一、什么是Docker Swarm?
Swarm是Docker的一個編排工具,在之前我們只是在一台機器來進行docker的管理:
但是有時容器並不一定都在一台主機上,如果是分布式的處於多台主機上,這時就可以借助於Swarm,Swarm是Docker自帶的編排工具,只要你安裝了Docker就會存在Docker Swarm工具。
Swarm中的模式是有兩大類節點,一類是manager節點,另一類是worker節點,manager節點相當於對服務的創建和調度,worker節點主要是運行容器服務,當然manager節點也是可以運行的。
manager節點狀態、信息的同步根據Raft consensus group的網絡進行通信同步的,而worker之間的通信依靠的是Gossip network做到的。
另外一個重要的概念就是service,我們可以在一個manager節點上創建一個服務,但是可以根據這一個服務創建多個容器的任務,這些容器任務運行在不同的節點上。
那么如何進行Swarm集群的搭建呢?
- 在swarm模式下初始化一個Swarm集群,並且將當前主機加入到該集群作為manager節點
- 加入其它節點到該集群中
- 部署service到該集群中
二、Docker Swarm集群搭建
(一)創建多節點集群
1、查看Swarm命令
[root@centos-7 ~]# docker swarm --help Usage: docker swarm COMMAND Manage Swarm Commands: ca Display and rotate the root CA init Initialize a swarm join Join a swarm as a node and/or manager join-token Manage join tokens leave Leave the swarm unlock Unlock swarm unlock-key Manage the unlock key update Update the swarm Run 'docker swarm COMMAND --help' for more information on a command.
可以看到其中有一個 init的命令,這就是初始化一個Swarm,我們再看看這個init的參數:
[root@centos-7 ~]# docker swarm init --help Usage: docker swarm init [OPTIONS] Initialize a swarm Options: --advertise-addr string Advertised address (format: <ip|interface>[:port]) --autolock Enable manager autolocking (requiring an unlock key to start a stopped manager) --availability string Availability of the node ("active"|"pause"|"drain") (default "active") --cert-expiry duration Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s) --data-path-addr string Address or interface to use for data path traffic (format: <ip|interface>) --data-path-port uint32 Port number to use for data path traffic (1024 - 49151). If no value is set or is set to 0, the default port (4789) is used. --default-addr-pool ipNetSlice default address pool in CIDR format (default []) --default-addr-pool-mask-length uint32 default address pool subnet mask length (default 24) --dispatcher-heartbeat duration Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s) --external-ca external-ca Specifications of one or more certificate signing endpoints --force-new-cluster Force create a new cluster from current state --listen-addr node-addr Listen address (format: <ip|interface>[:port]) (default 0.0.0.0:2377) --max-snapshots uint Number of additional Raft snapshots to retain --snapshot-interval uint Number of log entries between Raft snapshots (default 10000) --task-history-limit int Task history retention limit (default 5)
可以看到它有很多的參數,其中第一個就是將本機的地址添加進去,讓自己成為一個Manager節點,這樣其它的節點都可以知道這個節點的存在。
2、創建一個Manager節點
在此之前我們應該先知道自己本機的ip,以便於--advertise-addr string 這個參數使用,查看本機ip:
[root@centos-7 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:c7:a5:4a brd ff:ff:ff:ff:ff:ff inet 192.168.0.108/24 brd 192.168.0.255 scope global dynamic ens33 valid_lft 4909sec preferred_lft 4909sec inet6 fe80::ce03:35dc:625e:af37/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:00:35:c1 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:00:35:c1 brd ff:ff:ff:ff:ff:ff 5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:54:a9:01:1a brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:54ff:fea9:11a/64 scope link valid_lft forever preferred_lft forever
然后就可以初始化Manager節點:
[root@centos-7 ~]# docker swarm init --advertise-addr=192.168.0.108 Swarm initialized: current node (sz7bfcmk637qhqfvzqhdnk3t2) is now a manager. To add a worker to this swarm, run the following command: docker swarm join --token SWMTKN-1-0zzpk3xqq2ykb5d5jcd6hqeimckhrg5qu82xs7nw2wwnwyjmzg-9tmof9880m9r92vz5rygaa42e 192.168.0.108:2377 To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
可以看到已經創建了一個swarm manager節點--advertise-addr參數的值192.168.0.108是自己的ip,相當於將自己加入到swarm中。它也說明了其它worker加入的方式。
3、創建一個worker節點
另外再開啟一台虛擬機,將這台機器加入到swarm中成為worker節點:
[root@localhost ~]# docker swarm join --token SWMTKN-1-0zzpk3xqq2ykb5d5jcd6hqeimckhrg5qu82xs7nw2wwnwyjmzg-9tmof9880m9r92vz5rygaa42e
192.168.0.108:2377 This node joined a swarm as a worker.
可以看到已經成功了。
4、查看節點狀態
注意的是查看節點狀態只能在manager節點那台機器上查看,普通節點無法執行查看命令:
[root@centos-7 ~]# docker node ls ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION sz7bfcmk637qhqfvzqhdnk3t2 * centos-7 Ready Active Leader 19.03.5 89tezea9ltn6mqek7b48gtve7 localhost.localdomain Ready Active 18.09.7
可以看到有兩台機器了。
(二)多節點容器創建
上面我們已經將節點創建好了,現在可以在這些節點上創建容器了,那么就需要看看docker service 的幫助信息:
[root@centos-7 ~]# docker service --help Usage: docker service COMMAND Manage services Commands: create Create a new service inspect Display detailed information on one or more services logs Fetch the logs of a service or task ls List services ps List the tasks of one or more services rm Remove one or more services rollback Revert changes to a service's configuration scale Scale one or multiple replicated services update Update a service Run 'docker service COMMAND --help' for more information on a command.
可以看到有create這個命令,可以這樣理解,docker server create 相當於docker run 就是創建容器,只不過在swarm中是不同的表現方式。
1、manager節點上創建容器
[root@centos-7 docker]# docker service create --name demo busybox /bin/sh -c "while true; do sleep 3600; done " image busybox:latest could not be accessed on a registry to record its digest. Each node will access busybox:latest independently, possibly leading to different nodes running different versions of the image. edqgwqjka7ceyym9tg4gr9uim overall progress: 1 out of 1 tasks 1/1: running verify: Service converged
可以查看是否創建成功:
[root@centos-7 docker]# docker service ls ID NAME MODE REPLICAS IMAGE PORTS edqgwqjka7ce demo replicated 1/1 busybox:latest
可以具體看這個service的內容:
[root@centos-7 docker]# docker service ps demo ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS lshgq4gfi3cv demo.1 busybox:latest localhost.localdomain Running Running 2 minutes ago
2、水平擴展
- 水平擴展
之前接觸或scale,它可以幫助我們創建多個service,這里也是可行的:
[root@centos-7 docker]# docker service scale demo=5 demo scaled to 5 overall progress: 5 out of 5 tasks 1/5: running 2/5: running 3/5: running 4/5: running 5/5: running verify: Service converged
已經有5個demo服務的容器正在運行了。可以先看看serverice:
[root@centos-7 docker]# docker service ls ID NAME MODE REPLICAS IMAGE PORTS edqgwqjka7ce demo replicated 5/5 busybox:latest
再看看具體的容器數量:
[root@centos-7 docker]# docker service ps demo ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS lshgq4gfi3cv demo.1 busybox:latest localhost.localdomain Running Running 3 hours ago vvxl3f5p1w40 demo.2 busybox:latest centos-7 Running Running 3 hours ago q5imz8pqygbv demo.3 busybox:latest centos-7 Running Running 3 hours ago ih6e2bhzzru2 demo.4 busybox:latest localhost.localdomain Running Running 3 hours ago l32ziu7ygoqw demo.5 busybox:latest centos-7 Running Running 3 hours ago
可以看到5個容器在不同的節點上,其中有3個容器在manager節點,有兩個在worker節點上。
當然,每一個節點都可以自己查看自己目前運行的容器,比如worker節點查看自己運行容器的數量:
[root@centos-7 docker]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fbf77922d24c busybox:latest "/bin/sh -c 'while t…" 3 hours ago Up 3 hours demo.5.l32ziu7ygoqwapu4rbazqhyej 51e0e953688f busybox:latest "/bin/sh -c 'while t…" 3 hours ago Up 3 hours demo.3.q5imz8pqygbv5fw1r2wyt84ps 6f2b6d5f670c busybox:latest "/bin/sh -c 'while t…" 3 hours ago Up 3 hours demo.2.vvxl3f5p1w40oc82wvm2yq01q
只需要通過docker ps命令即可。
- 修復
scale在swarm中除了水平擴展外,還有一個作用,那就是修復作用,比如將某一個節點中的容器刪除掉,那么很快swarm中發覺並進行修復,數量保持原先的樣子。
假如現在刪除worker中的一個容器:
[root@localhost ~]# docker rm -f a8c8e6a95978 a8c8e6a95978
我們在manager節點中查看容器情況:
[root@centos-7 docker]# docker service ps demo ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS lshgq4gfi3cv demo.1 busybox:latest localhost.localdomain Running Running 3 hours ago vvxl3f5p1w40 demo.2 busybox:latest centos-7 Running Running 3 hours ago q5imz8pqygbv demo.3 busybox:latest centos-7 Running Running 3 hours ago zkoywf8h19p1 demo.4 busybox:latest localhost.localdomain Running Starting less than a second ago ih6e2bhzzru2 \_ demo.4 busybox:latest localhost.localdomain Shutdown Failed 23 seconds ago "task: non-zero exit (137)" l32ziu7ygoqw demo.5 busybox:latest centos-7 Running Running 3 hours ago
可以看到紅色就是我們刪掉的容器,但是后面它又馬上補充了一個,保持了整個系統的穩定性。
三、wordpress部署
(一)單容器啟動方式
如何使用Swarm進行部署wordpress呢?wordpress涉及到數據庫容器以及wordpress應用容易,那么這兩個容器很有可能是不在一台機器的,也就是使用Swarm中兩個容器是分配到不同的節點之上的。
首先,將之前的service進行移除:
[root@centos-7 docker]# docker service rm demo demo
1、創建overlay網絡
需要將這些service部署在一個overlay網絡中,所以需要有個overlay網絡。所以現在manager節點上創建這個網絡:
[root@centos-7 docker]# docker network create -d overlay demo xcjljjqcw26b2xukuirgpo6au
可以查看:
[root@centos-7 docker]# docker network ls NETWORK ID NAME DRIVER SCOPE xcjljjqcw26b demo overlay swarm
值得注意的是其他節點上現在並沒有這個網絡,那么其它節點又是怎么連上這個網絡的呢?
2、啟動數據庫服務
[root@centos-7 docker]# docker service create --name mysql --env MYSQL_ROOT_PASSWORD=root --env MYSQL_DATABASE=wordpress --network demo
--mount type=volume,source=mysql-data,destination=/var/lib/mysql mysql:5.7.24 eirarnex6suqa4uqzgowncigv overall progress: 1 out of 1 tasks 1/1: running [==================================================>] verify: Service converged
可以看看這個服務的詳情以及位於哪一個節點上:
[root@centos-7 docker]# docker service ls ID NAME MODE REPLICAS IMAGE PORTS eirarnex6suq mysql replicated 1/1 mysql:5.7.24 [root@centos-7 docker]# docker service ps mysql ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS c4a4lggjmvuf mysql.1 mysql:5.7.24 centos-7 Running Running about a minute ago
3、啟動wordpress服務
接着在manager節點上啟動wordpress服務
[root@centos-7 docker]# docker service create --name wordpress -p 80:80 --env WORDPRESS_DB-PASSWORD=root \ --env WORDPRESS_DB_HOST=mysql --network demo \ --mount type=volume,source=wordpress-config,destination=/var/www/html wordpress
上述中 --mount參數將容器中的配置等一系列的文件映射出來了,是方便修改容器中配置文件,修復數據庫連接不上的錯誤,詳情查看:
https://www.cnblogs.com/shenjianping/p/12268190.html
4、測試
現在可以進行訪問本機的80端口進行測試了
(二)Docker Stack部署
這種部署方式就是使用docker-compose.yml文件來進行部署應用,而上面那種方式就是每次手動單啟容器。
- 查看docker stack的命令
[root@centos-7 wordpress-stack]# docker stack --help Usage: docker stack [OPTIONS] COMMAND Manage Docker stacks Options: --orchestrator string Orchestrator to use (swarm|kubernetes|all) Commands: deploy Deploy a new stack or update an existing stack ls List stacks ps List the tasks in the stack rm Remove one or more stacks services List the services in the stack Run 'docker stack COMMAND --help' for more information on a command.
可以看到docker stack 的命令不是很多,第一個就是部署服務,一個docker-compose.yml就是一個服務,當然這個文件里面可能包含多個service。下面以實例來說明:
- docker-compose.yml文件
version: '3' services: web: image: wordpress ports: - 8080:80 environment: WORDPRESS_DB_HOST: mysql WORDPRESS_DB_PASSWORD: root networks: - my-network depends_on: - mysql deploy: mode: replicated replicas: 3 #開啟3個web服務 restart_policy: condition: on-failure delay: 5s max_attempts: 3 update_config: parallelism: 1 delay: 10s mysql: image: mysql:5.7.24 environment: MYSQL_ROOT_PASSWORD: root MYSQL_DATABASE: wordpress volumes: - mysql-data:/var/lib/mysql networks: - my-network deploy: mode: global #只能有一個mysql的服務 placement: constraints: - node.role == manager #服務只能部署在manager節點上 volumes: mysql-data: networks: my-network: driver: overlay #注意這里可能服務在不同的主機上,需要使用overlay網絡
- 部署wordpress stack
[root@centos-7 wordpress-stack]# docker stack deploy wordpress --compose-file=docker-compose.yml Creating network wordpress_my-network Creating service wordpress_web Creating service wordpress_mysql
- 查看stack
[root@centos-7 wordpress-stack]# docker stack ls NAME SERVICES ORCHESTRATOR wordpress 2 Swarm
- 查看stack中的服務
[root@centos-7 wordpress-stack]# docker stack ps wordpress
- 移除stack
[root@centos-7 wordpress-stack]# docker stack rm wordpress Removing service wordpress_mysql Removing service wordpress_web Removing network wordpress_my-network