Table of contents
2. Basic structure of Docker Swarm
3. Several key concepts of Swarm
4. Scheduling strategy of swarm
Five, Swarm Cluster mode characteristics
6. Build a docker swarm cluster
Seven, docker swarm command and implementation
Docker swarm cluster management command keywords:
Key command of docker server service:
Key commands of docker node node:
docker swarm expansion copy shrinks the number of copies
docker swarm uses volume data volume
1. What is docker swarm
Docker Swarm, like Docker Compose, is the official container orchestration project of Docker, but the difference is that Docker Compose is a tool for creating multiple containers on a single server or host, while Docker Swarm can be created on multiple servers or hosts For container cluster services, Docker Swarm is obviously more suitable for the deployment of microservices.
docker deamon:
Swarm deamon is just a scheduler (Scheduler) plus a router (router), Swarm itself does not run the container, it just accepts the request from the Docker client and schedules the appropriate node to run the container, which means that even if the Swarm is due to some If the reason is down, the nodes in the cluster will continue to operate as usual. After the Swarm resumes operation, it will collect and rebuild the cluster information.
2. Basic structure of Docker Swarm
Swarm is a typical master-slave structure, which elects a manager by discovering services. The manager is the central management node. The agent running on each node accepts the unified management of the manager. The cluster will automatically elect the manager node through the Raft protocol in a distributed manner. There is no need for additional discovery service support, which avoids the bottleneck problem of a single point, and also has built-in DNS load balancing and integrated support for external load balancing mechanisms
3. Several key concepts of Swarm
1.
The management and arrangement of the Swarm cluster is to use the SwarmKit embedded in the docker engine. You can start the swarm mode or join the existing swarm when the docker is initialized. 2.
A
node is an instance of the docker engine cluster, which can be regarded as a Docker node .
You can run one or more nodes on a single physical computer or cloud server, but production cluster deployments typically include Docker nodes spread across multiple physical and cloud computers.
To deploy an application to a swarm, submit a service definition to a manager node.
Manager nodes dispatch units of work called tasks to worker nodes.
Manager nodes also perform the orchestration and cluster management functions required to maintain the desired cluster state. Manager nodes elect a single leader to perform orchestration tasks.
Worker nodes receive and execute tasks dispatched from manager nodes.
By default, manager nodes also run services as worker nodes, but you can configure them to only run manager tasks and be manager-only nodes. An agent runs on each worker node and reports on the tasks assigned to it. Worker nodes inform the manager node of the current state of their assigned tasks so that the manager can maintain the desired state of each worker.
3. Service
A service is the definition of a task, which is executed on a management machine or a worker node. It is the central structure of the swarm system and the main source of user interaction with the swarm. When creating a service, you need to specify the container image to use.
4. Task
tasks are commands executed in the docekr container, and the Manager node assigns tasks to the worker nodes according to the specified number of task copies
4. Scheduling strategy of swarm
When Swarm schedules (scheduler) nodes (leader nodes) to run containers, it will calculate the most suitable node for running containers according to the specified strategy. The currently supported strategies are: spread, binpack, random. 1. Random, as the name suggests, is
random
selection A Node is used to run the container, which is generally used for debugging. The spread and binpack strategies will
calculate the node that should run the container based on the available CPU, RAM, and the number of running containers of each node .
2. Spread
Under the same conditions, the Spread strategy will choose the node with the fewest running containers to run the new container, and the binpack strategy will choose the machine with the most concentrated running containers to run the new node.
Using the Spread strategy will make the containers evenly distributed and run on each node in the cluster. Once a node hangs up, only a small part of the containers will be lost.
3. Binpack
The Binpack strategy maximizes the avoidance of container fragmentation, that is to say, the binpack strategy leaves unused nodes as much as possible for containers that need more space to run, and runs the container on one node as much as possible.
Five, Swarm Cluster mode characteristics
1) Create services in batches
Create an overlay network before creating containers to ensure the network mode of container network intercommunication on different hosts
2) Powerful cluster fault tolerance
When one or several nodes in the container copy After the downtime, the cluster will re-launch the container replica on the remaining idle nodes in the cluster according to its own service registration discovery mechanism and the previously set value --replicas n. The entire replica migration process does not require manual intervention, and the load balance of the original cluster is still good after migration! It is not difficult to see that docker service is not only as simple as starting services in batches, but defines a state in the cluster. Cluster will continuously check the health status of the service and maintain the high availability of the cluster.
3) Scalability of service nodes
Swarm Cluster not only provides excellent high availability, but also provides the function of node elastic expansion or reduction. When the container group wants to expand dynamically, a new copy can be copied only through the scale parameter.
If you observe carefully, you can find that all the expanded container copies are running under the original node. If you want to run the same copy on each node, the method is actually very simple. You only need to add "-- Replicas n" can be replaced with "--mode=global"!
The replication service (--replicas n) distributes replicas randomly
to distribute a series of replication tasks to each node, depending on the configuration status you need, such as "--replicas 3".
Global service (--mode=global) means that creating this copy in all containers
is applicable to service tasks on all available nodes in the cluster, such as "--mode global". If you have 7 Docker nodes in the Swarm cluster, there will be corresponding containers on all nodes.
Sixth, build a docker swarm cluster
| IP address | CPU name | docker version | take the role |
| 172.16.1.5 | docker01 | 20.10.12 is relatively new | manager |
| 172.16.1.6 | docker02 | 20.10.10 | node |
| 172.16.1.7 | docker03 | 20.10.10 | node |
1. Define the cluster
init initialization
--advertise-addr specifies the ip address to create
docker swarm init --advertise-addr IP2. After creation, the command to join the node will be automatically generated, as shown in the figure, copy and paste it into the docker node that needs to be added
3. We check whether the join is successful under the manager node
docker node ls
The docker swarm is built here and the build is complete
Seventh, docker swarm command and implementation
Docker swarm cluster management command keywords:
init #初始化
join #加入群集
leave #离开
update #更新
info #查看群集信息Key command of docker server service:
create #创建
inspect #查看详情
update #更新
remove #移除
tasks #任务Key commands of docker node node:
accept #看节点
promote #提升节点
demote #降级
inspect #查看详情
update #更新
tasks #任务
ls #列出
rm #删除Command implementation:
Displays Docker system information, including the number of images and containers
docker infoinfo content details:
Client:
Debug Mode: false #
Server:
Containers: 0 #当前主机运行的容器总数
Running: 0 #有几个容器正在运行
Paused: 0 #有几个容器是暂停的
Stopped: 0 #有几个容器时停止的
Images: 0 #当前服务器的镜像数量
Server Version: 20.10.12 #服务端版本
Storage Driver: overlay2 #正在使用的存储引擎
Backing Filesystem: xfs #后端文件系统,即服务器的磁盘文件系统
Supports d_type: true #是否支持d_type
Native Overlay Diff: true #是否支持差异数据存储
Logging Driver: json-file #日志类型
Cgroup Driver: cgroupfs #Cgroups
Plugins: #插件
Volume: local #卷
Network: bridge host ipvlan macvlan null overlay #支持的网络类型,overlay实现跨主机通信
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog #支持的日志类型
Swarm: inactive #是否支持swarm(docker的容器编排工具)
Runtimes: runc #已安装的容器运行机制
Default Runtime: runc #默认使用的容器运行机制
Init Binary: docker-init #初始化容器的守护进程,即pid为1的进程
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339 #容器版本ID
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657 #runc版本ID
init version: fec3683 #init版本
Security Options: #安全选项
Apparmor #安全模块,https://docs.docker.com/engine/security/apparmor
seccomp #审计模块,https://docs.docker.com/engine/security/seccomp
Profile: default #默认的配置文件
Kernel Version: 3.10.0-1062.el7.x86_64 #宿主机内核版本
Operating System: CentOS Linux 7 (Core) #宿主机操作系统
OSType: linux #宿柱机操作系统类型
Architecture: x86_64 #宿主机架构
CPUs: 1 #宿主机CPU数量
Total Memory: 972.4MiB #宿主机总内存
Name: localhost.localdomain #宿主机hostname
ID: DIPK:XV7U:XY42:FTSH:T3AQ:TBXG:XK4F:WGZ6:YH2J:7LLQ:ZHMV:V45L #宿主机ID
Docker Root Dir: /var/lib/docker #宿主机数据保存目录
Debug Mode: false #是否开启debug
Registry: https://index.docker.io/v1/ #镜像仓库
Labels: #其他标签
Experimental: false #是否是测试版
Insecure Registries: #非安全的镜像仓库
127.0.0.0/8
Live Restore Enabled: false #是否开启活动重启(重启docker-daemon不关闭容器)
Product License: Community Engine #产品许可证View swarm cluster nodes:
docker node ls
If you want to suspend maintenance on a certain node: #Offline node
docker node update --availability drain docker03
Online node:
docker node update --availability active docker03
docker swarm delete node:
docker node rm --force docker03
After docker swarm is deleted, add a new node: #Get joining information
docker swarm join-token workerAn error occurs when adding a new node
If this happens: #Indicates that this docker container has already joined the cluster and cannot be added, it needs to be deleted manually
Error response from daemon: This node is already part of a swarm. Use "docker swarm leave" to leave this swarm and join another one.
Solution: #The leave here is to delete the node in the cluster, and the -f parameter forces the deletion
docker swarm leave -fRe-join:
Let's see if the node joins here again:
example
Through examples, we are better familiar with the cluster commands of docker swarm
Use docker swarm to build nginx cluster
1. First create a cross-host network and use the overlay network that comes with docker
# -d driver to manage the network #network name nginx_net
docker network create -d overlay nginx_netView after creation:
docker network ls | grep nginx_net
2. Publish a service to import the image into the cluster machine in advance in order to improve efficiency, and create three copies after importing
docker service create --replicas 3 --network nginx_net --name my_nginx -p 80:80 nginxserver create Create a service --replicas number of copies --network Use the name of the network --name The name of the service after creation
Check:
docker service ls
check the details:
docker service inspect --pretty my_nginx inspect view details
--pretty Format the command output into a readable format #If you don't add this, you will see more detailed content
Here is the detailed information of some services. If you want to see the service running on that machine, use:
docker service ps my_nginx
3. After finishing, let's try to visit
curl -i IP:80-i display request header information
The access here is all in the patrol access state, and the 3 copies visit in turn
docker swarm expansion copy shrinks the number of copies
The last value is the number of copies, which can be large or small
docker service scale my_nginx=5
## Note here that if any node node is down, the number of copies will not be repeated, and the container running on the down node will automatically run on other nodes. Here we do a demonstration, I have shrunk the copy to 3
Simulate downtime docker03
systemctl stop docker
Look at the node:
docker node ls
View service: You can see that nginx.3 on docker03 has run to docker01
docker service ps my_nginx
Restart docker03 and automatically join it
systemctl start dockerNote that if you want the service to run on the original machine, you need to stop and delete the container on the corresponding docker host
Here I forcefully delete the container:
Go to docker01 to see the container id number
docker ps
Delete container:
docker rm -f +容器ID号Check whether it is restored to the previous docker03:
The following /_ at the beginning is the history record, don’t worry about it
Upgrade mirror: #If the mirror version is too low, you can upgrade the mirror, because I use the latest nginx mirror, I will downgrade
Command: I downgraded the version from latest to version 1.18. If you upgrade, nginx:new or nginx:+version number or latest, no mirror will be downloaded automatically
docker service update --image nginx:1.18 my_nginxDoing so will stop the original container, spawn a new container and run
docker swarm uses volume data volume
1. In order to be more intuitive, I will delete all the services here and run it again
docker service rm my_nginx2. Create a data volume, we create a named data volume
docker volume create --name test_volumeView all data volumes:
docker volume lsView the specific data volume location
docker volume lsThe position of the data room is where it is drawn
3. Create and mount the data volume
We hang the default homepage directory of nginx out so that we can change the directory
typefile type
The name of the directory or data volume where src needs to be mounted
The directory location where dst mounts the contents of the container
docker service create --replicas 3 --mount type=volume,src=test_volume,dst=/usr/share/nginx/html/ -p 80:80 --name test_nginx nginxLet's go to the directory to see if there is a default index file for the home page
cd /var/lib/docker/volumes/test_volume/_data/ && ls
Of course, try to mount to the data file in other environments, because what I mount here is the homepage directory file, so if I modify the index.html file, only one can change the homepage and the other two remain unchanged.
If I change the homepage file on docker01, only the homepage of docker01 will be changed
To put it bluntly, the data volume directory of each docker host is independent, and modifying one cannot be used universally.
The second mount method:
type file type The parameter target indicates the path in the container, and source indicates the local hard disk path
docker service create --mount type=bind,target=/container_data/,source=/host_data/This method is to directly mount the directory, provided that you have this directory locally, I will not show the specific effect, it is the same as above
The above is all of our learning content.