1、docker swarm简介
2、docker swarm 实战
[root@server1 ~]# docker swarm init docker swarm 初始化
Swarm initialized: current node (6jvrjwe309ie8z0ekggh67fw8) is now a manager. server1作为管理端
To add a worker to this swarm, run the following command: 想添加woker,执行如下命令
docker swarm join --token SWMTKN-1-19b6hd1kbjsdu63asvj4bj1tv97iv83lt7nk4ay5i0267y43jh-7v8k68hsm8hl5nfcegh6j7hy3 172.25.50.1:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
[root@server2 ~]# docker swarm join --token SWMTKN-1-19b6hd1kbjsdu63asvj4bj1tv97iv83lt7nk4ay5i0267y43jh-7v8k68hsm8hl5nfcegh6j7hy3 172.25.50.1:2377
This node joined a swarm as a worker.
[root@server3 ~]# docker swarm join --token SWMTKN-1-19b6hd1kbjsdu63asvj4bj1tv97iv83lt7nk4ay5i0267y43jh-7v8k68hsm8hl5nfcegh6j7hy3 172.25.50.1:2377
This node joined a swarm as a worker.
docker swarm 集群构建完毕
[root@server1 ~]# docker node ls 查看节点,三个节点
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
6jvrjwe309ie8z0ekggh67fw8 * server1 Ready Active Leader 19.03.15
3r5yxtozgnaqujvdz860cusi7 server2 Ready Active 19.03.15
w15a1jjh4haql85l2fmreiqsp server3 Ready Active 19.03.15
如何升级server2为管理节点,独立server1节点?
[root@server1 ~]# docker node promote server2 升级server2为管理节点
Node server2 promoted to a manager in the swarm.
[root@server1 ~]# docker node demote server1 将server1降为node节点
[root@server2 ~]# docker node ls 查看所有节点
[root@server1 ~]# docker swarm leave 离开此节点server1
Node left the swarm.
[root@server2 ~]# docker node ls
[root@server2 ~]# docker node rm server1 删除server1节点
server1
3、部署docker swarm 集群部署
将server1部署为habor仓库,server2为docker-swarm管理节点,server3、server4为docker swarm 的worker节点
[root@server3 yum.repos.d]# scp docker.repo server4:/etc/yum.repos.d/ 将server3上docker.repo yum源拷贝到server4上
[root@server4 ~]# yum install docker-ce -y server4上安装docker
[root@server3 sysctl.d]# scp docker.conf server4:/etc/sysctl.d/
[root@server4 ~]# sysctl --system 使内核生效
[root@server4 ~]# systemctl enable --now docker 设置开机自启
[root@server4 ~]# docker swarm join --token SWMTKN-1-19b6hd1kbjsdu63asvj4bj1tv97iv83lt7nk4ay5i0267y43jh-7v8k68hsm8hl5nfcegh6j7hy3 172.25.50.2:2377 设置server4为docker swarm为woker节点
This node joined a swarm as a worker.
[root@server2 ~]# docker node ls 查看所有节点
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
3r5yxtozgnaqujvdz860cusi7 * server2 Ready Active Leader 19.03.15 server2为管理节点
w15a1jjh4haql85l2fmreiqsp server3 Ready Active 19.03.15 server3为worker节点
bls0x0tijsxt4ucr2gqdbfulh server4 Ready Active 19.03.15 server4为worker节点
启动habor仓库
[root@server1 ~]# cd harbor/ 进入habor目录
[root@server1 harbor]# ./install.sh --with-chartmuseum 启动
[root@server1 harbor]# docker network ls 删除没用的网络
[root@server1 harbor]# docker volume prune 删除没用的卷
[root@server1 harbor]# docker container prune 删除没用的容器
[root@server1 harbor]# docker image prune 删除没用的镜像
访问172.25.50.1
[root@server2 docker]# ssh-keygen 给server3、server4 做免密
[root@server2 docker]# ssh-copy-id server3
[root@server2 docker]# ssh-copy-id server4
[root@server3 ~]# vim /etc/hosts 在各个节点添加解析
172.25.50.1 server1 reg.westos.org
[root@server4 ~]# vim /etc/hosts
172.25.50.1 server1 reg.westos.org
[root@server2 ~]# cd /etc/docker/
[root@server2 docker]# scp -r certs.d/ server3:/etc/docker/ 将server2上证书拷贝到server3
[root@server2 docker]# scp -r certs.d/ server4:/etc/docker/ 将server2上证书拷贝到server4
[root@server2 docker]# scp daemon.json server3:/etc/docker/ 在server2拷贝指定私有仓库文件到server3上
[root@server2 docker]# scp daemon.json server4:/etc/docker/ 在server2拷贝指定私有仓库文件到server4上
[root@server3 ~]# systemctl reload docker.service 重载服务
[root@server4 ~]# systemctl reload docker.service 重载服务
[root@server2 ~]# docker service create --name myservice -p 80:80 --replicas 3 nginx 创建一个服务 ,replicas表示副本 3为3个副本
[root@server2 ~]# docker service ls 查看服务
ID NAME MODE REPLICAS IMAGE PORTS
bsnd4pmpoiga myservice replicated 3/3 nginx:latest *:80->80/tcp 有这个服务
测试:
[root@server3 ~]# docker ps 查看运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d5723d6aba19 nginx:latest "/docker-entrypoint.…" 47 minutes ago Up 47 minutes 80/tcp myservice.1.1rui3p7mdhg0ys6kudy7nr4
[root@server3 ~]# docker exec -it d5723d6aba19 bash 进入容器,并执行命令
root@d5723d6aba19:/# cd /usr/share/nginx/html/
root@d5723d6aba19:/usr/share/nginx/html# ls
50x.html index.html
root@d5723d6aba19:/usr/share/nginx/html# echo web1 > index.html
exit
[root@server4 ~]# docker ps 查看运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
17af0d0a2124 nginx:latest "/docker-entrypoint.…" 52 minutes ago Up 52 minutes 80/tcp myservice.3.skmlaoxpvljzpvb7lh8zrehe7
7c64a4ab6b65 nginx:latest "/docker-entrypoint.…" 52 minutes ago Up 52 minutes 80/tcp myservice.2.ihs0sg4kjxf6o5aqi55q7duvc
[root@server4 ~]# docker exec -it 17af0d0a2124 bash
root@17af0d0a2124:/# cd /usr/share/nginx/html/
root@17af0d0a2124:/usr/share/nginx/html# ls
50x.html index.html
root@17af0d0a2124:/usr/share/nginx/html# echo web2> index.html
exit
[root@server4 ~]# docker exec -it 7c64a4ab6b65 bash
root@7c64a4ab6b65:/# cd /usr/share/nginx/html/
root@7c64a4ab6b65:/usr/share/nginx/html# ls
50x.html index.html
root@7c64a4ab6b65:/usr/share/nginx/html# echo web3> index.html
[root@foundation50 Desktop]# curl 172.25.50.3 访问server3,自动负载均衡
web3
[root@foundation50 Desktop]# curl 172.25.50.3
web1
[root@foundation50 Desktop]# curl 172.25.50.3
web2
[root@server4 ~]# systemctl stop docker 停止server4上docker
[root@server3 ~]# docker ps 可以发现server4停掉docker,集群自动维护容器副本数,容器自动迁移,从server4迁移到server3上
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abcc7f60ed96 nginx:latest "/docker-entrypoint.…" 9 minutes ago Up 9 minutes 80/tcp myservice.3.7x6zph77nn1mcralo764b931n
19636beafbba nginx:latest "/docker-entrypoint.…" 9 minutes ago Up 9 minutes 80/tcp myservice.2.4k3v3ynjv3vvng3kboh5stsfr
d5723d6aba19 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp myservice.1.1rui3p7mdhg0ys6kudy7nr4kl
换一个镜像测试:
[root@foundation50 isos]# cd /mnt/pub/images/
[root@foundation50 images]# scp myapp.tar server1: 将下载好的myapp镜像拷贝到server1上,也可以网上拉取
[root@server1 ~]# docker load -i myapp.tar 导入镜像
[root@server1 ~]# docker tag ikubernetes/myapp:v1 reg.westos.org/library/myapp:v1 改标签
[root@server1 ~]# docker tag ikubernetes/myapp:v2 reg.westos.org/library/myapp:v2 改标签
[root@server1 ~]# docker push reg.westos.org/library/myapp:v1 将myapp:v1 上传到仓库
[root@server1 ~]# docker push reg.westos.org/library/myapp:v2 将myapp:v2 上传到仓库
[root@server2 ~]# docker service create --name myapp -p 80:80 --replicas 2 myapp:v1 创建服务
xlndwa5nv15lt1p97267fppjt
overall progress: 2 out of 2 tasks
1/2: running
2/2: running
verify: Service converged
[root@server2 ~]# docker service ls 服务已经创建成功
ID NAME MODE REPLICAS IMAGE PORTS
xlndwa5nv15l myapp replicated 2/2 myapp:v1 *:80->80/tcp
[root@foundation50 images]# curl 172.25.50.3 访问,自动均衡
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@foundation50 images]# curl 172.25.50.3/hostname.html
f813e2a9db5d 显示容器id
[root@foundation50 images]# curl 172.25.50.3/hostname.html
1b5f9bddb8b0 显示容器id
[root@foundation50 images]# curl 172.25.50.3/hostname.html
4、部署docker swarm监控
[root@foundation50 haproxy]# cd /mnt/pub/images/
[root@foundation50 images]# scp visualizer.tar server1:
[root@server1 ~]# docker load -i visualizer.tar 镜像导入容器
root@server1 ~]# docker tag dockersamples/visualizer:latest reg.westos.org/library/visualizer:latest 改标签
[root@server1 ~]# docker push reg.westos.org/library/visualizer 上传镜像到仓库
[root@server2 ~]# docker network prune 将不用的网络删除
Are you sure you want to continue? [y/N] y
Deleted Networks:
mynet1
mynet2
[root@server2 ~]# docker service create --name=viz --publish=8080:8080/tcp --constraint=node.role==manager --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock visualizer 创建服务 ,--constraint=node.role==manager将角色绑定到管理器上
访问http://172.25.50.2:8080/
扩容
[root@server2 ~]# docker service scale myapp=6 动态拉伸,将myapp增加到6个
更新镜像
[root@server2 ~]# docker service update --image myapp:v2 --update-parallelism 2 --update-delay 2s myapp 更新myapp镜像
--update-parallelism表示更新频率,--update-delay表示更新时间间隔
[root@server2 ~]# curl 172.25.50.4
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a> 版本变成v2
[root@server2 ~]# curl 172.25.50.4/hostname.html 访问,自动负载均衡
412ccee58d89
[root@server2 ~]# curl 172.25.50.4/hostname.html
30743dc5be0c
[root@server2 ~]# curl 172.25.50.4/hostname.html
956313139e23
[root@server2 ~]# curl 172.25.50.4/hostname.html
f4b6c28b7590
[root@server2 ~]# curl 172.25.50.4/hostname.html
版本回滚
[root@server2 ~]# docker service rollback myapp 版本回滚
[root@server2 ~]# curl 172.25.50.4
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
5、 编写compose文件部署服务和监控:stack 替换了compose
[root@server2 ~]# docker service rm myapp 删除服务
myapp
[root@server2 ~]# docker service rm viz 删除服务
viz
[root@server2 ~]# mkdir stack 创建目录
[root@server2 ~]# cd stack/
[root@server2 stack]# vim docker-compose.yml
version: "3.8"
services:
visualizer: 添加监控
image: visualizer:latest
ports:
- "8080:8080"
stop_grace_period: 1m30s
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
deploy:
placement:
constraints:
- "node.role==manager"
myapp: myapp服务部署
image: myapp:v1
ports:
- "80:80"
deploy:
replicas: 3 添加副本
update_config: 更新
parallelism: 2
delay: 2s
restart_policy:
condition: on-failure
[root@server2 stack]# docker stack deploy -c docker-compose.yml mystack deploy表示部署新的stack或者更新,-c表示指定compose文件
Creating network mystack_default
Creating service mystack_myapp
Creating service mystack_visualizer
访问http://172.25.50.2:8080/
[root@server2 stack]# vim docker-compose.yml 编辑文件
[root@server2 stack]# docker stack deploy -c docker-compose.yml mystack
Updating service mystack_visualizer (id: wyjcu7jzmxxm6ygp776xtqypo)
Updating service mystack_myapp (id: i41cfseq9ptg7d7ly47jdlml3)
6、可视化容器管理工具 Portainer
[root@foundation50 images]# cd /mnt/pub/docker/portainer/
[root@foundation50 portainer]# scp portainer.tar portainer-agent.tar server1:
[root@server1 ~]# docker load -i portainer.tar 导入镜像
[root@server1 ~]# docker load -i portainer-agent.tar 导入镜像
在habort仓库点击新建项目
[root@server1 ~]# docker tag portainer/portainer:latest reg.westos.org/portainer/portainer:latest 改标签
[root@server1 ~]# docker push reg.westos.org/portainer/portainer:latest 上传镜像到仓库
[root@server1 ~]# docker tag portainer/agent:latest reg.westos.org/portainer/agent:latest 改标签
[root@server1 ~]# docker push reg.westos.org/portainer/agent:latest 上传镜像到仓库
[root@foundation50 portainer]# scp portainer-agent-stack.yml server2: 将下载好的配置文件拷贝到server2上
[root@server2 ~]# docker stack deploy -c portainer-agent-stack.yml mystack
Creating network mystack_agent_network
Creating service mystack_agent
Creating service mystack_portainer
访问:http://172.25.50.2:9000/
