / 12.31 GiB
controller: 10.37.18.158:2375
└ Status: Healthy
└ Containers: 4
└ Reserved CPUs: 0 / 8
└ Reserved Memory: 0 B / 16.44 GiB
Container Tracer output as seen from one of the leaf switches in the Brocade IP Fabric. All fields are empty as there are no containers launched in the Docker swarm.
sw0:FID128:root> container_trace
+------+--------------+------+---------+----------+------------------+-----------------------+
----------------------+
| Name | Host Network | Vlan | Host IP | Host Nic | Switch Interface | Container IPv4Address |
Container MacAddress |
+------+--------------+------+---------+----------+------------------+-----------------------+
----------------------+
+------+--------------+------+---------+----------+------------------+-----------------------+
----------------------+
No tunnel is established between leaf switches of Brocade IP Fabric as there are no containers launched in the docker swarm.
Welcome to the Brocade Network Operating System Software
admin connected from 172.22.10.83 using ssh on sw0
sw0# show tunnel brief
sw0#
Container Startup
Create a network named ‘red_network’ using the brocade libnetwork driver and create two busybox containers on each of the host servers using the newly created network.
root@controller:~# docker -H :4000 network create --driver brcd-global --subnet=21.16.1.0/24
--gateway=21.16.1.1 red_network
4b722b1f90e64a986df8973aae6edf837193640161611805339676f1e6768f84
root@controller:~# docker -H :4000 run -itd --name=test1 --env="constraint:node==controller"
--net=red_network busybox
932a039045acc05e101d1196d9152e4391b0e62a9cf91c6b83b9fc9893738c6b
root@controller:~# docker -H :4000 run -itd --name=test2 --env="constraint:node==compute"
--net=red_network busybox
1a32732651bf970ce60b027644c6ff48e8e3490d5b60644f75fb5785bfba6219
Brocade Plugin provisions VLAN on the host server and does the necessary configuration on the switch interfaces connected to the host server.
Container tracer on the Brocade switch displays the newly created containers with details like Network name (red_network), VLAN(2002), Host NIC and Switch Interface, Container IP and Mac Address.
sw0:FID128:root> container_trace
+-------+--------------+------+--------------+----------+------------------+-----------------------+
----------------------+
| Name | Host Network | Vlan | Host IP | Host Nic | Switch Interface | Container IPv4Address |
Container MacAddress |
+-------+--------------+------+--------------+----------+------------------+-----------------------+
----------------------+
| test2 | red_network | 2002 | 10.37.18.157 | eth2 | Te 136/0/10 | 21.16.1.3/24 |
00:16:3e:04:95:e1 |
| test1 | red_network | 2002 | 10.37.18.158 | eth4 | Te 135/0/10 | 21.16.1.2/24 |
00:16:3e:4f:a4:49 |
+-------+--------------+------+--------------+----------+------------------+-----------------------+
----------------------+
Container tracer output would be useful for the network administrator for tracing the flow of traffic between containers as it transits through Brocade switches.
Tunnel gets established between the two leaf switches in the Brocade IP Fabric as two containers (test1 and test2) are launched on the two hosts in the docker swarm.
Tunnel output on the leaf switches of the Brocade IP Fabric indicates that tunnel has been established between the leaf switches connected to the two hosts in the docker swarm.
sw0# show tunnel brief
Tunnel 61441, mode VXLAN, rbridge-ids 135
Admin state up, Oper state up
Source IP 54.54.54.0, Vrf default-vrf
Destination IP 54.54.54.1
VLAN 2002 is received on Te 135/0/10 - interface connected to eth4 on host 10.37.18.158.
This VLAN is auto-mapped to VNI 2002 on the Brocade IP Fabric.
sw0# show vlan brief
VLAN Name State Ports Classification
(F)-FCoE (u)-Untagged
(R)-RSPAN (c)-Converged
(T)-TRANSPARENT (t)-Tagged
===== ========= ====== =============== ====================
2002 VLAN2002 ACTIVE Te 135/0/10(t)
Tu 61441(t) vni 2002
Ping between Containers
Container test1(21.16.1.2) on host (10.37.18.158) is able to communicate with Container test2 (21.16.1.3) on host (10.37.18.157).
root@controller:~# docker -H :4000 attach test1
/ # ping 21.16.1.3
PING 21.16.1.3 (21.16.1.3): 56 data bytes
64 bytes from 21.16.1.3: seq=0 ttl=64 time=0.656 ms
64 bytes from 21.16.1.3: seq=1 ttl=64 time=0.337 ms
64 bytes from 21.16.1.3: seq=2 ttl=64 time=0.358 ms
64 bytes from 21.16.1.3: seq=3 ttl=64 time=0.313 ms
64 bytes from 21.16.1.3: seq=4 ttl=64 time=0.324 ms
^C
--- 21.16.1.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.313/0.397/0.656 ms
Tunnel statistics showing the increasing trend of packets which indicates that the container traffic is transiting through Brocade IP Fabrics.
sw0# show tunnel statistics
Tnl ID RX packets TX packets RX bytes TX bytes
======== =============== =============== =============== ================
61441 3 3 (NA) 414
sw0# show tunnel statistics
Tnl ID RX packets TX packets RX bytes TX bytes
======== =============== =============== =============== ================
61441 7 7 (NA) 1022
Container Shutdown
Exit from Container 'test1 and explicit shutdown of the the other container test2
132 packets transmitted, 132 packets received, 0% packet loss
round-trip min/avg/max = 0.222/0.286/0.350 ms
/ # exit
root@controller:~# docker -H :4000 stop test2
Container shutdown results in the tear-down of tunnels between the leaf switches in the Brocade IP Fabric and the same is reflected by an empty output in the container trace output.
sw0# show tunnel brief
sw0:FID128:root> container_trace
+------+--------------+------+---------+----------+------------------+-----------------------+----------------------+
| Name | Host Network | Vlan | Host IP | Host Nic | Switch Interface | Container IPv4Address | Container MacAddress |
+------+--------------+------+---------+----------+------------------+-----------------------+----------------------+
+------+--------------+------+---------+----------+------------------+-----------------------+----------------------+
Brocade remote libnetwork driver can also works with Brocade VDX(Ethernet)Fabric in addition to automation Brocade IP Fabric.
No comments:
Post a Comment