Docker之swarm集群

Docker之swarm集群

官方网站:

https://docs.docker.com/swarm/install-w-machine/

环境:

CentOS 7.0

docker-engine-1.11.2

swarm-m.example.com(192.168.8.101)

swarm-a1.example.com(192.168.8.102)

swarm-a2.example.com(192.168.8.103)

说明:swarm支持多种discovery方式

Docker Hub内置的服务发现功能，这也是官网示例演示的方式

本地的静态文件描述集群(static file describing the cluster)

etcd，请参看Docker GUI之Shipyard

consul，请参看Docker集群之Swarm+Consul+Shipyard

zookeeper和一些静态的ip列表(a static list of ips)

[root@swarm-m ~]# docker run --rm swarm list --help

Usage: swarm list [OPTIONS]

List nodes in a cluster

Arguments:

discovery service to use [$SWARM_DISCOVERY]

* token://

* consul:///

* etcd://,/

* file://path/to/file

* zk://,/

* [nodes://],

Options:

--timeout "10s" timeout period

--discovery-opt [--discovery-opt option --discovery-opt option] discovery options

示例:

--discovery dockerhost01:2375,dockerhost02:2375,dockerhost03:2375

--discovery file:///opt/swarm_config

--discovery zk://zkhost01,zkhost02,zkhost03/swarm

--discovery etcd://etcdhost01/swarm

--discovery consul://consulhost01/swarm

一.安装docker

请参看CentOS6/7 docker安装

二.拉取swarm镜像

docker pull swarm

方式一:本地的静态文件描述集群

配置swarm manager

swarm-m.example.com(192.168.8.101)

cat >/opt/swarm_cluster<<HERE

192.168.8.102:2375

192.168.8.103:2375

HERE

docker run -tid --restart=always

-p 3375:3375

-h swarm-m

--name=swarm-m

-v /opt/swarm_cluster:/.swarm/swarm_cluster

swarm manage -H 0.0.0.0:3375

file:///.swarm/swarm_cluster

添加swarm agent

swarm-a1.example.com(192.168.8.102)

cat >/opt/swarm_cluster<<HERE

192.168.8.102:2375

192.168.8.103:2375

HERE

docker run -tid --restart=always

-h swarm-a1

--name=swarm-a1

-v /opt/swarm_cluster:/.swarm/swarm_cluster

swarm join --addr=192.168.8.102:2375

file:///.swarm/swarm_cluster

swarm-a2.example.com(192.168.8.103)

cat >/opt/swarm_cluster<<HERE

192.168.8.102:2375

192.168.8.103:2375

HERE

docker run -tid --restart=always

-h swarm-a2

--name=swarm-a2

-v /opt/swarm_cluster:/.swarm/swarm_cluster

swarm join --addr=192.168.8.103:2375

file:///.swarm/swarm_cluster

[root@swarm-m ~]# docker run --rm -v /opt/swarm_cluster:/.swarm/swarm_cluster swarm list file:///.swarm/swarm_cluster

192.168.8.102:2375

192.168.8.103:2375

[root@swarm-m ~]# docker logs -f $(docker ps|grep swarm|awk '{print $1}')

INFO[0000] Listening for HTTP addr=0.0.0.0:3375 proto=tcp

INFO[0120] Registered Engine swarm-a2.example.com at 192.168.8.103:2375

INFO[0120] Registered Engine swarm-a1.example.com at 192.168.8.102:2375

ERRO[0653] Update engine specs failed: Cannot connect to the Docker daemon. Is the docker daemon running on this host? id=RXMY:7YIE:NFVP:KG7T:COMZ:ERUA:PQ36:MX65:KVEN:MJWJ:A2S5:WMMW name=swarm-a2.example.com

ERRO[0685] Flagging engine as unhealthy. Connect failed 3 times id=5S52:3JBP:R7LI:JUUN:3BN6:UDQY:OFAH:2RUB:6VZ3:QRPU:PIE5:XDFF name=swarm-a1.example.com

ERRO[0686] Flagging engine as unhealthy. Connect failed 3 times id=RXMY:7YIE:NFVP:KG7T:COMZ:ERUA:PQ36:MX65:KVEN:MJWJ:A2S5:WMMW name=swarm-a2.example.com

ERRO[0686] Update engine specs failed: Cannot connect to the Docker daemon. Is the docker daemon running on this host? id=RXMY:7YIE:NFVP:KG7T:COMZ:ERUA:PQ36:MX65:KVEN:MJWJ:A2S5:WMMW name=swarm-a2.example.com

ERRO[0739] Update engine specs failed: Cannot connect to the Docker daemon. Is the docker daemon running on this host? id=RXMY:7YIE:NFVP:KG7T:COMZ:ERUA:PQ36:MX65:KVEN:MJWJ:A2S5:WMMW name=swarm-a2.example.com

ERRO[0739] Update engine specs failed: Cannot connect to the Docker daemon. Is the docker daemon running on this host? id=5S52:3JBP:R7LI:JUUN:3BN6:UDQY:OFAH:2RUB:6VZ3:QRPU:PIE5:XDFF name=swarm-a1.example.com

ERRO[0804] Update engine specs failed: Cannot connect to the Docker daemon. Is the docker daemon running on this host? id=RXMY:7YIE:NFVP:KG7T:COMZ:ERUA:PQ36:MX65:KVEN:MJWJ:A2S5:WMMW name=swarm-a2.example.com

INFO[0816] Engine came back to life after 4 retries. Hooray! id=5S52:3JBP:R7LI:JUUN:3BN6:UDQY:OFAH:2RUB:6VZ3:QRPU:PIE5:XDFF name=swarm-a1.example.com

INFO[0895] Engine came back to life after 5 retries. Hooray! id=RXMY:7YIE:NFVP:KG7T:COMZ:ERUA:PQ36:MX65:KVEN:MJWJ:A2S5:WMMW name=swarm-a2.example.com

方式二:Docker Hub内置的服务发现功能

前提:swarm节点能与公网Docker Hub通信

配置swarm manager

1.创建集群discovery token(--rm)

[root@swarm-m ~]# docker run --rm swarm create

71296873eec3b86a4777054d66fdc164

2.创建并运行swarm manager容器

docker run -tid --restart=always

-p 3375:3375

-h swarm-m

--name=swarm-m

swarm manage -H 0.0.0.0:3375

token://71296873eec3b86a4777054d66fdc164

[root@swarm-m ~]# docker logs -f swarm-m

INFO[0000] Listening for HTTP addr=0.0.0.0:3375 proto=tcp

说明:可以启用tls认证，启动时加认证参数即可

可以创建自签名ca和证书，过程略

[root@swarm-m ~]# mkdir -p /opt/swarm/certs

[root@swarm-m ~]# cp swarm-ca.pem swarm-server.pem swarm-server.key /opt/swarm/certs/

docker run -tid --restart=always

-p 3375:3375

-v /opt/swarm/certs:/certs:ro

-h swarm-m

--name=swarm-m

swarm manage -H 0.0.0.0:3375

--tlsverify

--tlscacert=/certs/swarm-ca.pem

--tlscert=/certs/swarm-server.pem

--tlskey=/certs/swarm-server.key

token://71296873eec3b86a4777054d66fdc164

添加swarm agent

swarm-a1.example.com(192.168.8.102)

1.创建并运行swarm agent容器

docker run -tid --restart=always

-h swarm-a1

--name=swarm-a1

swarm join --addr=192.168.8.102:2375 token://71296873eec3b86a4777054d66fdc164

2.修改docker监听方式(socket-->tcp)

sed -i '/-H/s#-H fd://#-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock#' /lib/systemd/system/docker.service

systemctl daemon-reload

systemctl restart docker

swarm-a2.example.com(192.168.8.103)

1.创建并运行swarm agent容器

docker run -tid --restart=always

-h swarm-a2

--name=swarm-a2

swarm join --addr=192.168.8.103:2375 token://71296873eec3b86a4777054d66fdc164

2.修改docker监听方式(socket-->tcp)

sed -i '/-H/s#-H fd://#-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock#' /lib/systemd/system/docker.service

systemctl daemon-reload

systemctl restart docker

查看集群节点

docker run --rm swarm list token://71296873eec3b86a4777054d66fdc164