Docker swarm 应用:
镜像准备:
参照Docker学习笔记13,创建centos-nginx:v1的镜像:
[root@swarm-1 nginxtest]# docker build -t centos-nginx:v1 .
[+] Building 211.5s (12/13)
[+] Building 211.7s (12/13)
[+] Building 211.8s (13/14)
[+] Building 212.0s (13/14)
[+] Building 212.1s (13/14)
[+] Building 212.3s (13/14)
[+] Building 212.5s (13/14)
[+] Building 212.6s (13/14)
[+] Building 212.8s (13/14)
[+] Building 212.9s (13/14)
[+] Building 213.1s (13/14)
[+] Building 213.2s (14/14) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 545B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/centos:latest 11.5s
=> [1/9] FROM docker.io/library/centos:latest@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c4 27.3s
=> => resolve docker.io/library/centos:latest@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c47 0.0s
=> => sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177 762B / 762B 0.0s
=> => sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc 529B / 529B 0.0s
=> => sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6 2.14kB / 2.14kB 0.0s
=> => sha256:a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1d360dad82bb913f8a1d1 83.52MB / 83.52MB 14.7s => => extracting sha256:a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1d360dad82bb913f8a1d1 12.3s => [internal] load build context 0.0s => => transferring context: 58B 0.0s => [2/9] RUN cd /etc/yum.repos.d 1.3s => [3/9] RUN sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* 0.6s => [4/9] RUN sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d 0.4s => [5/9] RUN yum makecache 77.5s => [6/9] RUN yum install -y epel-release 14.0s => [7/9] RUN yum install -y nginx 78.7s => [8/9] ADD index.html /usr/share/nginx/html/ 0.0s => [9/9] RUN echo "daemon off;" >> /etc/nginx/nginx.conf # 取消nginx为daemon身份运行 0.3sporting to image 1.3s
=> exporting to image 1.4s
=> => exporting layers 1.4s
=> => writing image sha256:a361056cbdebc98deb4f28b3a5f1b0a1fcff1265b6d6d6eacebc41ba898e0a8d 0.0s
=> => naming to docker.io/library/centos-nginx:v1 给这个镜像打标签:
[root@swarm-1 nginxtest]# docker tag centos-nginx:v1 192.168.17.10/library/centos-nginx:v1
[root@swarm-1 nginxtest]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.17.10/library/centos-nginx v1 a361056cbdeb 7 minutes ago 401MB
centos-nginx v1 a361056cbdeb 7 minutes ago 401MB
在执行docker login的时候遇到一个问题:
Error response from daemon: Get https://.. 443: connect: connection refused
网上说这个在/etc/docker/daemon.json增加配置即可,也可以在/usr/lib/systemd/system/docker.service文件修改如下信息也开始可以的。
但是两者不能同时配置。
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --insecure-registry=192.168.17.10
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always
登录的时候我使用:docker login http://swarm-1命令出现登录错误。
但是我直接使用IP地址则登录成功:老师说也尽量使用IP地址。
[root@swarm-1 nginxtest]# docker login 192.168.17.10
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@swarm-1 nginxtest]#
上传镜像:
[root@swarm-1 nginxtest]# docker push 192.168.17.10/library/centos-nginx:v1
The push refers to repository [192.168.17.10/library/centos-nginx]
c31095dbe72e: Pushed
15eb46368797: Pushed
f0a8920e6d2e: Pushed
142e7025bba6: Pushed
beaedf47df3d: Pushed
5f8cd1ed84b0: Pushed
fc4701f98edc: Pushed
5f70bf18a086: Pushed
74ddd0ec08fa: Pushed
v1: digest: sha256:c2929f9150abe3c252d413391957fb60706862fe5576535ce30536b4eda72748 size: 2201
[root@swarm-1 nginxtest]#
检查centos-nginx镜像上传成功:
这个是上传的v1版本。
然后现在我们再编辑index.html文件,v1字符改成v2。
然后再次进行打包操作:
[root@swarm-1 nginxtest]# docker build -t 192.168.17.10/library/centos-nginx:v2 .
[+] Building 20.7s (12/13)
[+] Building 20.8s (13/13)
[+] Building 20.8s (14/14) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 545B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/centos:latest 20.5s
=> [1/9] FROM docker.io/library/centos:latest@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c47 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 58B 0.0s
=> CACHED [2/9] RUN cd /etc/yum.repos.d 0.0s
=> CACHED [3/9] RUN sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* 0.0s
=> CACHED [4/9] RUN sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum. 0.0s
=> CACHED [5/9] RUN yum makecache 0.0s
=> CACHED [6/9] RUN yum install -y epel-release 0.0s
=> CACHED [7/9] RUN yum install -y nginx 0.0s => [8/9] ADD index.html /usr/share/nginx/html/ 0.0s => [9/9] RUN echo "daemon off;" >> /etc/nginx/nginx.conf # 取消nginx为daemon身份运行 0.3s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:2ae4732b884d17c1306ed8e659a7a658e1704510c4164a75358935b39e98c5f1 0.0s
=> => naming to 192.168.17.10/library/centos-nginx:v2 0.0s
[root@swarm-1 nginxtest]#
然后我们再将这个v2版本的镜像进行上传操作,这个时候就不要用再docker login操作了。:
[root@swarm-1 nginxtest]# docker push 192.168.17.10/library/centos-nginx:v2
The push refers to repository [192.168.17.10/library/centos-nginx]
a24e26402f66: Pushed
a4fb63f10d36: Pushed
f0a8920e6d2e: Layer already exists
142e7025bba6: Layer already exists
beaedf47df3d: Layer already exists
5f8cd1ed84b0: Layer already exists
fc4701f98edc: Layer already exists
5f70bf18a086: Layer already exists
74ddd0ec08fa: Layer already exists
v2: digest: sha256:420aaddbb537ea014cafda718148aaea78d219c6bb634f7ef859bf3aa6444b63 size: 2201
再次到harbor中检查下上传镜像的情况:
发布一个服务:
在管理节点发布服务。
swarm mode中对外暴露的是服务service概念,而不是容器。在swarm mode的设计中,为了保证高可用架构,它准许同时启动多个容器共同支撑一个服务,如果一个容器挂了,它会自动使用另一个容器。
[root@swarm-1 nginxtest]# docker service --help
Usage: docker service COMMAND
Manage Swarm services
Commands:
create Create a new service
inspect Display detailed information on one or more services
logs Fetch the logs of a service or task
ls List services
ps List the tasks of one or more services
rm Remove one or more services
rollback Revert changes to a service's configuration
scale Scale one or multiple replicated services
update Update a service
Run 'docker service COMMAND --help' for more information on a command.
[root@swarm-1 nginxtest]#
临时举一个例子:
docker service create --replicas 3 --mount "type=bind, source=$PWD, target=/var/lib/registry" --publish 8080:80 --name helloworld centos7.5-base:v1
ping www.baidu.com 说明:
1)使用centos7.5-base:v1镜像创建一个helloworld服务。
2)--replicas 3 容器复制3份,即共三份。
3)--mount: 数据卷挂载至容器主机,类似于docker run -v选项。
4)--publish:将容器端口映射至容器主机端口,类似于docker run -p选项,可以访问集群中任一个主机均可访问到容器所提供的服务。
5)--name 为服务名称,服务即swarm对外提供的概念。
6)容器镜像最好换成可以实现访问的镜像来创建。
现在:
[root@swarm-1 ~]# docker service create --replicas 2 --publish 8090:80 --name nginxsvc 192.168.17.10/library/centos-nginx:v1
说明:
创建了2个副本,那这个容器可能就在三个node上跑。
[root@swarm-1 ~]# docker service create --replicas 2 --publish 8090:80 --name nginxsvc 192.168.17.10/library/centos-nginx:v1
6idvc01w6gemu04vu2ymj71e6
overall progress: 2 out of 2 tasks
1/2: running [==================================================>]
2/2: running [==================================================>]
verify: Service converged
[root@swarm-1 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
6idvc01w6gem nginxsvc replicated 2/2 192.168.17.10/library/centos-nginx:v1 *:8090->80/tcp
[root@swarm-1 ~]#
[root@swarm-1 ~]#
[root@swarm-1 ~]# docker service ps nginxsvc
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
ozs9yvsllvie nginxsvc.1 192.168.17.10/library/centos-nginx:v1 swarm-2 Running Running 3 minutes ago
027zzb0h1g8k nginxsvc.2 192.168.17.10/library/centos-nginx:v1 swarm-1 Running Running 4 minutes ago
[root@swarm-1 ~]#
我们怎么访问我们的服务了?
我们从
http://192.168.17.10:8090
http://192.168.17.20:8090
http://192.168.17.30:8090
地址都可以访问到网页。
scale规模扩大和缩小:
扩大:
[root@swarm-1 ~]# docker service scale nginxsvc=3
nginxsvc scaled to 3
overall progress: 3 out of 3 tasks
1/3: running
2/3: running
3/3: running
verify: Service converged
[root@swarm-1 ~]#
[root@swarm-1 ~]# docker service ps nginxsvc
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
ozs9yvsllvie nginxsvc.1 192.168.17.10/library/centos-nginx:v1 swarm-2 Running Running 9 minutes ago
027zzb0h1g8k nginxsvc.2 192.168.17.10/library/centos-nginx:v1 swarm-1 Running Running 10 minutes ago
kzqdhwob8od9 nginxsvc.3 192.168.17.10/library/centos-nginx:v1 swarm-3 Running Running 47 seconds ago
缩小:
[root@swarm-1 ~]# docker service scale nginxsvc=1
nginxsvc scaled to 1
overall progress: 1 out of 1 tasks
1/1: running
verify: Service converged
[root@swarm-1 ~]#
[root@swarm-1 ~]# docker service ps nginxsvc
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
ozs9yvsllvie nginxsvc.1 192.168.17.10/library/centos-nginx:v1 swarm-2 Running Running 11 minutes ago
这个时候,我们从三个网址仍然可以访问到服务。
滚动更新版本:
滚动更新可以在用户端无感知的情况下进行软件升级:
[root@swarm-1 ~]# docker service update --image 192.168.17.10/library/centos-nginx:v2 nginxsvc
nginxsvc
overall progress: 1 out of 1 tasks
1/1: running
verify: Service converged
然后再在浏览器中验证页面是否变为v2,发现立即更新了。
速度非常快。
所以,这个命令要熟练。
版本回退:
[root@swarm-1 ~]# docker service update --image 192.168.17.10/library/centos-nginx:v1 nginxsvc
nginxsvc
overall progress: 1 out of 1 tasks
1/1: running
verify: Service converged
[root@swarm-1 ~]#
发现版本回退也还非常快的。
间隔更新方法:
[root@swarm-1 ~]# docker service update --replicas 3 --image 192.168.17.10/library/centos-nginx:v2 --update-parallelism 1 --update-delay 30s nginxsvc
nginxsvc
overall progress: 3 out of 3 tasks
1/3: running
2/3: running
3/3: running
verify: Service converged
[root@swarm-1 ~]#
说明:
1)--update --parallelism: 每次更新一个。
2)--update-delay: 延迟时间,一个更新好之后,延迟多少秒,然后再更新第二个。
移除服务:
[root@swarm-1 ~]# docker service rm nginxsvc
nginxsvc
