简介:
docker compose是一个管理多个容器的工具,比如可以解决容器之间的依赖关系。
github 地址:https://github.com/docker/compose
1、基础环境准备
#1:安装 python 环境及 pip 命令:
[root@docker-server3 ~]# yum install https://mirrors.aliyun.com/epel/epel-releaselatest-7.noarch.rpm -y
[root@docker-server3 ~]# yum install python-pip -y
[root@docker-server3 ~]# pip install --upgrade pip
#2:安装 docker compose:
[root@docker-server3 ~]# pip install docker-compose
#3:验证版本:
[root@docker-server3 ~]# docker-compose version
#4:查看帮助:
[root@docker-server3 ~]# docker-compose --help
2、从docker compose启动单个容器
#目录可以在任意目录,推荐放在有意义的位置。
[root@docker-server3 ~]# mkdir docker-compose
[root@docker-server3 ~]# cd docker-compose/
#1:一个容器的 docker compose 文件:设置一个 yml格式的配置文件,因此要注意前后的缩进。
[root@docker-server3 docker-compose]# cat docker-compose.yml
web1:
image: 192.168.10.206/nginx/nginx_1.10.3
expose:
- 80
- 443
ports:
- "80:80"
- "443:443"
#2:启动容器:必须要在 docker compose文件所在的目录执行:
[root@docker-server3 docker-compose]# docker-compose up #前台启动
#3:启动完成:
#4:web 访问测试:
#5:后台启动服务:
#容器的在启动的时候,会给容器自定义一个名称
[root@docker-server3 docker-compose]# docker-compose up -d
#6:自定义容器名称:
[root@docker-server3 docker-compose]# cat docker-compose.yml
web1:
image: 192.168.10.206/nginx/nginx_1.10.3
expose:
- 80
- 443
container_name: nginx-web1 #自定义容器名称
ports:
- "80:80"
- "443:443"
#7:验证容器:
#8:查看容器进程:
[root@docker-server3 docker-compose]# docker-compose ps
3、从docker compose启动多个容器
#1:编辑 docker-compose 文件:
[root@docker-server3 docker-compose]# cat docker-compose.yml
web1:
image: 192.168.10.206/nginx/nginx_1.10.3
expose:
- 80
- 443
container_name: nginx-web1
ports:
- "80:80"
- "443:443"
web2: #每一个容器一个 ID
image: 192.168.10.206/nginx/nginx_1.10.3
expose:
- 80
- 443
container_name: nginx-web2
ports:
- "81:80"
- "444:443"
#2:重新启动容器:
[root@docker-server3 docker-compose]# docker-compose stop
[root@docker-server3 docker-compose]# docker-compose up –d
#3:web 访问测试:
4、定义数据卷挂载
#1:创建数据目录和文件:
[root@docker-server3 ~]# mkdir -p /data/nginx
[root@docker-server3 ~]# echo "Test Nginx Volume" > /data/nginx/index.html
#2:编辑 compose 配置文件:
[root@docker-server3 docker-compose]# vim docker-compose.yml
web1:
image: 192.168.10.206/nginx/nginx_1.10.3
expose:
- 80
- 443
container_name: nginx-web1
volumes:
- /data/nginx:/usr/local/nginx/html
ports:
- "80:80"
- "443:443"
web2:
image: 192.168.10.206/nginx/nginx_1.10.3
expose:
- 80
- 443
container_name: nginx-web2
ports:
- "81:80"
- "444:443"
#3:重启容器:
[root@docker-server3 docker-compose]# docker-compose stop
[root@docker-server3 docker-compose]# docker-compose up -d
#4:验证 web 访问:
#可以发现,同一个文件,数据卷的优先级比镜像内的文件优先级高
#5:其他常用命令:
#重启单个指定容器:
[root@docker-server3 docker-compose]# docker-compose restart web1
Restarting nginx-web1 ... done
#重启所以容器:
[root@docker-server3 docker-compose]# docker-compose restart
#停止和启动单个容器:
[root@docker-server3 docker-compose]# docker-compose stop web1
[root@docker-server3 docker-compose]# docker-compose start web1
#停止和启动所有容器:
[root@docker-server3 docker-compose]# docker-compose stop
[root@docker-server3 docker-compose]# docker-compose start
5、实现单机版的HA+Nginx+tomcat
#1:制作 Haproxy 镜像:
[root@docker-server1 haproxy]# pwd
/opt/dockerfile/web/haproxy
#编辑 Dockerfile 文件:
[root@docker-server1 haproxy]# cat Dockerfile
#My Dockerfile
From docker.io/centos:7.2.1511
MAINTAINER zhangshijie "zhangshijie@300.cn"
#Yum Setting
ADD epel.repo /etc/yum.repos.d/epel.repo
ADD CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo
RUN yum install gcc gcc-c++ pcre pcre-devel openssl openssl-devel -y
ADD haproxy-1.7.9.tar.gz /usr/local/src
RUN cd /usr/local/src/haproxy-1.7.9 && make TARGET=linux2628 USE_PCRE=1
USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make install
PREFIX=/usr/local/haproxy
RUN cp /usr/local/src/haproxy-1.7.9/haproxy-systemd-wrapper /usr/sbin/haproxy-
systemd-wrapper
RUN cp /usr/local/src/haproxy-1.7.9/haproxy /usr/sbin/haproxy
ADD haproxy.service /usr/lib/systemd/system/haproxy.service
ADD haproxy /etc/sysconfig/haproxy
ADD run_haproxy.sh /root/script/run_haproxy.sh
RUN chmod a+x /root/script/run_haproxy.sh
CMD ["/root/script/run_haproxy.sh"]
EXPOSE 80 9999
#准备服务启动脚本:
[root@docker-server1 haproxy]# cat haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p
/run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
#前台启动脚本:
[root@docker-server1 haproxy]# cat run_haproxy.sh
#!/bin/bash
/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
#haproxy 参数文件:
[root@docker-server1 haproxy]# cat haproxy
# Add extra options to the haproxy daemon here. This can be useful for
# specifying multiple configuration files with multiple -f options.
# See haproxy(1) for a complete list of options.
OPTIONS=""
#准备压缩包及其他文件:
#执行构建镜像:
[root@docker-server1 haproxy]# docker build -t
192.168.10.205/centos/centos_7.2.1511_haproxy_1.7.9
/opt/dockerfile/web/haproxy/
#经镜像上传到 harbor 仓库:
#harbor 仓库验证:
#2:准备 nginx 镜像:参考 2.3
#3:准备 tomcat 镜像:参考 2.4
#4:编辑 docker compose 文件及环境准备:
#编辑 docker compose 文件:
[root@docker-server3 docker-compose]# pwd
/root/docker-compose
[root@docker-server3 docker-compose]# cat docker-compose.yml
nginx-web1:
image: 192.168.10.205/nginx/nginx_1.10.3
expose:
- 80
- 443
container_name: nginx-web1
volumes:
- /data/nginx:/usr/local/nginx/html
- /usr/local/nginx/conf/nginx.conf:/usr/local/nginx/conf/nginx.conf
links:
- tomcat-web1
- tomcat-web2
nginx-web2:
image: 192.168.10.205/nginx/nginx_1.10.3
volumes:
- /usr/local/nginx/conf/nginx.conf:/usr/local/nginx/conf/nginx.conf
expose:
- 80
- 443
container_name: nginx-web2
links:
- tomcat-web1
- tomcat-web2
tomcat-web1:
container_name: tomcat-web1
image: 192.168.10.205/centos/jdk1.7.0.79_tomcat1.7.0.69
user: www
command: /apps/tomcat/bin/run_tomcat.sh
volumes:
- /apps/tomcat/webapps/SalesManager:/apps/tomcat/webapps/SalesManager
expose:
- 8080
- 8443
tomcat-web2:
container_name: tomcat-web2
image: 192.168.10.205/centos/jdk1.7.0.79_tomcat1.7.0.69
user: www
command: /apps/tomcat/bin/run_tomcat.sh
volumes:
- /apps/tomcat/webapps/SalesManager:/apps/tomcat/webapps/SalesManager
expose:
- 8080
- 8443
haproxy:
container_name: haproxy-web1
image: 192.168.10.205/centos/centos_7.2.1511_haproxy_1.7.9
command: /root/script/run_haproxy.sh
volumes:
- /etc/haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg
ports:
- "9999:9999"
- "80:80"
links:
- nginx-web1
- nginx-web2
#准备 nginx 静态文件:
[root@docker-server3 docker-compose]# cat /data/nginx/index.html
Test Nginx Volume
#准备 nginx 配置文件: #本地路径和 nginx 路径都是 /usr/local/nginx/conf/nginx.conf
[root@docker-server3 docker-compose]# grep -v "#" /usr/local/nginx/conf/nginx.conf
| grep -v "^$"
user nginx;
worker_processes auto;
daemon off;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream tomcat_webserver {
server tomcat-web1:8080;
server tomcat-web2:8080;
}
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
location /SalesManager {
proxy_pass http://tomcat_webserver;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
} }
#准备 tomcat 页面文件:
[root@docker-server3 docker-compose]# ll /apps/tomcat/webapps/SalesManager
total 8
-rw-r--r-- 1 www www 15 Dec 21 05:01 index.html
-rw-r--r-- 1 www www 696 Dec 21 05:01 showhost.jsp
[root@docker-server3 docker-compose]# cat
/apps/tomcat/webapps/SalesManager/showhost.jsp
<%@page import="java.util.Enumeration"%>
<br />
host:
<%try{out.println(""+java.net.InetAddress.getLocalHost().getHostName());}catch(Exc
eption e){}%>
<br />
remoteAddr: <%=request.getRemoteAddr()%>
<br />
remoteHost: <%=request.getRemoteHost()%>
<br />
sessionId: <%=request.getSession().getId()%>
<br />
serverName:<%=request.getServerName()%>
<br />
scheme:<%=request.getScheme()%>
<br />
<%request.getSession().setAttribute("t1","t2");%>
<%
Enumeration en = request.getHeaderNames();
while(en.hasMoreElements()){
String hd = en.nextElement().toString();
out.println(hd+" : "+request.getHeader(hd));
out.println("<br />");
}
%>
#5:启动容器:
[root@docker-server3 docker-compose]# pwd
/root/docker-compose
[root@docker-server3 docker-compose]# docker-compose up –d
#6:验证容器启动成功:
#7:查看启动日志:
[root@docker-server3 docker-compose]# docker-compose logs –f
#8:访问 haroxy 管理界面:
192.168.10.207:9999/haproxy-status
#9:访问 Nginx 静态页面:
Web1:
#web2:
#10:访问 tomcat 静态页面:
#11:访问 tomcat 动态页面:
二、docker仓库之单机docker registry
简介:
Docker Registry 作为 Docker 的核心组件之一负责镜像内容的存储与分发,客户端的 docker pull 以及 push 命令都将直接与 registry 进行交互,新的 docker register 被称为 Distribution Registry 2.4 版本之后支持了回收站机制,也就是可以删除镜像了。
通过官方提供的 docker registry 镜像来简单搭建一套本地私有仓库环境。
1、下载docker registry镜像
[root@docker-server1 ~]# docker pull registry
2、搭建docker registry
#1:创建授权使用目录:
[root@docker-server1 ~]# mkdir /docker/auth #创建一个授权使用目录
#2:创建用户:
[root@docker-server1 ~]# cd /docker
[root@docker-server1 docker]# docker run --entrypoint htpasswd registry -Bbn jack
123456 > auth/htpasswd #创建一个用户并生成密码
#3:验证用户名密码:
[root@docker-server1 docker]# cat auth/htpasswd
jack:$2y$05$8W2aO/2RXMrMzw/0M5pig..QXwUh/m/XPoW5H/XxloLLRDTepVGP6
#4:启动 docker registry:
[root@docker-server1 docker]# docker run -d -p 5000:5000 --restart=always --name registry1 -v /docker/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry
ce659e85018bea3342045f839c43b66de1237ce5413c0b6b72c0887bece5325a
#5:验证端口和容器:
#6:测试登录仓库:
#报错如下:
#解决方法: 编辑各 docker 服务器/etc/sysconfig/docker配置文件如下:
[root@docker-server1 ~]# vim /etc/sysconfig/docker
4 OPTIONS='--selinux-enabled --log-driver=journald'
9 ADD_REGISTRY='--add-registry 192.168.10.205:5000'
10 INSECURE_REGISTRY='--insecure-registry 192.168.10.205:5000'
[root@docker-server1 ~]# systemctl restart docker
[root@docker-server2 ~]# vim /etc/sysconfig/docker
4 OPTIONS='--selinux-enabled --log-driver=journald'
5 if [ -z "${DOCKER_CERT_PATH}" ]; then
6 DOCKER_CERT_PATH=/etc/docker
7 fi
8
9 ADD_REGISTRY='--add-registry 192.168.10.205:5000'
10 INSECURE_REGISTRY='--insecure-registry 192.168.10.205:5000'
[root@docker-server2 ~]# systemctl restart docker
#验证各 docker 服务器登录: #server1: #server2:
#7:在 Server1 登录后上传镜像:
#镜像打 tag:
[root@docker-server1 ~]# docker tag jack/nginx-1.10.3:v1 192.168.10.205:5000/jack/nginx-1.10.3:v1
#上传镜像:
#8:Server 2 下载镜像并启动容器:
#登录并从 docker registry 下载镜像:
[root@docker-server2 ~]# docker images
REPOSITORY TAG MAGE ID CREATED SIZE
[root@docker-server2 ~]# docker login 192.168.10.205:5000
Username (jack): jack
Password:
Login Succeeded
[root@docker-server2 ~]# docker pull 192.168.10.205:5000/jack/nginx-1.10.3:v1
#验证镜像下载成功:
#从下载的镜像启动容器:
[root@docker-server2 ~]# docker run -d --name docker-registry -p 80:80 192.168.10.205:5000/jack/nginx-1.10.3:v1 nginx
2ba24f28362e1b039fbebda94a332111c2882aa06987463ae033c630f5c9927c
#访问测试: