修改主机名称
hostname
hostnamectl set-hostname node1
关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
init swarm
docker swarm init
创建网络
docker network create -d overlay mynet
docker ui界面
docker service create \
--name=viz \
--publish=8080:8080/tcp \
--constraint=node.role==manager \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,readonly \
dockersamples/visualizer
docker ui界面 portainer
docker service create \
--name=portainer \
--publish=9000:9000 \
--constraint=node.role==manager \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \
--mount type=volume,src=portainer_data,dst=/data \
--mount type=volume,src=portainer_public,dst=/public \
portainer/portainer
docker in docker 的思路
docker run -it \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /usr/bin/docker:/usr/bin/docker \
dockerindocker:1.0 /bin/bash
docker run -it \
--name dind \
--mount type=bind,src=/usr/bin/docker,dst=/usr/bin/docker,readonly \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,readonly \
openjdk /bin/bash
docker service create \
--name dind \
--mount type=bind,src=/usr/bin/docker,dst=/usr/bin/docker,readonly \
--mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock,readonly \
--network mynet \
--constraint=node.role==manager \
openjdk
查看服务
docker service ls
查询日志
docker service logs -f --tail=n 服务名称
docker service logs -f --tail=20 viz
创建测试
docker service create --network mynet --name nginx2 zhaokuner/nginx
创建数据卷
docker volume create myregistry
使用http
vim /etc/docker/daemon.json
"insecure-registries": ["registry.access.redhat.com","quay.io","myregistry:5000"],
创建私有仓库
docker service create \
--network mynet \
--mount type=volume,src=myregistr,dst=/var/lib/registry \
-p 5000:5000 \
--name myregistry \
registry:2
docker run -d -p 5000:5000 --mount type=volume,src=myregistry,dst=/var/lib/registry --restart=always --name myregistry registry:2
http://172.16.34.149:5000/v2/
docker pull hyper/docker-registry-web
docker run -d --restart=always -p 8080:8080 --name registry-web --link myregistry -e REGISTRY_URL=http://myregistry:5000/v2 -e REGISTRY_NAME=myregistry:5000 hyper/docker-registry-web
https://docs.docker.com/registry/configuration/
/etc/docker/registry/config.yml
storage:
delete:
enabled: true
https://hub.docker.com/r/hyper/docker-registry-web
/conf/config.yml
readonly: false
config配置
echo "This is a config" | docker config create myconfig -
docker config create tomcat-server ./server.xml
docker service create --name masl --config source=tomcat-server,target=/usr/local/apache-tomcat-8.5.50/conf/server.xml --replicas 2 -p 8080:8080 tomcat
secret配置
echo '123456' | docker secret create mypwd -
docker service create --name db --secret mypwd -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mypwd mysql:5.7.27
cat /run/secrets/mypwd
执行compose.yml
docker stack deploy -c docker-compose.yml