Docker swarm集群

swarm的教程不是很好找

在prodect的engine中将容器编排和集群部署的地方讲

https://docs.docker.com/engine/swarm/swarm-mode/

swarm工作模式

Docker Engine 1.12 引入了 swarm 模式,使您能够创建一个由一个或多个 Docker 引擎组成的集群,称为 swarm。swarm 由一个或多个节点组成:在 swarm 模式下运行 Docker Engine 1.12 或更高版本的物理或虚拟机。

有两种类型的节点:managerworkers

Swarm 模式集群

swarm 命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Usage:  docker swarm COMMAND

Manage Swarm

Commands:
  ca          Display and rotate the root CA
  init        Initialize a swarm
  join        Join a swarm as a node and/or manager
  join-token  Manage join tokens
  leave       Leave the swarm
  unlock      Unlock swarm
  unlock-key  Manage the unlock key
  update      Update the swarm

Run 'docker swarm COMMAND --help' for more information on a command.

创建swarm流程

在这之前应该给每台机器做一个hostname

1
vi /etc/hostname

以下的命令都可以通过–help

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#1 创建一个swarm

[root@swarm01 docker]# docker swarm init --advertise-addr 192.168.0.209
Swarm initialized: current node (jwmxshbfi37h95nxzdopqjc7c) is now a manager.

To add a worker to this swarm, run the following command:

docker swarm join --token SWMTKN-1-3g6i2kidh816zhhdunl4pqkqhagn5qs5dvh7zmym61lmx3p3kf-00b6sdcusdfk2p6hkfm49jxsw 192.1

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

#给了我们两个命令
# docker swarm join --token SWMTKN-1-3g6i2kidh816zhhdunl4pqkqhagn5qs5dvh7zmym61lmx3p3kf-00b6sdcusdfk2p6hkfm49jxsw 192.168.0.209:2377
#docker swarm join-token manager
#docker swarm join-token worker

#2 加入一个节点
[root@swarm02 docker]# docker swarm join --token SWMTKN-1-3g6i2kidh816zhhdunl4pqkqhagn5qs5dvh7zmym61lmx3p3kf-00b6sdcusdfk                                                                             2p6hkfm49jxsw 192.168.0.209:2377
This node joined a swarm as a w 
#3 查看加入的节点
[root@swarm01 ~]# docker node ls
ID                            HOSTNAME     STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
jwmxshbfi37h95nxzdopqjc7c *   swarm01.my   Ready     Active         Leader           20.10.7
yihzta1nqf9nm93wug46zkxv6     swarm02.my   Ready     Active                          20.10.7
#4 生成新的token以供加入

[root@swarm01 ~]# docker swarm join-token warker
unknown role warker
[root@swarm01 ~]# docker swarm join-token worker
To add a worker to this swarm, run the following command:

    docker swarm join --token SWMTKN-1-3g6i2kidh816zhhdunl4pqkqhagn5qs5dvh7zmym61lmx3p3kf-00b6sdcusdfk2p6hkfm49jxsw 192.168.0.209:2377

#5 晋升一个node为manager
#这里可以用hostname来操作
docker node promote swarm04.my

部署portainer Swarm

官方网站 https://www.portainer.io/

dockerhub https://hub.docker.com/r/portainer/portainer

官方启动文档 https://documentation.portainer.io/v2.0/deploy/ceinstallswarm/

修改启动模式

1
2
3
4
5
6
7
8
[root@Docker-swarm-manager01 ~]# vi /usr/lib/systemd/system/docker.service
# 将ExecStart修改为以下
ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://192.168.1.146 -H fd:// --containerd=/run/containerd/containerd.sock
# 之前少了一个sock
# 重新加载systemctl 
systemctl daemon-reload
# 重启docker
systemctl restart docker

下载YML

1
curl -L https://downloads.portainer.io/portainer-agent-stack.yml -o portainer-agent-stack.yml

启动stack portainer

docker stack deploy -c portainer-agent-stack.yml portainer –with-registry-auth

解决volume 挂在卷问题

部署应用

弹性扩缩容

告别docker run!

容器就是玩具脱离了编排没有任何意义

dockercompose是单机的

集群:swarm docker service

k8s service pods

容器> 服务!

灰度发布

1
2
3
4
5
6
7
8
9
10
#1创建一个服务
docker service create -p 2888:80 --name my-nginx nginx
# 启动时通过 --mode 可以设置是否只在服务器上运行
# Service mode (replicated, global, replicated-job, or global-job) (default "replicated")

#扩缩容
 docker service update --replicas 3 my-nginx
 #或者使用scale
[root@swarm04 ~]# docker service scale  my-nginx=4
#

Dockers Stack

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
docker-compose 单机部署

docker stack部署,集群部署

docker-compose up -d aaa.yaml

#

docker stack deploy aaa.yaml
[root@swarm01 ~]# docker stack --help

Usage:  docker stack [OPTIONS] COMMAND

Manage Docker stacks

Options:
      --orchestrator string   Orchestrator to use (swarm|kubernetes|all)

Commands:
  deploy      Deploy a new stack or update an existing stack
  ls          List stacks
  ps          List the tasks in the stack
  rm          Remove one or more stacks
  services    List the services in the stack

Run 'docker stack COMMAND --help' for more information on a command.

附件

RAFT

保证大多数节点存活拆可以用

1
2
3
#试验证明至少要有多数节点存活才行
#docker swarm leave
#离开节点

swarm defines

命令>管理节点>api>调度>工作节点

内部原理

image-20210713144136140

关键命令组

  • docker swarm 管理群

    • swarm create
    • docker swarm join-token worker
    • docker swarm join-token manager

  • docker node 管理节点

    • docker node promote swarm04.my

  • docker service 管理服务

    • docker service ps
    • docker service rm
    • docker service update
    • docker service scale

    这是一个集群管理命令,必须在 swarm manager 节点上执行。要了解管理器和工作器,请参阅文档中的 Swarm 模式部分

网络模式

网络模式PubishMode : ingress

Swarm:

Overlay:

ingress: 是一个特殊的Overlay 网络! 防护在均衡的功能! IPVS VIP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
[root@swarm01 ~]# docker network ls
NETWORK ID     NAME              DRIVER    SCOPE
53d6fb06a043   bridge            bridge    local
570ddbe94b59   docker_gwbridge   bridge    local
c560c2278f88   host              host      local
j91ffhouw8ux   ingress           overlay   swarm
e3a99632f17f   none              null      local
[root@swarm01 ~]#  docker network inspect ingress
[
    {
        "Name": "ingress",
        "Id": "j91ffhouw8ux79z1yv5ga6aai",
        "Created": "2021-07-12T14:11:49.819431278+08:00",
        "Scope": "swarm",
        "Driver": "overlay",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "10.0.0.0/24",
                    "Gateway": "10.0.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": true,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "2c3a204eff19cf40311ea28e12255e1c9a3c8589704ca54b35cf78636ad84eaf": {
                "Name": "my-nginx.8.tms5zqp0u7r165dkfqj0ojmrk",
                "EndpointID": "be78193d469556014dfaae362f08ad694944dd64d2404bc7fdd94f8a0723f77f",
                "MacAddress": "02:42:0a:00:00:26",
                "IPv4Address": "10.0.0.38/24",
                "IPv6Address": ""
            },
            "465b82da4ad355e09217b7637e9140ed18bff365c45f3cbc758669599f31ba6a": {
                "Name": "my-nginx.15.vw0cnqn2512livwdxbb9glwwh",
                "EndpointID": "05b9b7d864ab5f40d9488ac9c39d29a97195d01ecb578a27779d3b9ffec69df2",
                "MacAddress": "02:42:0a:00:00:19",
                "IPv4Address": "10.0.0.25/24",
                "IPv6Address": ""
            },
            "734064a7cb4998db2ead32935d537c53013568d81e8467a50bb0a3997e70539c": {
                "Name": "my-nginx.3.k0j4jw0ysbgfr8re2v2pyifew",
                "EndpointID": "cd357482b3607a00f1191d67f41cd366ba58f3cd090e2ee11d6fcf12d5563909",
                "MacAddress": "02:42:0a:00:00:1a",
                "IPv4Address": "10.0.0.26/24",
                "IPv6Address": ""
            },
            "ingress-sbox": {
                "Name": "ingress-endpoint",
                "EndpointID": "f9ff657f2ee6214ba64d332e502b6fffd73e9be9b8c0010c406151183daa1872",
                "MacAddress": "02:42:0a:00:00:02",
                "IPv4Address": "10.0.0.2/24",
                "IPv6Address": ""
            }
        },
        "Options": {
            "com.docker.network.driver.overlay.vxlanid_list": "4096"
        },
        "Labels": {},
        "Peers": [
            {
                "Name": "738c0b866305",
                "IP": "192.168.0.211"
            },
            {
                "Name": "09004037ccff",
                "IP": "192.168.0.209"
            },
            {
                "Name": "917bbf92496d",
                "IP": "192.168.0.210"
            },
            {
                "Name": "90cba7fc201a",
                "IP": "192.168.0.212"
            }
        ]
    }
]