Docker多主机管理Docker Machine
一、Docker Machine
docker machine是docker提供的一个命令行工具,通过这个工具可以远程管理、控制多台主机,例如在每台主机上安装、配置docker,在远程主机上执行各种docker指令等
multi-host 环境下,为 host 安装和配置 docker
用 Docker Machine 批量安装和配置 docker host
Docker Machine 支持在不同的环境(传统Linux、虚拟化平台、公有云:统称provider)下安装配置 docker host(针对不同的provider,Docker Machine有相应的 driver )
测试环境:
3台VMware Station 虚拟机 Centos7,IP地址分别是,
192.168.233.143
192.168.233.144
192.168.233.145
在 192.168.233.143 上安装 Docker Machine,通过 docker-machine 命令在其他两个 host 上部署 docker
1、安装 Docker Machine
官方安装文档:
https://docs.docker.com/machine/install-machine/
方法1执行指令:
curl -L https://github.com/docker/machine/releases/download/v0.9.0/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine && chmod +x /tmp/docker-machine && cp /tmp/docker-machine /usr/local/bin/docker-machine
方法2直接下载:
https://github.com/docker/machine/releases/
下载对应的版本
然后重命名文件为docker-machine
并且放到/usr/local/bin/下即可
由于docker 被墙 github docker-machine 下载龟速!!
这里使用docker-machine-linux v0.16.1
链接: https://pan.baidu.com/s/1pBPcCCG_qTkxEDHTkg-QHw
提取码: pv3c
mv /usr/local/bin/docker-machine-Linux-x86_64 /usr/local/bin/docker-machine
chmod +x /usr/local/bin/docker-machine
docker-machine的命令:
docker-machine --help
下载的执行文件被放到 /usr/local/bin 中,验证命令是否可用:
执行指令:
docker-machine version
(选做)安装并配置docker-machine命令的相关脚本
终端执行:
scripts=( docker-machine-prompt.bash docker-machine-wrapper.bash docker-machine.bash ); for i in "${scripts[@]}"; do sudo wget https://raw.githubusercontent.com/docker/machine/v0.13.0/contrib/completion/bash/${i} -P/etc/bash_completion.d; done
或者直接登录:
https://github.com/docker/machine/tree/master/contrib/completion/bash
下载这三个脚本,放到/etc/bash_completion.d
然后
source /etc/bash_completion.d/docker-machine*
关于这三个shell脚本的功能及使用可以参考脚本内容里的注释或者https://docs.docker.com/machine/install-machine/#install-bash-completion-scripts的说明
在安装完docker-machine,设置docker-machine命令自动补齐的时候,出现以下错误:
-bash: __docker_machine_ps1: 未找到命令
解决办法:在~/.bashrc中文末添加以下三行:
source /etc/bash_completion.d/docker-machine-wrapper.bash
source /etc/bash_completion.d/docker-machine-prompt.bash
source /etc/bash_completion.d/docker-machine.bash
PS1='[\u@\h \W$(__docker_machine_ps1)]\$ '
最后重新进行 source /root/.bashrc
二、创建 Machine
Machine 指运行 docker daemon 的主机
“创建 Machine” 指的就是在 host 上安装和部署 docker
查看一下当前的 machine:
docker-machine ls
创建第一个 machine:
host02 192.168.233.144
前提条件:
创建 machine 要求能够无密码登录远程主机,所以需要先通过如下命令将 ssh key 拷贝到 192.168.233.144:
ssh-copy-id三步实现SSH无密码登录
ssh-keygen 产生公钥与私钥对
ssh-copy-id 将本机的公钥复制到远程机器的authorized_keys文件中,ssh-copy-id也能让你有到远程机器的home, ~./ssh , 和 ~/.ssh/authorized_keys的权利
第一步:在本地机器(192.168.233.143)上使用ssh-keygen产生公钥私钥对
ssh-keygen
Enter enter enter 就可以了!
第二步:用ssh-copy-id将公钥复制到远程机器中
ssh-copy-id -i .ssh/id_rsa.pub -p 2222 root@192.168.233.144
注意: ssh-copy-id 将key写到远程机器的 ~/ .ssh/authorized_key.文件中
第三步: 登录到远程机器不用输入密码
ssh -p '2222' 'root@192.168.233.144'
一切准备就绪,执行 docker-machine create 命令创建 host02:
docker-machine create --driver generic --generic-ip-address=192.168.233.144 host02
报错误:Error creating machine: Error waiting for machine to be running: Maximum number of retries (60) exceeded
删除machine:
docker-machine rm host02
往普通的 Linux 中部署 docker,使用 generic driver
其他 driver 可以参考文档:
https://docs.docker.com/machine/drivers/
--generic-ip-address 指定目标系统的 IP,并命名为 host02
命令执行过程如下:
docker-machine create --driver generic --generic-ip-address=192.168.233.144 --generic-ssh-port 2222 host02
① 通过 ssh 登录到远程主机
② 安装 docker
③ 拷贝证书
④ 配置 docker daemon
⑤ 启动 docker
查看一下当前的 machine:
docker-machine ls
在host02 查看 docker daemon 的具体配置 /etc/systemd/system/docker.service
find / -name docker.service
/etc/systemd/system/multi-user.target.wants/docker.service
/usr/lib/systemd/system/docker.service
cat /etc/systemd/system/multi-user.target.wants/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
文件解析:
-H tcp://0.0.0.0:2376 使 docker daemon 接受远程连接
systemctl daemon-reload && systemctl restart docker
systemctl enable docker
systemctl status docker
查看主机名:
hostname
同样方法,配置host03
docker-machine create --driver generic --generic-ip-address=192.168.233.145 --generic-ssh-port 2222 host03
docker-machine ls
docker-machine env host03
三、管理 Machine
先前:
执行远程 docker 命令,需要通过 -H 指定目标主机的连接字符串,比如:
docker -H tcp://192.168.233.144:2376 ps
报:Error response from daemon: Client sent an HTTP request to an HTTPS server.(尚未解决)
现在:
Docker Machine 显示访问 host1 需要的所有环境变量:
docker-machine env host02
eval $(docker-machine env host02)
此时:
命令行提示符已经变了,原因是之前在$HOME/.bashrc 中配置了 PS1='[\u@\h \W$(__docker_machine_ps1)]\$ ',用于显示当前 docker host
cat .bashrc
PS1='[\u@\h \W$(__docker_machine_ps1)]\$ '
在此状态下,执行的所有 docker 命令其效果都相当于在 host02 上执行
修改host02上的配置:
/etc/docker/daemon.json
{
"registry-mirrors":["https://49c47s26.mirror.aliyuncs.com"]
}
在Docker Machine上:
docker run -itd busybox
docker ps -a
docker images
切换到 host03:
eval $(docker-machine env host03)
docker-machine 子命令:
更新 machine 的 docker 到最新版本,可以批量执行:
docker-machine upgrade host02 host03
查看 machine 的 docker daemon 配置:
docker-machine config host02
stop/start/restart 是对 machine (host02、host03)的操作系统操作,不是 stop/start/restart docker daemon
docker-machine restart host02
docker-machine stop host02
docker-machine start host02
在不同 machine 之间拷贝文件:
docker-machine scp host02:/tmp/test host03:/tmp/test
前提条件:host02
拷贝到host03:
在多主机环境下 Docker Machine ,操作简单高效!
详情请见,微信公众号