I have been quiet on here as I am in the process of writing again, one of things I have been looking at is Dockers new networking features. This gave me an excuse to have a play with Weave. Rather than go into too much detail here, lets go all click bait because you won’t believe what happened next.
I launched two hosts in Digital Ocean, one in London and then one in New York City using Docker Machine;
docker-machine create \ — driver digitalocean \ — digitalocean-access-token your-digital-ocean-api-token-goes-here \ — digitalocean-region lon1 \ — digitalocean-size 1gb \ mesh-london docker-machine create \ — driver digitalocean \ — digitalocean-access-token your-digital-ocean-api-token-goes-here \ — digitalocean-region nyc2 \ — digitalocean-size 1gb \ mesh-nyc
Once both hosts were up and running I downloaded the Weave binaries on each host;
docker-machine ssh mesh-london ‘curl -L git.io/weave -o /usr/local/bin/weave; chmod a+x /usr/local/bin/weave’ docker-machine ssh mesh-nyc ‘curl -L git.io/weave -o /usr/local/bin/weave; chmod a+x /usr/local/bin/weave’
Once the binary was on each host, I launched Weave on each host making sure I provided a password so that traffic between the host machines would be encrypted;
docker-machine ssh mesh-london weave launch — password m3ga_5ecret_pa55w0rd docker-machine ssh mesh-nyc weave launch — password m3ga_5ecret_pa55w0rd
Now Weave is running on both my hosts, I instructed the mesh-nyc host to connect to the IP address of the mesh-london host;
docker-machine ssh mesh-nyc weave connect “$(docker-machine ip mesh-london)”
and finally check the status of the Weave cluster;
docker-machine ssh mesh-nyc weave status
There should be two peers and 2 established connections.
This is where it gets interesting. Launching a NGINX container on the New York City host by running;
docker $(docker-machine config mesh-nyc) run -itd \ — name=nginx \ — net=weave \ — hostname=”nginx.weave.local” \ — dns=”172.17.0.1" \ — dns-search=”weave.local” \ russmckendrick/nginx
and then on the London host, try wgetting the page being served by NGINX (its just a plain one which says Hello from NGINX);
docker $(docker-machine config mesh-london) run -it \ — rm \ — net=weave \ — dns=”172.17.0.1" \ — dns-search=”weave.local” \ russmckendrick/base wget -q -O- http://nginx.weave.local
and then finally ping the NGINX container;
docker $(docker-machine config mesh-london) run -it \ — rm \ — net=weave \ — dns=”172.17.0.1" \ — dns-search=”weave.local” \ russmckendrick/base ping -c 3 nginx.weave.local
If you can’t be bothered to run it yourself, and who can blame you, here is an asciicinema recording;
As you can see, with no effort on my part other than the commands above I had encrypted, multi-host container networking !!!
Don’t forget to get teardown the two Digital Ocean hosts if you brought them up;
docker-machine stop mesh-london mesh-nyc docker-machine rm mesh-london mesh-nyc