实验环境:
server1:172.25.40.11 swarm
server2:172.25.40.12 node
server3:172.25.40.13 node
搭建集群
【server1】
[root@server1 ~]# ls
docker-engine-17.03.1.ce-1.el7.centos.x86_64.rpm
docker-engine-selinux-17.03.1.ce-1.el7.centos.noarch.rpm
[root@server1 ~]# yum install -y docker-engine-*
[root@server1 ~]# scp * server2:
[root@server1 ~]# scp * server3:
[root@server1 ~]# systemctl start docker
[root@server1 ~]# docker swarm init #初始化
在当前主机上启动swarm模式,要保存初始化后token,因为在节点加入时要使用token作为通讯的密钥
【server2】
[root@server2 ~]# yum install * -y
[root@server2 ~]# systemctl start docker
[root@server2 ~]# docker swarm join \
> --token SWMTKN-1-52ppekqqbl06qdk23onaqa7txzku0q4mxazyi325nz4w4slkeg-0lybzr54rqypko80a0qsyylcs \
> 172.25.40.11:2377 # 加入到swarm集群中
【server3】
[root@server3 ~]# systemctl start docker
[root@server3 ~]# docker swarm join \
> --token SWMTKN-1-52ppekqqbl06qdk23onaqa7txzku0q4mxazyi325nz4w4slkeg-0lybzr54rqypko80a0qsyylcs \
> 172.25.40.11:2377
在【server1】查看节点
部署服务
[root@foundation40 ~]# docker ps
[root@foundation40 ~]# docker run -d \
> --restart=always \
> --name registry \
> -v `pwd`/certs:/certs \
> -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
> -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
> -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
> -p 443:443 \
> registry:2
[root@foundation40 docker]# docker ps
[root@foundation40 docker]# docker push westos.org/nginx
将物理主机的证书服务传到三台服务机上:(证书生成看上篇博客)
[root@foundation40 ~]# cd /etc/docker/
[root@foundation40 docker]# ls
certs.d daemon.json key.json
[root@foundation40 docker]# scp -r certs.d/ [email protected]:/etc/docker
[root@foundation40 docker]# scp -r certs.d/ [email protected]:/etc/docker
[root@foundation40 docker]# scp -r certs.d/ [email protected]:/etc/docker
在【server1】【server2】【server3】上添加解析
[root@server1 ~]# vim /etc/hosts
172.25.40.250 westos.org
【server1】
在manager节点部署nginx服务,服务数量为3个,公开指定端口是8080映射容器80,使用nginx镜像
[root@server1 ~]# docker service create --name nginx --publish 80:80 --replicas 3 westos.org/nginx #创建nginx服务
[root@server1 ~]# docker service ls #开启过程慢
[root@server1 ~]# docker service ls
[root@server1 ~]# docker service ps nginx
[root@server1 ~]# docker ps
[root@server1 ~]# docker service scale nginx=6
[root@server1 ~]# docker service ps nginx
[root@server1 ~]# docker ps
在网页访问三个主机的IP都可以看到nginx网页
负载均衡
在物理机上:
需要一个visualizer.tar
[root@foundation40 ~]# docker load -i visualizer.tar
[root@foundation40 ~]# docker images
dockersamples/visualizer latest 17e55a9b2354 11 months ago 148 MB
[root@foundation40 ~]# docker tag dockersamples/visualizer westos.org/visualizer #更换名字
[root@foundation40 ~]# docker push westos.org/visualizer
【server1】
[root@server1 ~]# docker service create \
> --name=viz \
> --publish=8080:8080/tcp \
> --constraint=node.role==manager \
> --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock \
> westos.org/visualizer
[root@server1 ~]# docker service ls
[root@server1 ~]# docker service scale nginx=3
[root@server1 ~]# docker ps
[root@server1 ~]# echo server1 > index.html
[root@server1 ~]# docker container cp index.html nginx.3.8e8h01k29kfxvy1g0lh3mjcl9:/usr/share/nginx/html
【server2】
[root@server2 ~]# docker ps
[root@server2 ~]# echo server2 > index.html
[root@server2 ~]# docker container cp index.html nginx.4.yab0b56egf6d1qf5xdzvvb3lo:/usr/share/nginx/html
【server3】
[root@server3 ~]# docker ps
[root@server3 ~]# echo server3 > index.html
[root@server3 ~]# docker container cp index.html nginx.2.w5ibu3y3jl6sctmiglkxz13r1:/usr/share/nginx/html
在主机上查看是否有负载均衡:
[root@foundation40 ~]# for i in {1..10}; do curl 172.25.40.11;done
网页访问http://172.25.40.11:8080/查看三台主机的nginx负载均衡
如果任意关闭一台主机的docker,此时的负载均衡就在两台主机上实现
滚动更新
[root@foundation40 ~]# docker images
[root@foundation40 ~]# docker tag rhel7:v1 westos.org/rhel7:v1
[root@foundation40 ~]# docker push westos.org/rhel7:v1
[root@server1 ~]# docker service scale nginx=30
[root@server1 ~]# docker service update --image westos.org/rhel7:v1 --update-parallelism 3 --update-delay 10s nginx