docker之swarm容器部署及運維

1、概念

 Docker Swarm 是 Docker 的集群管理工具。它將 Docker 主機池轉變為單個虛擬 Docker 主機。 Docker Swarm 提供了標准的 Docker API，所有任何已經與 Docker 守護程序通信的工具都可以使用 Swarm 輕松地擴展到多個主機。

2、拓撲圖

 

 

3、部署docker

tar xf docker-20.10.5.tgz
cp docker/* /usr/bin/

vi /etc/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
  
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=127.0.0.1
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
  
[Install]
WantedBy=multi-user.target

此處的--insecure-registry=127.0.0.1（此處改成你私服ip）
設置是針對有搭建了自己私服Harbor時允許docker進行不安全的訪問，否則訪問將會被拒絕。

chmod +x /etc/systemd/system/docker.service 
systemctl daemon-reload
systemctl restart docker
systemctl enable docker.service
systemctl status docker

4、創建swarm集群管理

docker swarm init --advertise-addr 192.168.132.89（管理ip）

 

 

 查看關聯命令

docker swarm join-token worker

5、查看node服務

docker node ls

6、給集群命名並記錄

docker node ls
docker node update --label-add ng-node=node1 ID

獲取配置信息（ip及node名稱）
docker inspect kj15q6np0pkgopvb8z7nn4p3h kj69dros9jbxbqsts8szhr7cc odjyiaqyli4aidp809oz1bqzp |grep -nE "Labels|Addr" -C 2

192.168.132.90 node1
192.168.132.91 node2
192.168.132.89 node3

7、創建bridge網絡（實現容器服務互訪）

docker network create \
--driver overlay \
--subnet 10.0.8.0/24 \
springcloud-overlay

8、docker service創建集群服務

創建服務
docker service create --name tomcat1 tomcat:latest
創建服務並指定端口
docker service create --name tomcat1 --publish 8080:8080 –v/webapps:/usr/local/tomcat/webapps tomcat:latest
創建服務並指定端口和掛載數據目錄
docker service create --name tomcat_llplan --publish 8080:8080 --mount type=bind,src=/target,dst=/usr/tomcat/webapps   zhjtomcat:V8080
創建服務並指定端口和掛載數據目錄並指定網絡
docker service create --name tomcat_llplan --publish 8080:8080 \
 --mount type=bind,src=/target,dst=/usr/tomcat/webapps  \
 --network springcloud-overlay  zhjtomcat:V8080

9、swarm圖形化監控

docker pull dockersamples/visualizer:latest
docker service create \
--name=viz \
--publish=8081:8080/tcp \
--constraint=node.role==manager \
--mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \
dockersamples/visualizer:latest

 

 

 10、查看容器服務狀態

docker service ls
查看運行在那個節點上
docker service ps ID

11、查看容器服務配置詳情

docker service ls
docker service inspect ID

12、容器pods伸縮

docker service ls
docker service scale <ID>=數量

13、重啟指定容器服務

指定服務ID，重啟所有容器
docker service ls
docker service update --force ID

14、日志檢查

檢查docker啟動日志
docker logs -f  CONTAINER ID
journalctl -u docker.service
systemctl status docker –l
journalctl -xe
宿主機上查看容器應用日志
docker ps 
docker exec CONTAINER ID  tail -f   /usr/tomcat/logs/catalina.out