文章目录
Docker Machine 简介
Docker Machine 是一种可以让您在虚拟主机上安装 Docker 的工具,并可以使用 docker-machine 命令来管理主机。
Docker Machine 也可以集中管理所有的 docker 主机,比如快速的给 100 台服务器安装上 docker。
Docker Machine 下载安装
curl -L https://github.com/docker/machine/releases/download/v0.16.2/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine &&
chmod +x /tmp/docker-machine &&
sudo mv /tmp/docker-machine /usr/local/bin/docker-machine
Docker Machine 使用
创建machine
首先要 配置免密登陆受控主机
[root@server1 ~]# ssh-copy-id server3
在线安装
缺点:对网络要求高 但是可以配置本地yum仓库来加速
- 在官方下载安装脚本
- 修改
312 centos|rhel) ### 由于官方脚本本身不支持rhel 添加rhel选项
313 if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then
314 dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
315 fi
316 ;;
317 *)
318 if command_exists lsb_release; then
319 dist_version="$(lsb_release --release | cut -f2)"
320 fi
321 if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then
322 dist_version="$(. /etc/os-release && echo "$VERSION_ID")"
323 fi
324 ;;
391 centos|rhel|fedora)
392 yum_repo="ftp://172.25.254.1/config/repo/docker.repo" ###配置自己的repo
安装自己选择的版本
453 #if [ -n "$cli_pkg_version" ]; then
454 # $sh_c "$pkg_manager install -y -q docker-ce-cli-19.03.5-3.el7"
455 #fi
456 $sh_c "$pkg_manager install -y -q docker-ce-19.03.12-3.el7 docker-ce-cli-19.03.12-3.el7"
在server3上可以看到:
root 14868 0.0 0.4 241064 4616 pts/1 Ss+ 13:09 0:00 sudo -E yum -y update -x docker-*
root 14881 4.3 11.2 497004 114448 pts/1 S+ 13:09 0:06 /usr/bin/python /bin/yum -y update -x docker-*
root 14923 4.5 1.1 319436 12128 pts/1 S+ 13:10 0:03 /usr/bin/python /usr/libexec/urlgrabber-ext-down
root 14934 2.0 1.1 319172 11888 pts/1 S+ 13:10 0:01 /usr/bin/python /usr/libexec/urlgrabber-ext-down
离线安装
在已经安装了docker的主机上直接执行
[root@server1 ~]# docker-machine create --driver generic --generic-ip-address=172.25.254.102 server2
Running pre-create checks...
Creating machine...
(server2) No SSH key specified. Assuming an existing key at the default location.
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with redhat...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env server2
[root@server1 ~]# docker-machine env server2
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://172.25.254.102:2376"
export DOCKER_CERT_PATH="/root/.docker/machine/machines/server2"
export DOCKER_MACHINE_NAME="server2"
# Run this command to configure your shell:
# eval $(docker-machine env server2)
配置machien后 在控制主机家目录生成.docker目录 在这个目录里生成证书
[root@server1 ~]# cd .docker/machine/certs/
[root@server1 certs]# ls
ca-key.pem ca.pem cert.pem key.pem
在受控主机 /etc/docker/生成:
[root@server2 ~]# cd /etc/docker/
[root@server2 docker]# ls
ca.pem key.json server-key.pem server.pem
受控主机默认开放2376端口
tcp6 0 0 :::2376 :::* LISTEN 24648/dockerd
server2上会自动更改启动文件
[root@server2 docker]# cd /etc/systemd/system/docker.service.d/
[root@server2 docker.service.d]# ls
10-machine.conf
[root@server2 docker.service.d]# cat 10-machine.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --storage-driver overlay2 --tlsverify --tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=generic
Environment=
使用Docker Machine
连接受控主机
[root@server1 ~]# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
server2 - generic Running tcp://172.25.254.102:2376 v19.03.12
[root@server1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 6 days ago 133MB
busybox latest 6858809bf669 8 days ago 1.23MB
haproxy 1.5 1e9a605f9291 8 months ago 65.5MB
[root@server1 ~]# docker-machine env server2
export DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://172.25.254.102:2376"
export DOCKER_CERT_PATH="/root/.docker/machine/machines/server2"
export DOCKER_MACHINE_NAME="server2"
# Run this command to configure your shell:
# eval $(docker-machine env server2)
[root@server1 ~]# docker-machine config server2
--tlsverify
--tlscacert="/root/.docker/machine/machines/server2/ca.pem"
--tlscert="/root/.docker/machine/machines/server2/cert.pem"
--tlskey="/root/.docker/machine/machines/server2/key.pem"
-H=tcp://172.25.254.102:2376
[root@server1 ~]# eval $(docker-machine env server2)
[root@server1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@server1 ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 19.03.12
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-1127.19.1.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.6 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 990.8MiB
Name: server2 ###显示server2 说明进入了server2 的环境
Docker Compose简介
Compose 是用于定义和运行多容器 Docker 应用程序的工具。通过 Compose,您可以使用 YML 文件来配置应用程序需要的所有服务。然后,使用一个命令,就可以从 YML 文件配置中创建并启动所有服务。
Docker Compose下载安装
下载:
curl -L "https://github.com/docker/compose/releases/download/1.27.3/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose
安装成功
[root@server1 compose]# docker-compose version
docker-compose version 1.24.1, build 4667896b
docker-py version: 3.7.3
CPython version: 3.6.8
OpenSSL version: OpenSSL 1.1.0j 20 Nov 2018
使用docker compose 部署nginx集群
新建目录compose
[root@server1 compose]# pwd
/root/compose
[root@server1 compose]# tree
.
├── docker-compose.yml
└── haproxy
└── haproxy.cfg
1 directory, 2 files
[root@server1 compose]# cat docker-compose.yml
version: '3'
services:
web1:
image: nginx:latest
container_name: web1
volumes:
- webdata:/usr/share/nginx/html
networks:
- webnet
web2:
image: nginx:latest
container_name: web2
volumes:
- webdata:/usr/share/nginx/html
networks:
- webnet
haproxy:
image: haproxy:1.5
networks:
- webnet
ports:
- "80:80"
volumes:
- ./haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
volumes:
webdata:
networks:
webnet:
[root@server1 compose]# cat haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
pidfile /var/run/haproxy.pid
maxconn 4000
daemon
# turn on stats unix socket
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
stats uri /admin/status
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:80
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 web1:80 check
server app2 web2:80 check
[root@server1 compose]# docker-compose ps
Name Command State Ports
-------------------------------------------------------------------------------
compose_haproxy_1 /docker-entrypoint.sh hapr ... Up 0.0.0.0:80->80/tcp
web1 /docker-entrypoint.sh ngin ... Up 80/tcp
web2 /docker-entrypoint.sh ngin ... Up 80/tcp
停止web1
[root@server1 compose]# docker-compose stop web1
Stopping web1 ... done
Docker Swarm 简介
Swarm是Docker公司推出的用来管理docker集群的平台,几乎全部用GO语言来完成的开发的,代码开源在https://github.com/docker/swarm, 它是将一群Docker宿主机变成一个单一的虚拟主机,Swarm使用标准的Docker API接口作为其前端的访问入口,换言之,各种形式的DockerClient(compose,docker-py等)均可以直接与Swarm通信,甚至Docker本身都可以很容易的与Swarm集成,这大大方便了用户将原本基于单节点的系统移植到Swarm上,同时Swarm内置了对Docker网络插件的支持,用户也很容易的部署跨主机的容器集群服务。Docker Swarm 和 Docker Compose 一样,都是 Docker 官方容器编排项目,但不同的是,Docker Compose 是一个在单个服务器或主机上创建多个容器的工具,而 Docker Swarm 则可以在多个服务器或主机上创建容器集群服务,对于微服务的部署,显然 Docker Swarm 会更加适合。
建立集群
在leader主机上执行:
docker swarm init
docker swarm join --token SWMTKN-1-3exjogkjpy5rw6hvqlyvs8190r0o159a6ape5m2ii36s08hr7b-eampwvkgwf8mkzux6vei46ewb 172.25.254.101:2377
在worker主机上:
docker swarm join --token SWMTKN-1-3exjogkjpy5rw6hvqlyvs8190r0o159a6ape5m2ii36s08hr7b-eampwvkgwf8mkzux6vei46ewb 172.25.254.101:2377
查看节点
[root@server1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
hlhc9dw0zoz7xgvjqsdwpwhx3 * server1 Ready Active Leader 19.03.12
gg4bspnun2d1nleftgni3war1 server2 Ready Active 19.03.12
2fjk4gd5xzs1xdd9lg1l9t82t server3 Ready Active 19.03.12
启动服务
[root@server1 ~]# docker service create --name web -p 80:80 --replicas 1 nginx
fffatpzdr4vup6rqs2kq9pc5j
overall progress: 1 out of 1 tasks
1/1: running [==================================================>]
verify: Service converged
[root@server1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cf716460f404 nginx:latest "/docker-entrypoint.…" 18 seconds ago Up 15 seconds 80/tcp web.1.jhqep1wu2vxotil01fezdrwwy
可以拉伸服务的数量
[root@server1 ~]# docker service scale web=3
web scaled to 3
overall progress: 3 out of 3 tasks
1/3: running [==================================================>]
2/3: running [==================================================>]
3/3: running [==================================================>]
verify: Service converged
[root@server1 ~]# docker service ps web
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
jhqep1wu2vxo web.1 nginx:latest server1 Running Running 4 minutes ago
ea3el64yesyu web.2 nginx:latest server2 Running Running about a minute ago
qtj2r801yg8j web.3 nginx:latest server3 Running Running about a minute ago
监控节点
Visualizer是一个Docker集群图形化显示工具
安装监控工具
docker pull dockersamples/visualizer
在管理节点运行:
[root@server1 ~]# docker service create \
> --name=viz \
> --publish=8081:8080/tcp \
> --constraint=node.role==manager \
> --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \
> dockersamples/visualizer:latest
br11x0dgv5jlpoyxqh16b8sd1
overall progress: 1 out of 1 tasks
1/1: running [==================================================>]
verify: Service converged
默认是负载均衡的:
[root@server1 ~]# curl server1
hello server3
[root@server1 ~]# curl server1
hello server1
[root@server1 ~]# curl server1
hello server2
[root@server1 ~]# curl server1
hello server3
[root@server1 ~]# curl server1
hello server1
[root@server1 ~]# curl server1
hello server2
灰度更新
拉伸到10个容器
[root@server1 ~]# docker service scale web=10
web scaled to 10
overall progress: 10 out of 10 tasks
1/10: running [==================================================>]
2/10: running [==================================================>]
3/10: running [==================================================>]
4/10: running [==================================================>]
5/10: running [==================================================>]
6/10: running [==================================================>]
7/10: running [==================================================>]
8/10: running [==================================================>]
9/10: running [==================================================>]
10/10: running [==================================================>]
verify: Service converged
批量更新
docker service update --image httpd --update-delay 5s --update-parallelism 2 web
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
