| 知乎專欄 | 多維度架構 | 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者” |
Swarm 是一組運行着Docker的機器。經過這些配置後,將節點加入到一個集群中,你仍然像之前那樣運行Docker命令一樣管理集群上的容器。這些命令由swarm manager在集群上執行。這些機器可以是真實的機器,也可以是虛擬機。機器加入到一個swarm後,可以稱這些機器為節點(node)。
幫助命令
neo@MacBook-Pro ~ % docker-machine Usage: docker-machine [OPTIONS] COMMAND [arg...] Create and manage machines running Docker. Version: 0.16.1, build cce350d7 Author: Docker Machine Contributors - <https://github.com/docker/machine> Options: --debug, -D Enable debug mode --storage-path, -s "/Users/neo/.docker/machine" Configures storage path [$MACHINE_STORAGE_PATH] --tls-ca-cert CA to verify remotes against [$MACHINE_TLS_CA_CERT] --tls-ca-key Private key to generate certificates [$MACHINE_TLS_CA_KEY] --tls-client-cert Client cert to use for TLS [$MACHINE_TLS_CLIENT_CERT] --tls-client-key Private key used in client TLS auth [$MACHINE_TLS_CLIENT_KEY] --github-api-token Token to use for requests to the Github API [$MACHINE_GITHUB_API_TOKEN] --native-ssh Use the native (Go-based) SSH implementation. [$MACHINE_NATIVE_SSH] --bugsnag-api-token BugSnag API token for crash reporting [$MACHINE_BUGSNAG_API_TOKEN] --help, -h show help --version, -v print the version Commands: active Print which machine is active config Print the connection config for machine create Create a machine env Display the commands to set up the environment for the Docker client inspect Inspect information about a machine ip Get the IP address of a machine kill Kill a machine ls List machines provision Re-provision existing machines regenerate-certs Regenerate TLS Certificates for a machine restart Restart a machine rm Remove a machine ssh Log into or run a command on a machine with SSH. scp Copy files between machines mount Mount or unmount a directory from a machine with SSHFS. start Start a machine status Get the status of a machine stop Stop a machine upgrade Upgrade a machine to the latest version of Docker url Get the URL of a machine version Show the Docker Machine version or a machine docker version help Shows a list of commands or help for one command Run 'docker-machine COMMAND --help' for more information on a command.
neo@MacBook-Pro ~ % docker-machine version docker-machine version 0.16.1, build cce350d7
neo@MacBook-Pro ~/workspace/docker/docker-compose % docker swarm init
Swarm initialized: current node (t8gqr7wfyeis9n8wuegy4j6gn) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-5w5joob510ug74m9vfn2j1a41nox3ddh6eiyrpgonm38zaoj5c-bo2q6tdem9ihd68gryue1b42x 192.168.65.3:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
neo@MacBook-Pro ~ % docker swarm join-token manager
To add a manager to this swarm, run the following command:
docker swarm join --token SWMTKN-1-200v95u6lkow6wyxne1ll44rhhwy1zfvawnrqo39i44sqay8vp-1vltkdz94y79mgech56wtnj9n 192.168.65.3:2377
使用VirtualBox驅動,創建虛擬機:
neo@MacBook-Pro ~ % docker-machine create --driver virtualbox vm1 neo@MacBook-Pro ~ % docker-machine create --driver virtualbox vm2
配置虛擬機作為manager節點,用以執行管理命令並准許其他worker加入到swarm中。
$ docker-machine ssh vm1 "docker swarm init --advertise-addr <ip_address>"
加入到管理節點
$ docker-machine ssh vm2 "docker swarm join \ --token <token> \ <ip>:2377"
查看節點列表
$ docker-machine ssh vm1 "docker node ls"
$ docker-machine env vm1
現在運行docker-machine ls來驗證vm1就是當前的活躍機器,會有星號標識:
$ docker-machine ls
eval $(docker-machine env vm1)
重置 shell 環境
neo@MacBook-Pro ~ % docker-machine env -u unset DOCKER_TLS_VERIFY unset DOCKER_HOST unset DOCKER_CERT_PATH unset DOCKER_MACHINE_NAME # Run this command to configure your shell: # eval $(docker-machine env -u)
eval $(docker-machine env -u)
stack 是一組相互關聯的services,這些services之間相互依賴,並能夠一起進行編排和scale。單個stack就能夠定義和協調整個應用程序的功能.
Stack 使用 docker-compose.yml 部署,Stack 與 docker-compose 的區別是,Stack 無法 build 鏡像,不支持 v2會v1 版本的 docker-compose.yml
創建 docker-compose.yml
version: "3"
services:
web:
# replace username/repo:tag with your name and image details
image: nginx
deploy:
replicas: 5
restart_policy:
condition: on-failure
resources:
limits:
cpus: "0.1"
memory: 50M
ports:
- "80:80"
networks:
- webnet
visualizer:
image: dockersamples/visualizer:stable
ports:
- "8080:8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
deploy:
placement:
constraints: [node.role == manager]
networks:
- webnet
networks:
webnet:
部署 docker-compose.yml
neo@MacBook-Pro ~ % docker stack deploy -c docker-compose.yml visualizer Creating service visualizer_web Creating service visualizer_visualizer
查看部署
neo@MacBook-Pro ~ % docker stack ls NAME SERVICES ORCHESTRATOR visualizer 2 Swarm
neo@MacBook-Pro ~ % docker stack services visualizer ID NAME MODE REPLICAS IMAGE PORTS h6vpdk8wqr8w visualizer_visualizer replicated 1/1 dockersamples/visualizer:stable *:8080->8080/tcp tm5rre8d4kni visualizer_web replicated 5/5 nginx:latest *:80->80/tcp
neo@MacBook-Pro ~ % docker stack ps visualizer ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS rnkgapj5oozr visualizer_visualizer.1 dockersamples/visualizer:stable linuxkit-025000000001 Running Running 24 minutes ago msstp0uavxpf \_ visualizer_visualizer.1 dockersamples/visualizer:stable linuxkit-025000000001 Shutdown Rejected 31 minutes ago "No such image: dockersamples/…" 1jmhrzmlsy0j \_ visualizer_visualizer.1 dockersamples/visualizer:stable linuxkit-025000000001 Shutdown Rejected 31 minutes ago "No such image: dockersamples/…" p7iyq0147oh0 \_ visualizer_visualizer.1 dockersamples/visualizer:stable linuxkit-025000000001 Shutdown Rejected 31 minutes ago "No such image: dockersamples/…" jdc7cx00a994 \_ visualizer_visualizer.1 dockersamples/visualizer:stable linuxkit-025000000001 Shutdown Rejected 32 minutes ago "No such image: dockersamples/…" pttqpa4z21id visualizer_web.1 nginx:latest linuxkit-025000000001 Running Running 30 minutes ago rappf97c8dtb visualizer_web.2 nginx:latest linuxkit-025000000001 Running Running 30 minutes ago t3dcjqf0fsly visualizer_web.3 nginx:latest linuxkit-025000000001 Running Running 30 minutes ago jtztvsqccb5d visualizer_web.4 nginx:latest linuxkit-025000000001 Running Running 30 minutes ago ldb92uky85oc visualizer_web.5 nginx:latest linuxkit-025000000001 Running Running 30 minutes ago
neo@MacBook-Pro ~ % docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION t8gqr7wfyeis9n8wuegy4j6gn * linuxkit-025000000001 Ready Active Leader 18.09.2
neo@MacBook-Pro ~ % docker service ls ID NAME MODE REPLICAS IMAGE PORTS h6vpdk8wqr8w visualizer_visualizer replicated 1/1 dockersamples/visualizer:stable *:8080->8080/tcp tm5rre8d4kni visualizer_web replicated 5/5 nginx:latest *:80->80/tcp
neo@MacBook-Pro ~ % docker stack rm visualizer Removing service visualizer_visualizer Removing service visualizer_web Removing network visualizer_webnet
neo@MacBook-Pro ~ % docker service Usage: docker service COMMAND Manage services Commands: create Create a new service inspect Display detailed information on one or more services logs Fetch the logs of a service or task ls List services ps List the tasks of one or more services rm Remove one or more services rollback Revert changes to a service's configuration scale Scale one or multiple replicated services update Update a service Run 'docker service COMMAND --help' for more information on a command.
$ docker service create \ --replicas 10 \ --name ping_service \ alpine ping www.netkiller.cn
$ docker service create --replicas 1 --name my-prometheus \
--mount type=bind,source=/tmp/prometheus.yml,destination=/etc/prometheus/prometheus.yml \
--publish published=9090,target=9090,protocol=tcp \
prom/prometheus
iMac:redis neo$ docker stack deploy -c redis.yml redis Creating service redis_redis
![[提示]](/graphics/tip.png) | 提示 |
|---|---|
|
--mount 不允許使用相對路徑,小技巧 `pwd`/prometheus.yml
docker service create --replicas 1 --name my-prometheus \
--mount type=bind,source=`pwd`/prometheus.yml,destination=/etc/prometheus/prometheus.yml \
--publish published=9090,target=9090,protocol=tcp \
prom/prometheus
|
iMac:docker neo$ docker service rm prometheus prometheus
如果是 stack 部署的也可以這樣刪除
iMac:redis neo$ docker stack rm redis Removing service redis_redis
iMac:redis neo$ docker service inspect redis_redis
[
{
"ID": "kpqopqq10a2yi1rdecuf1246q",
"Version": {
"Index": 10148
},
"CreatedAt": "2020-09-26T14:19:53.920458941Z",
"UpdatedAt": "2020-09-26T14:19:53.922204086Z",
"Spec": {
"Name": "redis_redis",
"Labels": {
"com.docker.stack.image": "redis:latest",
"com.docker.stack.namespace": "redis"
},
"TaskTemplate": {
"ContainerSpec": {
"Image": "redis:latest@sha256:1cfb205a988a9dae5f025c57b92e9643ec0e7ccff6e66bc639d8a5f95bba928c",
"Labels": {
"com.docker.stack.namespace": "redis",
"desktop.docker.io/mounts/0/Source": "/Users/neo/workspace/docker/docker-compose/redis/redis.conf",
"desktop.docker.io/mounts/0/SourceKind": "hostFile",
"desktop.docker.io/mounts/0/Target": "/etc/redis/redis.conf"
},
"Args": [
"entrypoint.sh",
"/etc/redis/redis.conf"
],
"Hostname": "redis",
"Env": [
"TZ=Asia/Shanghai"
],
"Privileges": {
"CredentialSpec": null,
"SELinuxContext": null
},
"Mounts": [
{
"Type": "bind",
"Source": "/host_mnt/Users/neo/workspace/docker/docker-compose/redis/redis.conf",
"Target": "/etc/redis/redis.conf"
},
{
"Type": "bind",
"Source": "/var/lib/redis",
"Target": "/var/lib/redis"
},
{
"Type": "bind",
"Source": "/var/log/redis",
"Target": "/var/log/redis"
}
],
"StopGracePeriod": 10000000000,
"DNSConfig": {},
"Isolation": "default"
},
"Resources": {
"Limits": {
"NanoCPUs": 1000000000,
"MemoryBytes": 536870912
}
},
"RestartPolicy": {
"Condition": "any",
"Delay": 5000000000,
"MaxAttempts": 0
},
"Placement": {
"Platforms": [
{
"Architecture": "amd64",
"OS": "linux"
},
{
"OS": "linux"
},
{
"OS": "linux"
},
{
"Architecture": "arm64",
"OS": "linux"
},
{
"Architecture": "386",
"OS": "linux"
},
{
"Architecture": "mips64le",
"OS": "linux"
},
{
"Architecture": "ppc64le",
"OS": "linux"
},
{
"Architecture": "s390x",
"OS": "linux"
}
]
},
"Networks": [
{
"Target": "gvcz5y66ovrlqfaxb02zx026t",
"Aliases": [
"redis"
]
}
],
"ForceUpdate": 0,
"Runtime": "container"
},
"Mode": {
"Replicated": {
"Replicas": 1
}
},
"UpdateConfig": {
"Parallelism": 1,
"Delay": 5000000000,
"FailureAction": "pause",
"Monitor": 10000000000,
"MaxFailureRatio": 0.1,
"Order": "start-first"
},
"RollbackConfig": {
"Parallelism": 1,
"FailureAction": "pause",
"Monitor": 5000000000,
"MaxFailureRatio": 0,
"Order": "stop-first"
},
"EndpointSpec": {
"Mode": "vip",
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 6379,
"PublishedPort": 6379,
"PublishMode": "ingress"
}
]
}
},
"Endpoint": {
"Spec": {
"Mode": "vip",
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 6379,
"PublishedPort": 6379,
"PublishMode": "ingress"
}
]
},
"Ports": [
{
"Protocol": "tcp",
"TargetPort": 6379,
"PublishedPort": 6379,
"PublishMode": "ingress"
}
],
"VirtualIPs": [
{
"NetworkID": "7r7k9robn0uuojuxl1es2wdds",
"Addr": "10.0.0.42/24"
},
{
"NetworkID": "gvcz5y66ovrlqfaxb02zx026t",
"Addr": "172.12.0.2/16"
}
]
}
}
]
docker network create \ --driver=overlay \ --subnet=172.12.0.0/16 \ --ip-range=172.12.0.0/16 \ --gateway=172.12.0.1 \ --attachable \ test
iMac:redis neo$ docker network ls NETWORK ID NAME DRIVER SCOPE 786efe30f42d bridge bridge local 51e2b21d7daa docker_gwbridge bridge local 96ba0de26cd2 host host local 7r7k9robn0uu ingress overlay swarm cbf078a5f121 none null local d851mrlkludv redis_default overlay swarm q0h9awx86ef4 registry_default overlay swarm cf585ea9ceb4 registry_default bridge local gvcz5y66ovrl test overlay swarm
查看詳細信息
iMac:redis neo$ docker network inspect test
[
{
"Name": "test",
"Id": "gvcz5y66ovrlqfaxb02zx026t",
"Created": "2020-09-26T14:07:49.037581155Z",
"Scope": "swarm",
"Driver": "overlay",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.12.0.0/16",
"IPRange": "172.12.0.0/16",
"Gateway": "172.12.0.1"
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": null,
"Options": {
"com.docker.network.driver.overlay.vxlanid_list": "4104"
},
"Labels": null
}
]
swarm 不能使用 -v /mysite:/usr/share/nginx/html 掛載卷,系統會提示
unknown shorthand flag: 'v' in -v See 'docker service create --help'.
$ docker service create --name nginx \ --mount type=bind,source=`pwd`/static-site,target=/usr/share/nginx/html \ -p 80:80 nginx
$ docker service create --name nginx \ --mount type=volume,source=web,target=/usr/share/nginx/html \ -p 80:80 nginx