Here are the common scenarios for setting up “Debian Overlay” along with detailed steps:
An Overlay network enables cross-host communication between Docker containers, making them appear on the same virtual network regardless of their physical location.
7946/tcp/udp for discovery and 4789/tcp/udp for VXLAN).Install Docker (if not already installed):
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable docker
Configure Docker Daemon:
Edit /etc/docker/daemon.json to enable Overlay networking and specify default address pools:
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {"max-size": "100m"},
"storage-driver": "overlay2",
"default-address-pools": [{"base": "10.10.0.0/16", "size": 24}]
}
Restart Docker to apply changes:
sudo systemctl restart docker
Create an Overlay Network:
Use docker network create with the --driver overlay flag. Specify a subnet (e.g., 10.10.1.0/24) for the network:
docker network create --driver overlay --subnet 10.10.1.0/24 my_overlay_net
Deploy Services to the Overlay Network:
Launch services (e.g., nginx) and connect them to the Overlay network. Use --replicas to scale services across multiple hosts:
docker service create --name my_nginx --network my_overlay_net --replicas 3 nginx:latest
Verify Connectivity:
Inspect the service to get container IPs, then ping between containers (replace <container_id> with actual IDs):
docker service inspect --pretty my_nginx
docker exec -it <container_id> ping <other_container_ip>
Optional: Configure Firewall:
Allow Overlay traffic (ports 7946/tcp/udp for discovery, 4789/tcp/udp for VXLAN) using ufw:
sudo ufw allow in on docker0 to any port 7946 proto udp
sudo ufw allow in on docker0 to any port 4789 proto udp
sudo ufw allow in on docker0 to any port 7946 proto tcp
sudo ufw allow in on docker0 to any port 4789 proto tcp
An Overlay filesystem combines a read-only base layer (e.g., the system root) with a writable upper layer, enabling lightweight system customization or persistence.
Install Required Packages:
Ensure overlayroot (for automatic Overlay mounting) is installed:
sudo apt update
sudo apt install overlayroot
Create Directory Structure: Define three directories for the Overlay filesystem:
lowerdir: Read-only base layer (e.g., system root).upperdir: Writable layer for changes.workdir: Temporary directory for Overlay operations.sudo mkdir -p /overlay/{lower,upper,work}
Mount the Base Layer:
Use tmpfs to create a temporary root for mounting the base layer (or use a physical partition):
sudo mount -t tmpfs tmpfs /overlay -o size=4G
sudo cp -a / /overlay/lower # Copy system root to lowerdir
Configure OverlayFS:
Edit /etc/overlayroot.conf to enable Overlay and specify directories:
[general]
enabled = yes
upperdir = /overlay/upper
workdir = /overlay/work
lowerdir = /overlay/lower
mergedir = /
Mount Overlay Manually (Test): Verify the configuration by manually mounting the Overlay filesystem:
sudo mount -t overlay overlay -o lowerdir=/overlay/lower,upperdir=/overlay/upper,workdir=/overlay/work /
Persist Configuration:
Add an entry to /etc/fstab to mount Overlay at boot:
overlay / overlay defaults,lowerdir=/overlay/lower,upperdir=/overlay/upper,workdir=/overlay/work 0 0
Reboot and Verify: Restart the system to apply Overlay mounting:
sudo reboot
Check if the Overlay is active by listing mounts:
mount | grep overlay
Verify changes persist in the upper layer (e.g., modify a file in / and reboot—changes should remain).
lowerdir, upperdir, and workdir.