Docker 笔记 - Docker官网
一,环境搭建
1 win 10 搭建 vagrant + virtualbox
1.1 下载工具
1.2 准备 centos7 box
1.3 搭建 centos7 环境
1.3.1 新建一个文件夹用于初始化 vagrant
注:目录不能包含中文
1.3.2 添加 .box 文件到 vagrant
$ vagrant box add centos/7 E:/Docker/virtualbox.box
==> box: Box file was not detected as metadata. Adding it directly...
==> box: Adding box 'centos/7' (v0) for provider:
box: Unpacking necessary files from: file:///E:/Docker/virtualbox.box
box:
==> box: Successfully added box 'centos/7' (v0) for 'virtualbox'!
AQQJE@aqqje MINGW64 /e/Docker
$ vagrant box list
centos/7 (virtualbox, 0)
1.3.3 生成 Vagrantfile 文件
$ vagrant init centos/7
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.
1.3.4 配置 Vagrantfile 文件
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "centos/7"
config.vm.network "public_network"
config.vm.provider "virtualbox" do |vb|
vb.memory = "3000"
vb.name = "aqqje"
vb.cpus = 3
end
end
1.3.5 启动 centos/7 虚拟机
$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
...
==> default: Rsyncing folder: /cygdrive/e/Docker/ => /vagrant
1.3.6 vagrant基本操作
vagrant ssh # 连接当前 vagrant 运行的虚拟机
vagrant status # 查看当前 vagrant 运行的虚拟机
vagrant halt # 停止当前 vagrant 运行的虚拟机
vagrant destroy # 删除当前 vagrant 创建的虚拟机
vagrant reload # 重启当前 vagrant 运行的虚拟机
vagrant ssh-config # 查看当前 vagrant ssh配置信息
##### 1.3.7 配置虚拟 ssh 连接
```bash
# 开启ssh密码连接
vim /etc/ssh/sshd_config
# 设置 passwordAuthentication yes
PasswordAuthentication yes
```bash
[vagrant@localhost ~]$ sudo -i
[root@localhost ~]# vi /etc/ssh/sshd_config
[root@localhost ~]# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@localhost ~]# systemctl restart sshd
[root@localhost ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:8a:fe:e6 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global noprefixroute dynamic eth0
valid_lft 85626sec preferred_lft 85626sec
inet6 fe80::5054:ff:fe8a:fee6/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:6b:95:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.172/24 brd 192.168.0.255 scope global noprefixroute dynamic eth1
valid_lft 6426sec preferred_lft 6426sec
inet6 fe80::a00:27ff:fe6b:9530/64 scope link
valid_lft forever preferred_lft forever
1.3.8 vagrant box 打包分发
$ vagrant package --output sub-centos.box
==> default: Exporting VM...
==> default: Compressing package to: E:/Docker/sub-centos.box
1.3.9 从 vagrant 中移除 .box 文件
$ vagrant box remove centos/7
Removing box 'centos/7' (v0) with provider 'virtualbox'...
AQQJE@aqqje MINGW64 /e/Docker
$ vagrant box list
There are no installed boxes! Use `vagrant box add` to add some.
2 使用云服务器
二, 安装Docker - 官网文档
1. 卸载之前的 docker
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
2. 安装依赖
sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
3. 配置 docker 仓库
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
4. 安装 docker
# 默认安装最新版本
sudo yum install docker-ce docker-ce-cli containerd.io
# 查看 docker 历史版本
sudo yum list docker-ce --showduplicates | sort -r
# 安装指定版本: 18.09.1
sudo yum install docker-ce-18.09.1 docker-ce-cli-18.09.1 containerd.io
5. 启动 docker, 并配置开机启动
sudo systemctl start docker && sudo systemctl enable docker
6. 配置加速器 - 阿里镜像加速服务
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://xxxxxx.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
7. hello world
sudo docker run hello-world
8. docker 基础命令
# 搜索镜像: mysql
docker search mysql
# 安装 mysql
docker pull mysql
# 查看本地镜像
docker images
# 启动镜像: -d 容器在后台运行 -p 容器内部使用的网络端口映射到宿主主机上
docker run -d --name mysql02 -p 3306:3306 -e MYSQL_ROOT_PASSWORD=root --privileged --default-time_zone='+8:00' -e TZ=Asia/Shanghai mysql
# 进入镜像窗口: -i 交互式操作 -t 终端 (docker attach 命令:如果从这个容器退出,会导致容器的停止)
docker exec -it mysql02 /bin/bash
三, Docker Image and Container
1,Image - 官方 image 地址
1.1 使用官方 Dockerfile 文件构建 mysql
- Dockerfile
FROM debian:stretch-slim
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql
RUN apt-get update && apt-get install -y --no-install-recommends gnupg dirmngr && rm -rf /var/lib/apt/lists/*
# add gosu for easy step-down from root
ENV GOSU_VERSION 1.7
RUN set -x \
&& apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/* \
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
&& gpgconf --kill all \
&& rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu \
&& gosu nobody true \
&& apt-get purge -y --auto-remove ca-certificates wget
RUN mkdir /docker-entrypoint-initdb.d
RUN apt-get update && apt-get install -y --no-install-recommends \
# for MYSQL_RANDOM_ROOT_PASSWORD
pwgen \
# for mysql_ssl_rsa_setup
openssl \
# FATAL ERROR: please install the following Perl modules before executing /usr/local/mysql/scripts/mysql_install_db:
# File::Basename
# File::Copy
# Sys::Hostname
# Data::Dumper
perl \
&& rm -rf /var/lib/apt/lists/*
RUN set -ex; \
# gpg: key 5072E1F5: public key "MySQL Release Engineering <mysql-build@oss.oracle.com>" imported
key='A4A9406876FCBD3C456770C88C718D3B5072E1F5'; \
export GNUPGHOME="$(mktemp -d)"; \
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
gpg --batch --export "$key" > /etc/apt/trusted.gpg.d/mysql.gpg; \
gpgconf --kill all; \
rm -rf "$GNUPGHOME"; \
apt-key list > /dev/null
ENV MYSQL_MAJOR 5.7
ENV MYSQL_VERSION 5.7.28-1debian9
RUN echo "deb http://repo.mysql.com/apt/debian/ stretch mysql-${MYSQL_MAJOR}" > /etc/apt/sources.list.d/mysql.list
# the "/var/lib/mysql" stuff here is because the mysql-server postinst doesn't have an explicit way to disable the mysql_install_db codepath besides having a database already "configured" (ie, stuff in /var/lib/mysql/mysql)
# also, we set debconf keys to make APT a little quieter
RUN { \
echo mysql-community-server mysql-community-server/data-dir select ''; \
echo mysql-community-server mysql-community-server/root-pass password ''; \
echo mysql-community-server mysql-community-server/re-root-pass password ''; \
echo mysql-community-server mysql-community-server/remove-test-db select false; \
} | debconf-set-selections \
&& apt-get update && apt-get install -y mysql-server="${MYSQL_VERSION}" && rm -rf /var/lib/apt/lists/* \
&& rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /var/run/mysqld \
&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld \
# ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime
&& chmod 777 /var/run/mysqld \
# comment out a few problematic configuration values
&& find /etc/mysql/ -name '*.cnf' -print0 \
| xargs -0 grep -lZE '^(bind-address|log)' \
| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/' \
# don't reverse lookup hostnames, they are usually another container
&& echo '[mysqld]\nskip-host-cache\nskip-name-resolve' > /etc/mysql/conf.d/docker.cnf
VOLUME /var/lib/mysql
COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 3306 33060
CMD ["mysqld"]
# 根据当前 Docker 文件构建 image
docker build -t my-mysql-image .
1.2 自定义 image
- 编写 Dockerfile 文件
FROM openjdk:8
MAINTAINER aqqje
LABEL name="hello-image" version="1.0" author="aqqje"
COPY dockerfile-demo-0.0.1-SNAPSHOT.jar hello-image.jar
CMD ["java", "-jar", "hello-image.jar"]
# 根据当前 Docker 文件构建 image
docker build -t my-hello .
# 运行
docker run -d --name my-hello my-hello
# 查看窗口启动日志
docker logs my-hello
# 调用 get 请求
curl localhost:8080/dockerfile
# 调整 post 请求
curl -d "user=nickwolfe&password=12345" localhost:8080/dockerfile
# 匹配进程: my
docker ps | grep my
1.3 image 上传
# 登录 docker hub 平台
[root@aqqje ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: aqqje
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
# 生成 image 副本
docker tag my-hello aqqje/my-hello:v1.0
# push
docker push aqqje/my-hello:v1.0
[root@aqqje ~]# sudo docker login --username=xxxxxxxx registry.cn-hangzhou.aliyuncs.com
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
# 生成 image 副本
docker tag my-hello registry.cn-hangzhou.aliyuncs.com/aqqje/my-hello:v1.0
# push
docker push registry.cn-hangzhou.aliyuncs.com/aqqje/my-hello:v1.0
- harbor - github 地址
# 下载 harbor 1.7.1 安装包
harbor-offline-installer-v1.7.1.tgz
# scp 上传到指定目录下
scp harbor-offline-installer-v1.7.1.tgz aqqje:/data/
# 解压安装
tar zxvf harbor-offline-installer-v1.7.1.tgz
# 安装 docker-compose
sudo yum install docker-compose
# 配置 harbor 文件 harbor.cfg
hostname = 47.97.248.78
harbor_admin_password = aqqje
# 安装 harbor
sh install.sh
# 停止 harbor
docker-compose stop
# 启动 harbor
docker-compose start
# 重启 harbor
docker-compose restart
1.4 Docker 基础命令
# 删除指定镜像
docker rmi -f imageid
# 删除所有镜像
docker rmi -f $(docker images)
# 删除所有容器
docker rm -f $(docker ps -aq)
2,container
2.1 创建带 vim 的 centos 容器
# 交互式运行 centos
docker run -d -it --name my-centos centos
# 进入容器
docker exec -it my-centos /bin/bash
# 安装 vim
yum install vim
# 将容器制作成一个镜像
docker commit my-centos vim-centos
# 查看容器详情信息
docker inspect vim-centos
# 停止/启动容器
docker stop/start vim-centos
2.2 容器资源限制
# 查看容器进行
docker top my-centos
# 监控容器资源消耗
docker stats my-centos
# 指定启动容器的资源: memory 内存消耗, cpu-shares 权重
docker run -d -it --name centos01 --memory 100M --cpu-shares 10 centos
2.3 图形化资源监控
# 下载 scop : -l 自动跳转(30X), -o 指定文件名
sudo curl -L git.io/scope -o /usr/local/bin/scope
# 赋权
sudo chmod a+x /usr/local/bin/scope
scope launch
# 停止scope
scope stop
# 同时监控两台机器,在两台机器中分别执行
scope launch ip1 ip2
2.4 chmod 参数
[ugao] [[+-=][rwx]...] [,...]
[ugoa]:档案调用权限分三级:档案拥有者,群组,其他
u:档案拥有者
g:群组
o:其他
a:全部
[+-=]:
+:增加权限;
-:降低权限;
=:唯一设定权限
[rwx]:
r:可读
w:可写
x:可执行
四, Docker网络 - 官网解析
1, 网卡
计算机网络中,计算机要能够进行通信硬件支撑,唯一的 MAC 地址
1.1 查看网卡信息
# 查看接口信息
ip link show
# 查看接口名
ls /sys/class/net
# 查看接口详情
ip a
1.2 网卡配置操作
# 进入网卡配置目录
cd /etc/sysconfig/network-scripts/
# 给指定的网卡增加 IP 地址
ip addr add 192.168.56.0.61/24 dev eth0
# 删除指定的网卡 IP 地址
ip addr delete 192.168.56.61/24 dev eth0
# 启动 eth0 网卡
ifup eth0
# 关闭 eth0 网卡
ifdown eth0
2,network namespace
# 增加
ip netns add ns1
# 查看
ip netns list
# 删除
ip netns delete ns1
# 查看当前 network namespace 网卡信息
ip netns exec ns1 ip a
# 使用 veth pair 技术,创建成对的网卡
ip link add veth-ns1 type veth peer name veth-ns2
# 将 veth-ns1 网上指派给 ns1
ip link set veth-ns1 netns ns1
# 将 veth-ns2 网上指派给 ns2
ip link set veth-ns1 netns ns2
# 启动 veth-ns2 网卡
ip netns exec ns2 ip link set veth-ns2 up
# ns1 ping ns2
ip netns exec ns ping 192.168.0.102
# 安装工具 bridge-utils
yum install bridge-utils
# 查看历史命令
history | grep centos
3,docker network
- 自定义的 network, 容器与容器之间可以通过容器名称访问 ,docker0 网络可以在容器启动时通过指定 --link mysql01 来指定可以通过容器名称访问
# 查看网络列表
docker network ls
# 查看网络信息
docker network inspect bridge
# 创建网络
docker network create aqqje
# 容器运行指定网络
docker run -d --name net-tomcat --network aqqje tomcat
# 将指定窗口加入到指定的网络中
docker network connect aqqje-net tomcat01
# 查看窗口网络信息
docker inspect tomcat01
# 删除网络
docker network rm aqqje
五, Docker 数据持久化
1, volume
# 创建 volume
docker volume create aqqje
# 查看 volume 列表
docker volume ls
# 删除 volume
docker volume rm volumeId / $(docker volume ls)
# 查看 volume 详情
docker volume inspect volumeId
# 启动 mysql01: -v 指定 volume 名
docker run -d --name mysql01 -v mysql01_volume:/var/lib/mysql -e
MYSQL_ROOT_PASSWORD=root mysql
# /usr/local/tomcat/webapps/aqqje 目录映射到 /tmp/aqqje 目录下
docker run -d --name my-tomcat -p 8080:8080 -v /tmp/aqqje:/usr/local/tomcat/webapps/aqqje tomcat
2, percona-xtradb-cluster - pxc 实战
# 拉取 pxc
docker pull percona/percona-xtradb-cluster:5.7.21
# 将 percona/percona-xtradb-cluster:5.7.21 打标签成 pxc
docker tag percona/percona-xtradb-cluster:5.7.21 pxc
# 创建 pxc 专属网络
docker network create --subnet=172.19.0.0/24 pxc-net
# 创建 3个 指定的 volume
docker volume create pxc-v1
docker volume create pxc-v2
docker volume create pxc-v3
# 运行三个PXC容器
docker run -d -p 3301:3306 --name=node1 -v pxc-v1:/var/bin/mysql --net=pxc-net --ip 172.19.0.2 -e MYSQL_ROOT_PASSWORD=root -e CLUSTER_NAME=PXC -e XTRABACKUP_PASSWORD=aqqje --privileged pxc
docker run -d -p 3302:3306 --name=node2 -v pxc-v2:/var/bin/mysql --net=pxc-net --ip 172.19.0.3 -e MYSQL_ROOT_PASSWORD=root -e CLUSTER_NAME=PXC -e XTRABACKUP_PASSWORD=aqqje -e CLUSTER_JOIN=node1 --privileged pxc
docker run -d -p 3303:3306 --name=node3 -v pxc-v3:/var/bin/mysql --net=pxc-net --ip 172.19.0.4 -e MYSQL_ROOT_PASSWORD=root -e CLUSTER_NAME=PXC -e XTRABACKUP_PASSWORD=aqqje -e CLUSTER_JOIN=node1 --privileged pxc
3, springboot+mysql+nginx
# 上传 jar 包
scp springboot-mybatis-0.0.1-SNAPSHOT.jar aqqje:/Gper/springboot-mybatis/
# 创建 Dockerfile 文件
cat Dockerfile
FROM openjdk:8-jre-apline
MAINTANIER AqqJe
LABEL name="springboot-mybatis" version="1.0" author="AqqJe"
COPY springboot-mybatis-0.0.1-SNAPSHOT.jar springboot-mybatis.jar
CMD ["java", "-jar", "springboot-mybatis.jar"]
# 构建镜像
docker build -t sbt-image
# 创建应用
docker run -d --name sbt01 -p 8081:8080 --net=pro-net --ip 172.20.0.2 sbt-image
docker run -d --name sbt02 -p 8082:8080 --net=pro-net --ip 172.20.0.3 sbt-image
docker run -d --name sbt03 -p 8083:8080 --net=pro-net --ip 172.20.0.4 sbt-image
# 创建 nginx.conf
cat nginx.conf
user nginx;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
location / {
proxy_pass http://balance;
}
}
upstream balance{
server 172.20.0.2:8080;
server 172.20.0.3:8080;
server 172.20.0.4:8080;
}
include /etc/nginx/conf.d/*.conf;
}
# 创建nginx
docker run -d -p 80:80 --name pro-nginx -v /tmp/nginx/nginx.conf:/etc/nginx/nginx.conf --net=pro-net --ip 172.20.0.10 nginx
六,Docker compose 使用 - 官网
1,原生创建 container
1,.1 创建文件夹
mkdir -p /Gper/compose
cd /Gper/compose
1.2, 创建 app.py 文件
[root@aqqje compose]# cat app.py
import time
import redis
from flask import Flask
app = Flask(__name__)
cache = redis.Redis(host='redis', port=6379)
def get_hit_count():
retries = 5
while True:
try:
return cache.incr('hits')
except redis.exceptions.ConnectionError as exc:
if retries == 0:
raise exc
retries -= 1
time.sleep(0.5)
@app.route('/')
def hello():
count = get_hit_count()
return 'Hello World! I have been seen {} times.\n'.format(count)
1.3, 创建 requirements.txt 文件
[root@aqqje compose]# cat requirements.txt
flask
redis
1.4, 创建 Dockerfile 文件
[root@aqqje compose]# cat Dockerfile
FROM python:3.7-alpine
WORKDIR /code
ENV FLASK_APP app.py
ENV FLASK_RUN_HOST 0.0.0.0
RUN apk add --no-cache gcc musl-dev linux-headers
COPY requirements.txt requirements.txt
RUN pip install -r requirements.txt
COPY . .
CMD ["flask", "run"]
1.5,构建当前 Dockerfile 文件生成 image
docker build -t python-app-image .
1.6 拉取 redis image
docker pull redis:alpine
1.7 创建网络
docker network ls
docker network create --subnet=172.20.0.0/24 app-net
1.8 运行 python-app-image & redis
docker run -d --name web -p 5000:5000 --network app-net python-app-image
docker run -d --name redis --network app-net redis:alpine
2, docker compose 创建 container
2.1 安装 docker-compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
2.2 编写 docker-compose.yaml (默认) 文件
[root@aqqje compose]# cat docker-compose.yaml
version: '3'
services:
web:
build: .
networks:
- app-net
redis:
image: "redis:alpine"
networks:
- app-net
networks:
app-net:
driver: bridge
2.3 运行 docker-compose.yaml 文件
# 默认指定 docker-compose.yaml
docker-compose up -d
# 指定 docker-compose-test.yaml
docker-compose -f docker-compose.yml up -d
2.4 docker-compose 常见操作
# 查看版本
docker-compose version
# 根据yml创建service
docker-compose up -d
# 看启动成功的service
docker-compose ps
# 查看images
docker-compose images
# 停止/启动service
docker-compose stop/start
# 删除service[同时会删除掉network和volume]
docker-compose down
# 进入到某个service
docker-compose exec redis sh
# 查看服务容器的日志输出
docker-compose logs redis
# 查看帮助
docker-compose -h
七,Docker Swarm - 官网
1,根据 Vagrantfile 创建虚拟环境
boxes = [
{
:name => "manager-node",
:eth1 => "192.168.56.11",
:mem => "1024",
:cpu => "1"
},
{
:name => "worker01-node",
:eth1 => "192.168.56.12",
:mem => "1024",
:cpu => "1"
},
{
:name => "worker02-node",
:eth1 => "192.168.56.13",
:mem => "1024",
:cpu => "1"
}
]
Vagrant.configure(2) do |config|
config.vm.box = "centos/7"
boxes.each do |opts|
config.vm.define opts[:name] do |config|
config.vm.hostname = opts[:name]
config.vm.provider "vmware_fusion" do |v|
v.vmx["memsize"] = opts[:mem]
v.vmx["numvcpus"] = opts[:cpu]
end
config.vm.provider "virtualbox" do |v|
v.customize ["modifyvm", :id, "--memory", opts[:mem]]
v.customize ["modifyvm", :id, "--cpus", opts[:cpu]]
v.customize ["modifyvm", :id, "--name", opts[:name]]
end
config.vm.network :public_network, ip: opts[:eth1]
end
end
end
2,配置 sshd 服务
vagrant ssh manager-node/worker01-node/worker02-node
sudo -i
vi /etc/ssh/sshd_config
修改PasswordAuthentication yes
passwd 修改密码
systemctl restart sshd
3,安装虚拟 Docker engine 【略】
4, 搭建 Swarm 集群
[vagrant@manager-node ~]
docker swarm init --advertise-addr=192.168.0.11
Swarm initialized: current node (pvj7k2urt8g5k1ucsao2rpiwu) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-2121w9nkk2qsyrgg477bz2jq26iojd5u1agdfa2b0bi8wxi3rk-00octanaf09agpe9v77nsm670 192.168.0.11:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
5,将 worker01-node,worker02-node 加入 swarm 集群
[vagrant@worker01-node ~]
docker swarm join --token SWMTKN-1-2121w9nkk2qsyrgg477bz2jq26iojd5u1agdfa2b0bi8wxi3rk-00octanaf09agpe9v77nsm670 192.168.0.11:2377
[vagrant@worker02-node ~]
docker swarm join --token SWMTKN-1-2121w9nkk2qsyrgg477bz2jq26iojd5u1agdfa2b0bi8wxi3rk-00octanaf09agpe9v77nsm670 192.168.0.11:2377
6,docker swarm 常见操作
# 进入到manager node查看集群状态
docker node ls
# 将worker提升成manager(保证manager的高可用)
docker node promote worker01-node
docker node promote worker02-node
#降级可以用 demote
docker node demote worker01-node
# 创建一个tomcat的service
docker service create --name my-tomcat tomcat
# 查看当前swarm的service
docker service ls
# 查看service的启动日志
docker service logs my-tomcat
# 查看service的详情
docker service inspect my-tomcat
# 查看my-tomcat运行在哪个node上
docker service ps my-tomcat
# 水平扩展service
docker service scale my-tomcat=3
# 删除service
docker service rm my-tomcat
八, 多机通信overlay网络
1,传统手动方式单机实现
# 创建mysql容器[创建完成等待一会,注意mysql的版本]
docker run -d --name mysql -v v1:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=examplepass -e MYSQL_DATABASE=db_wordpress mysql:5.6
# 创建wordpress容器[将wordpress的80端口映射到centos的8080端口]
docker run -d --name wordpress --link mysql -e WORDPRESS_DB_HOST=mysql:3306 -e WORDPRESS_DB_USER=root -e WORDPRESS_DB_PASSWORD=examplepass -e WORDPRESS_DB_NAME=db_wordpress -p 8080:80 wordpress
# 查看默认bridge的网络,可以发现两个容器都在其中
docker network inspect bridge
2,docker-compose 单机实现
# 创建 docker-compose.yml 文件
cat docker-compose.yml
version: '3.1'
services:
wordpress:
image: wordpress
restart: always
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: exampleuser
WORDPRESS_DB_PASSWORD: examplepass
WORDPRESS_DB_NAME: exampledb
volumes:
- wordpress:/var/www/html
db:
image: mysql:5.7
restart: always
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: exampleuser
MYSQL_PASSWORD: examplepass
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql
volumes:
wordpress:
db:
# 根据 docker-compose.yaml 创建 service
docker-compose up -d
# wordpress 默认在 docekr network 中创建了网络
docker network inspect wordpress-mysql_default
3,docker swarm 集群中实现
# 创建一个overlay网络,用于docker swarm中多机通信
[vagrant@manager-node ~]docker network create -d overlay my-overlay-net
# 创建mysql的service
[vagrant@manager-node ~]docker service create --name mysql --mount type=volume,source=v1,destination=/var/lib/mysql --env MYSQL_ROOT_PASSWORD=examplepass --env MYSQL_DATABASE=db_wordpress --network my-overlay-net mysql:5.6
# 查看service
[vagrant@manager-node ~]docker service ls
[vagrant@manager-node ~]docker service ps mysql
# 创建service [注意之所以下面可以通过mysql名字访问,也是因为有DNS解析]
[vagrant@manager-node ~]docker service create --name wordpress --env WORDPRESS_DB_USER=root --env WORDPRESS_DB_PASSWORD=examplepass --env WORDPRESS_DB_HOST=mysql:3306 --env WORDPRESS_DB_NAME=db_wordpress -p 8080:80 --network my-overlay-net wordpress
# 查看service
[vagrant@manager-node ~]docker service ls
[vagrant@manager-node ~]docker service ps mysql
# 查看my-overlay-net
docker network inspect my-overlay-net
4,Routing Mesh - 负载均衡
- whoami服务对其他服务暴露的ip是不变的,但是通过whoami名称访问8000端口,确实访问到的是不同的service, 也就是说whoami service对其他服务提供了一个统一的VIP入口,别的服务访问时会做负载均衡。
# whoami
docker service create --name whoami -p 8000:8000 --network my-overlay-net -d jwilder/whoami
# 将whoami进行扩容
docker service scale whoami=3
5,docker Stack - 官网
- 简化 service 创建
5.1 新建 service.yml
cat service.yml
version: '3'
services:
wordpress:
image: wordpress
ports:
- 8080:80
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_USER: exampleuser
WORDPRESS_DB_PASSWORD: examplepass
WORDPRESS_DB_NAME: exampledb
networks:
- ol-net
volumes:
- wordpress:/var/www/html
deploy:
mode: replicated
replicas: 3
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
update_config:
parallelism: 1
delay: 10s
db:
image: mysql:5.7
environment:
MYSQL_DATABASE: exampledb
MYSQL_USER: exampleuser
MYSQL_PASSWORD: examplepass
MYSQL_RANDOM_ROOT_PASSWORD: '1'
volumes:
- db:/var/lib/mysql
networks:
- ol-net
deploy:
mode: global
placement:
constraints:
- node.role == manager
volumes:
wordpress:
db:
networks:
ol-net:
driver: overlay
5.2 根据service.yml创建service
docker statck deploy -c service.yml my-service
5.3 常见操作
# 查看stack具体信息
docker stack ls
# 查看具体的service
docker stack services my-service
# 查看某个service
docker service inspect my-service-db
九,其他
1,mysql 容器创建 (转自samsara_x)
docker run --name mysql57 -p 3306:3306 -e MYSQL_ROOT_PASSWORD=changle@1999 -e MYSQL_DATABASE=aqqje -e TZ=Asia/Shanghai -d mysql:5.7 --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --default-time_zone='+8:00'
- MYSQL_ROOT_PASSWORD : 设置mysql数据库root的密码
- MYSQL_DATABASE : 启动时创建数据库
- TZ=Asia/shanghai : 设置容器时区
- character-set-server : 服务器字符集,在创建数据库和表时不特别指定字符集,这样统一采用character-set-server字符集。
- character-set-database : 数据库字符集
- character-set-table : 数据库表字符集
- collation-server : 排序规则字符集
- default-time_zone : mysql的时区
2,mongoDB
# 创建volume
docker volume create aqqje_volume_mongo
# 创建容器
docker run -id --name=aqqje_mongo -p 27017:27017 -v aqqje_volume_mongo:/data/backup mongo
3,redis
- 下载redis文件
- 修改redis配置文件
bind 127.0.0.1 #注释掉这部分,这是限制redis只能本地访问
protected-mode no #默认yes,开启保护模式,限制为本地访问
daemonize no#默认no,改为yes意为以守护进程方式启动,可后台运行,除非kill进程,改为yes会使配置文件方式启动redis失败
requirepass #默认注释掉,只能:
databases 16 #数据库个数(可选),我修改了这个只是查看是否生效。。
dir ./ #输入本地redis数据库存放文件夹(可选)
appendonly yes #redis持久化(可选)
docker run -d --name tensquare_redis -p 6379:6379 -v /data/redis/redis.conf:/redis.conf -v /data/redis/data:/data redis redis-server --appendonly yes
1166ee9e70f589ebf035fb35e85aa0c30f2357ea33ff95c467553e322984b525