Docker Machine是一个安装和管理 Docker 的工具, 它有自己的命令行工具:docker-machine。
Docker Machine简化了Docker的安装和远程管理, 不仅可以管理安装本地的docker服务和管理docker容器,也可以管理远程主机上面运行的
docker程序.
主要的执行步骤如下:
1.创建ssh密钥,并传送到远程主机
2.docker-machine 为远程主机安装docker
3.本地登录远程主机并执行命令
docker-machine create --driver generic --generic-ip-address=192.168.11.151 --generic-ssh-key ~/.ssh/id_rsa --generic-ssh-user=lin host1
docker-machine env
1.创建ssh密钥,并传送到远程主机
1.1 创建ssh密钥
root@lin:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:SSLhhgQ7S18RaW2lGn7IB898c+2WqILeDh8eznH81dY root@lin
The key's randomart image is:
+---[RSA 2048]----+
|... .o+ .. |
| o o +.o. |
|o.. =+o.. |
|.o..+.Oo . . |
|. . = *So . . |
| o o o o o .|
| ..+ o . = oE|
| .B.= o o . |
| ...B.. . |
+----[SHA256]-----+
1.2 添加ssh文件到远程主机
root@lin:~# ssh-copy-id -i ~/.ssh/id_rsa.pub lin@192.168.12.151
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lin@192.168.12.151's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'lin@192.168.12.151'"
and check to make sure that only the key(s) you wanted were added.
docker-machine create -d generic --generic-ip-address=192.168.12.151 --generic-ssh-key ~/.ssh/id_rsa --generic-ssh-user=lin host2
2.docker-machine 为远程主机安装docker
root@lin:~# docker-machine create -d generic --generic-ip-address=192.168.12.151 --generic-ssh-key ~/.ssh/id_rsa --generic-ssh-user=lin host1
Running pre-create checks...
Creating machine...
(host1) Importing SSH key...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env host1
安装日志查看:
3.查看远程主机docker
root@lin:~# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
host1 - generic Running tcp://192.168.12.151:2376 v17.12.0-ce
4.登录远程主机查看docker信息
root@host1:~# cat /etc/systemd/system/docker.service.d/10-machine.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --storage-driver aufs --tlsverify --tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=generic
Environment=
查看docker进程:
root@host1:~# ps aux |grep docker
root 9185 0.0 1.3 495084 53804 ? Ssl 21:33 0:00 /usr/bin/dockerd -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --storage-driver aufs --tlsverify --tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=generic
root 9204 0.0 0.6 225496 25516 ? Ssl 21:33 0:00 docker-containerd --config /var/run/docker/containerd/containerd.toml
root 9788 0.0 0.0 21292 948 pts/17 S+ 21:39 0:00 grep --color=auto docker
root@host1:~#
-H tcp://0.0.0.0:2376 使 docker daemon 接受远程连接。
--tls* 对远程连接启用安全认证和加密。
远程主机名称被修改:
root@host1:~# hostname
host1
本地主机启动远程主机docker:
[root@lin ~]# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
host1 - generic Running tcp://192.168.12.151:2376 v17.12.0-ce
[root@lin ~]# eval $(docker-machine env host1)
[root@lin ~ [host1]]# docker run -itd busybox
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
0ffadd58f2a6: Pull complete
Digest: sha256:bbc3a03235220b170ba48a157dd097dd1379299370e1ed99ce976df0355d24f0
Status: Downloaded newer image for busybox:latest
8c0414aa5b4e27185ee8949034dd120e3df5c7d6a51112d4a71b1787f1472c78
[root@lin ~ [host1]]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8c0414aa5b4e busybox "sh" 47 seconds ago Up 46 seconds kind_joliot
远程主机查看:
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8c0414aa5b4e busybox "sh" 14 seconds ago Up 13 seconds kind_joliot
启动另外一个docker主机:
[root@lin ~ [host1]]# docker-machine create -d generic --generic-ip-address=192.168.12.196 --generic-ssh-key ~/.ssh/id_rsa --generic-ssh-user=lin host3
Running pre-create checks...
Creating machine...
(host2) Importing SSH key...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env host3
[root@lin ~ [host1]]# eval $(docker-machine env host2)
[[root@lin ~ [host2]]# docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS
host1 * generic Running tcp://192.168.12.151:2376 v17.12.0-ce
host3 - generic Running tcp://192.168.12.196:2376 v17.12.0-ce
其他docker-machine命令:
docker-machine upgrade 更新 machine 的 docker 到最新版本,可以批量执行
[root@lin ~]# docker-machine upgrade host1
Waiting for SSH to be available...
Detecting the provisioner...
Upgrading docker...
Restarting docker...
docker-machine config 查看 machine 的 docker daemon 配置:
[root@lin ~]# docker-machine config host1
--tlsverify
--tlscacert="/root/.docker/machine/machines/host1/ca.pem"
--tlscert="/root/.docker/machine/machines/host1/cert.pem"
--tlskey="/root/.docker/machine/machines/host1/key.pem"
-H=tcp://192.168.12.151:2376
stop/start/restart 是对 machine 的操作系统操作,而 不是 stop/start/restart docker daemon。
docker-machine scp 可以在不同 machine 之间拷贝文件,比如:
docker-machine scp host1:/tmp/a host2:/tmp/b
获取远程主机URL,并在主机上执行命令:
[root@lin ~ [host3]]# docker-machine url host1
tcp://192.168.12.151:2376
[root@lin ~ [host3]]# docker -H tcp://192.168.12.151:2376 ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
其他命令:
Commands:
active Print which machine is active
config Print the connection config for machine
create Create a machine
env Display the commands to set up the environment for the Docker client
inspect Inspect information about a machine
ip Get the IP address of a machine
kill Kill a machine
ls List machines
provision Re-provision existing machines
regenerate-certs Regenerate TLS Certificates for a machine
restart Restart a machine
rm Remove a machine
ssh Log into or run a command on a machine with SSH.
scp Copy files between machines
mount Mount or unmount a directory from a machine with SSHFS.
start Start a machine
status Get the status of a machine
stop Stop a machine
upgrade Upgrade a machine to the latest version of Docker
url Get the URL of a machine
version Show the Docker Machine version or a machine docker version