1.数据卷挂载
/va/lib/docker #此目录存放容器的数据
ADD 可以解压,COPY仅仅只能复制
[root@foundation44 ~]# docker pull ubuntu # 拉取镜像
[root@foundation44 ~]# mkdir /data1 # 建立目录
[root@foundation44 ~]# docker run -it --name vm1 -v /data1 ubuntu # 创建容器
root@c611799059c4:/# df
Filesystem 1K-blocks Used Available Use% Mounted on
overlay 307430744 40290320 267140424 14% /
tmpfs 1963368 0 1963368 0% /dev
tmpfs 1963368 0 1963368 0% /sys/fs/cgroup
/dev/mapper/rhel_foundation44-root 307430744 40290320 267140424 14% /data1
shm 65536 0 65536 0% /dev/shm
tmpfs 1963368 0 1963368 0% /sys/firmware
root@c611799059c4:/# cd data1/
root@c611799059c4:/data1# ls
[root@foundation44 ~]# df
307430744 40290360 267140384 14% /var/lib/docker/overlay/6c4631b1429c0bd5e737894f1c237701744801fcf2ef50637f0c21be6b40583a/merged
shm 65536 0 65536 0% /var/lib/docker/containers/c611799059c44503094167fd2ddd566e7e888e4bc69add4f02bdcb9379118c3f/shm
[root@foundation44 ~]# docker inspect vm1
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
[root@foundation44 ~]# docker inspect vm1 | grep vol # 过滤逻辑卷组
"Type": "volume",
"Source": "/var/lib/docker/volumes/cd4f92416293cc192361b687a23bed2351e311f5b16f565fbf11c38513e65031/_data",
[root@foundation44 ~]# cd /var/lib/docker/volumes/cd4f92416293cc192361b687a23bed2351e311f5b16f565fbf11c38513e65031/_data #这是一个随机生成的目录
[root@foundation44 _data]# ls
[root@foundation44 _data]# cp /etc/passwd .
[root@foundation44 _data]# ls
passwd
# 重新打开一个shell
[root@foundation44 ~]# docker container attach vm1 #查看容器你会发现数据被保留
root@c611799059c4:/data1# ls
root@c611799059c4:/data1# ls
passwd
root@c611799059c4:/data1#
# 回到另外一个shell
[root@foundation44 _data]# cd
[root@foundation44 ~]# docker run -d --name vm2 -v /usr/share/nginx/html nginx #
cef5d170cf682e235dd593b9df9ffd36d7db3630e46bec439cc9f8ed23e18550
[root@foundation44 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cef5d170cf68 nginx "nginx -g 'daemon ..." 7 seconds ago Up 5 seconds 80/tcp vm2
c611799059c4 ubuntu "/bin/bash" 14 minutes ago Up 14 minutes vm1
[root@foundation44 ~]# docker inspect vm2 | grep vol
"Type": "volume",
"Source": "/var/lib/docker/volumes/67a40e95c1da224ecc04f00688ef551f66eb28a733c2a06fd5110997e7d93871/_data",
[root@foundation44 ~]# cd /tmp/docker
[root@foundation44 docker]# cd web/
[root@foundation44 web]# ls
index.html
[root@foundation44 web]# cat index.html
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
[root@foundation44 web]# cd ..
[root@foundation44 docker]# cp web/index.html test/
[root@foundation44 docker]# cd test/
[root@foundation44 test]# ls
Dockerfile index.html
[root@foundation44 test]# vim Dockerfile
1 FROM rhel7
2 ADD html.tar /usr/share
3 VOLUME ["/usr/share/nginx/html"]
[root@foundation44 test]# mkdir nginx
[root@foundation44 test]# cd nginx/
[root@foundation44 nginx]# mkdir html
[root@foundation44 nginx]# cd ..
[root@foundation44 test]# ls
Dockerfile index.html nginx
[root@foundation44 test]# mv index.html nginx/html/
[root@foundation44 test]# ls
Dockerfile nginx
[root@foundation44 test]# tar czvf html.tar nginx
nginx/
nginx/html/
nginx/html/index.html
[root@foundation44 test]# tar tf html.tar
nginx/
nginx/html/
nginx/html/index.html
[root@foundation44 test]# ls
Dockerfile html.tar nginx
[root@foundation44 test]# docker rmi rhel7:v4
Untagged: rhel7:v4
Deleted: sha256:3ec3fb0b1c09ed7c11368836f6d2cd9800c2139546a4b9458c8852d3efeb2637
Deleted: sha256:c14cf779dcb972df925177d61b0f6100ca2ba8832a1286f4d92e866a2f0034df
Deleted: sha256:2044a89be454cb0bcc8b4391edad8d5c33561f5a15a0bfd37f7bc362d443a8fc
[root@foundation44 test]# docker build -t rhel7:v4 /tmp/docker/test #运行dockerfile
Sending build context to Docker daemon 5.12 kB
Step 1/3 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/3 : ADD html.tar /usr/share/
---> ead206d5de63
Removing intermediate container ea23adcbe79e
Step 3/3 : VOLUME /usr/share/nginx/html
---> Running in fbcdee393195
---> 058236ad0cf8
Removing intermediate container fbcdee393195
Successfully built 058236ad0cf8
[root@foundation44 test]# docker create --name vol rhel7:v4 bash # 创建数据卷
2e0f5bd773e52e4e83465b4de8d752409a7f66535d1ea662228185f4a6e73f7c
[root@foundation44 test]# docker run -d --name vm1 --volumes-from vol nginx #挂载
4bb748ee1677ff3a984081ed5739ff1bc6e4b4512b239a0efdf075c6cab37567
[root@foundation44 test]# docker inspect vm1
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
[root@foundation44 test]# curl 172.17.0.2 # 测试,看到以下内容说明挂载成功
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
[root@foundation44 test]# cat nginx/html/index.html # 以上数据来源于nginx的默认发布目录
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
<h1>www.westos.org</h1>
创建用户密码进行加密
[root@foundation44 test]# cd /tmp/docker/certs/
[root@foundation44 certs]# ls
certs domain.crt domain.key -e --name -p registry:2 --restart=always -v
[root@foundation44 certs]# mkdir auth
[root@foundation44 certs]# docker volume ls
DRIVER VOLUME NAME
[root@foundation44 ~]# docker volume rm #如果查看到数据卷,不想保存,就可以执行这条命令进行删除
[root@foundation44 certs]# ls
auth certs domain.crt domain.key -e --name -p registry:2 --restart=always -v
# 这里有两种创建用户密码的方式
## 第一种
[root@foundation44 certs]# docker run --entrypoint htpasswd registry:2 -Bbn wzt westos > auth/htpasswd #创建用户密码导入htpasswd文件中
[root@foundation44 certs]# cat auth/htpasswd #查看自己的用户密码
wzt:$2y$05$yhsqZTDO3XU2qj39zhxXfOnu/0a.uH0TBRFUuIpmuxeNV0LqPGXUK
[root@foundation44 certs]# docker run --entrypoint htpasswd registry:2 -Bbn admin admin >> auth/htpasswd # 追加
[root@foundation44 certs]# cat auth/htpasswd
wzt:$2y$05$yhsqZTDO3XU2qj39zhxXfOnu/0a.uH0TBRFUuIpmuxeNV0LqPGXUK
admin:$2y$05$NUzCofvkEygzCQkw3B/fMelM2y9Pf4PQPKgbbFduX.RL/mgyXxBkW
# 第二种
[root@foundation44 certs]# htpasswd -cm htpaswd wzt #创建一个用户密码,-c会覆盖之前的密码,直接用-m就好
New password:
Re-type new password:
Adding password for user wzt
[root@foundation44 certs]# htpasswd -m htpaswd admin #继续给admin创建密码,-m不会覆盖
New password:
Re-type new password:
Adding password for user admin
[root@foundation44 certs]# cat htpaswd # 查看密码
wzt:$apr1$KNTgrAtV$OZiwEZC.4A/7wlWF1fEOR.
admin:$apr1$Cv1rVVsI$SvCkD8ZBy17hmOXd01ilj.
[root@foundation44 certs]# rm -f htpaswd #因为之前已经创建过密码了,此处是删除其中的一个密码
[root@foundation44 certs]# cd auth/
[root@foundation44 auth]# ls
htpasswd
[root@foundation44 auth]# cd ..
[root@foundation44 certs]# ls
auth certs domain.crt domain.key -e --name -p registry:2 --restart=always -v
[root@foundation44 certs]# docker container prune #删除已经停止的容器
WARNING! This will remove all stopped containers.
Are you sure you want to continue? [y/N] y
Deleted Containers:
79042a088c720b1679a412a93d129d53bae445478e47573cb6ebc10065a7d976
bed897727b9abc6645a2754cb59861324c955a5a0ebd346f6acce7128a328a13
Total reclaimed space: 0 B
[root@foundation44 certs]# cd /tmp/docker/
[root@foundation44 docker]# ls
certs Dockerfile dvd.repo privkey.pem ssh supervisord.conf test web
[root@foundation44 docker]# docker run -d --restart=always --name registry -v `pwd`/certs:/certs -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key -v `pwd`/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd -p 443:443 registry:2 # 将设置的用户密码放入加密证书
1a3eee983b0a843828cc224db7a5657e2dc89531cb354e60ab344fe13f61ff16
[root@foundation44 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1a3eee983b0a registry:2 "/entrypoint.sh /e..." 4 seconds ago Up 2 seconds 0.0.0.0:443->443/tcp, 5000/tcp registry
[root@foundation44 images]# docker tag nginx westos.org/nginx 重命名
[root@foundation44 docker]# docker push westos.org/nginx # 推送
The push refers to a repository [westos.org/nginx]
08d25fa0442e: Pushed
a8c4aeeaa045: Pushed
cdb3f9544e4c: Pushed
latest: digest: sha256:2de9d5fc6585b3f330ff5f2c323d2a4006a49a476729bbc0910b695771526e3f size: 948
[root@foundation44 images]# netstat -antlp | grep :443 #可以过滤出来443端口
tcp6 0 0 :::443 :::* LISTEN 11476/docker-proxy
[root@foundation44 docker]# docker login -u wzt -p westos westos.org #登陆用户
Login Succeeded
2.compose搭建负载均衡+监控
[root@foundation44 docker]# cd /var/www/html/images/
[root@foundation44 images]# docker load -i haproxy.tar #导入镜像
917c0fc99b35: Loading layer 130.9 MB/130.9 MB
5f70bf18a086: Loading layer 1.024 kB/1.024 kB
c205bb11f213: Loading layer 4.684 MB/4.684 MB
ffef890bdf7b: Loading layer 9.549 MB/9.549 MB
3ec368642ee3: Loading layer 2.048 kB/2.048 kB
Loaded image: haproxy:latest
[root@foundation44 images]# docker images #查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v4 058236ad0cf8 2 hours ago 140 MB
rhel7 v2 40b3beeed369 26 hours ago 178 MB
rhel7 v1 3fe178f06b6e 26 hours ago 178 MB
rhel7 v3 4865e60a8d1e 2 days ago 154 MB
rhel7 v5 4865e60a8d1e 2 days ago 154 MB
<none> <none> 5a9bea50ff7e 2 days ago 169 MB
ubuntu <none> 735f80812f90 3 weeks ago 83.5 MB
nginx latest c82521676580 4 weeks ago 109 MB
westos.org/nginx latest c82521676580 4 weeks ago 109 MB
westos.org/rhel7 latest c82521676580 4 weeks ago 109 MB
registry 2 b2b03e9146e1 6 weeks ago 33.3 MB
registry latest b2b03e9146e1 6 weeks ago 33.3 MB
game2048 latest 19299002fdbe 20 months ago 55.5 MB
haproxy latest fbd1f55f79b3 2 years ago 139 MB
ubuntu latest 07c86167cdc4 2 years ago 188 MB
stress latest db646a8f4087 4 years ago 282 MB
rhel7 latest 0a3eb3fde7fd 4 years ago 140 MB
[root@foundation44 images]# cd /usr/local/bin/
[root@foundation44 bin]# ls
docker-compose-Linux-x86_64-1.22.0 rht-vmctl rht-vmicons rht-vmsetkeyboard
[root@foundation44 bin]# chmod +x docker-compose-Linux-x86_64-1.22.0
[root@foundation44 bin]# ln -s docker-compose-Linux-x86_64-1.22.0 docker-compose # 建立软链接
[root@foundation44 bin]# ll
lrwxrwxrwx 1 root root 34 Aug 22 13:17 docker-compose -> docker-compose-Linux-x86_64-1.22.
[root@foundation44 bin]# docker-compose -v #-v可以查看当前compose的版本,测试安装结果
docker-compose version 1.22.0, build f46880fe
[root@foundation44 bin]# cd /tmp/docker/
[root@foundation44 docker]# ls
auth certs Dockerfile dvd.repo privkey.pem ssh supervisord.conf test web
[root@foundation44 docker]# mkdir compose
[root@foundation44 docker]# ls
auth certs compose Dockerfile dvd.repo privkey.pem ssh supervisord.conf test web
[root@foundation44 compose]# vim docker-compose.yml # 定义组成应用的各服务
1 apache:
2 image: rhel7:v2
3 expose:
4 - 80
5 volumes:
6 - ./web:/var/www/html
7 nginx:
8 image: nginx
9 expose:
10 - 80
11
12 haproxy:
13 image: haproxy
14 volumes:
15 - ./haproxy:/usr/local/etc/haproxy
16 links:
17 - apache
18 - nginx
19 ports:
20 - "8080:80"
21 expose:
22 - 80
23
[root@foundation44 compose]# cd ..
[root@foundation44 docker]# cp -r web/ compose/
[root@foundation44 docker]# cd compose/
[root@foundation44 compose]# ls
docker-compose.yml web
[root@foundation44 compose]# mkdir haproxy
[root@foundation44 compose]# cd haproxy/
[root@foundation44 haproxy]# vim haproxy.cfg
1 global
2 log 127.0.0.1 local0
3 log 127.0.0.1 local1 notice
4 defaults
5 log global
6 mode http
7 option httplog
8 option dontlognull
9 timeout connect 5000ms
10 timeout client 50000ms
11 timeout server 50000ms
12 stats uri /status
13 frontend balancer
14 bind 0.0.0.0:80
15 default_backend web_backends
16 backend web_backends
17 balance roundrobin
18 server web1 apache:80 check
19 server web2 nginx:80 check
[root@foundation44 haproxy]# cd ..
[root@foundation44 compose]# docker-compose up #启动整个应用
compose_nginx_1 is up-to-date
Recreating compose_apache_1 ... done
Creating compose_haproxy_1 ... done
#
# 网页测试
# ctrl + c 结束后,进程依旧不会停止
[root@foundation44 compose]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
533eedfb257c registry:2 "/entrypoint.sh /e..." About an hour ago Up About an hour 0.0.0.0:443->443/tcp, 5000/tcp registry
[root@foundation44 compose]# docker ps -a #不会结束
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
835d13f32185 haproxy "/docker-entrypoin..." 8 minutes ago Exited (0) 16 seconds ago compose_haproxy_1
022bacf9956e rhel7:v2 "/usr/bin/supervisord" 8 minutes ago Exited (0) 14 seconds ago compose_apache_1
e746476b495c nginx "nginx -g 'daemon ..." 8 minutes ago Exited (0) 15 seconds ago compose_nginx_1
533eedfb257c registry:2 "/entrypoint.sh /e..." About an hour ago Up About an hour 0.0.0.0:443->443/tcp, 5000/tcp registry
39b021232873 registry:2 "htpasswd -Bbn wzt..." About an hour ago Exited (0) About an hour ago relaxed_albattani
[root@foundation44 compose]# docker-compose start # 开启compose服务
Starting apache ... done
Starting nginx ... done
Starting haproxy ... done
[root@foundation44 compose]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
835d13f32185 haproxy "/docker-entrypoin..." 13 minutes ago Up 10 seconds 0.0.0.0:8080->80/tcp compose_haproxy_1
022bacf9956e rhel7:v2 "/usr/bin/supervisord" 13 minutes ago Up 12 seconds 80/tcp compose_apache_1
e746476b495c nginx "nginx -g 'daemon ..." 13 minutes ago Up 12 seconds 80/tcp compose_nginx_1
533eedfb257c registry:2 "/entrypoint.sh /e..." About an hour ago Up About an hour 0.0.0.0:443->443/tcp, 5000/tcp registry
39b021232873 registry:2 "htpasswd -Bbn wzt..." About an hour ago Exited (0) About an hour ago relaxed_albattani
[root@foundation44 compose]# docker stop compose_apache_1
compose_apache_1 # 关闭其中一个进程之后,会立刻监控到
[root@foundation44 compose]# docker start compose_apache_1 #打开之后,又恢复负载均衡
docker部署多容器
构造负载均衡:
link #容器间的访问(互联)
port:端口映射(便于访问),8080是为了避免端口冲突
3.swarm 集群搭建
环境:
MANAGER Server2 DOCKER(MASTER)
NODE1 Server3 DOCKER
NODE2 Server4 DOCKER
[root@test2 ~]# ls
docker-engine-17.03.1.ce-1.el7.centos.x86_64.rpm
docker-engine-selinux-17.03.1.ce-1.el7.centos.noarch.rpm
[root@test2 ~]# yum install docker-engine-* -y
[root@test2 ~]# systemctl start docker
[root@test2 ~]# yum install -y bash-* #安装一些docker相关工具
[root@test2 ~]# docker swarm init
Swarm initialized: current node (wikhxnmgruhd58sarxcnwseh6) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-4sqeev9d7voz22yuyuxdup0p3j8lo7sox5vpvmv46gly1gh3gj-51y6oqetje4pumws93az4tanl \
172.25.44.12:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
[root@test3 ~]# yum install docker-engine-* -y
[root@test3 ~]# systemctl start docker
[root@test3 ~]# docker swarm join --token SWMTKN-1-4sqeev9d7voz22yuyuxdup0p3j8lo7sox5vpvmv46gly1gh3gj-51y6oqetje4pumws93az4tanl 172.25.44.12:2377
This node joined a swarm as a worker.
[root@test4 ~]# yum install docker-engine-* -y
[root@test4 ~]# systemctl start docker
[root@test4 ~]# docker swarm join --token SWMTKN-1-4sqeev9d7voz22yuyuxdup0p3j8lo7sox5vpvmv46gly1gh3gj-51y6oqetje4pumws93az4tanl 172.25.44.12:2377
This node joined a swarm as a worker.
[root@test2 ~]# docker node ls # 查看节点状态
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
5g8lwn8eqr1qevpltzqwa6zg3 test4.example.com Ready Active
5jy9gzhq6grk6h5kljcm2vyz1 test3.example.com Ready Active
wikhxnmgruhd58sarxcnwseh6 * test2.example.com Ready Active Leader
[root@foundation44 docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@foundation44 westos.org]# docker tag nginx westos.org/rhel7 #重命名
[root@foundation44 westos.org]# cd /tmp/docker
[root@foundation44 docker]# pwd
/tmp/docker
[root@foundation44 docker]# docker push westos.org/nginx # 主机配置仓库,推送,分享私有仓库
The push refers to a repository [westos.org/nginx]
08d25fa0442e: Layer already exists
a8c4aeeaa045: Layer already exists
cdb3f9544e4c: Layer already exists
latest: digest: sha256:2de9d5fc6585b3f330ff5f2c323d2a4006a49a476729bbc0910b695771
# 必须做好解析,才能使用真机分享出来的仓库
[root@test2 ~]# vim /etc/hosts
10 172.25.44.250 westos.org
[root@test3 ~]# vim /etc/hosts
10 172.25.44.250 westos.org
[root@test4 ~]# vim /etc/hosts
10 172.25.44.250 westos.org
# 证书必须认证好,如果证书没有认证好,必须在真机重新生成证书,并将证书传递到三台虚拟机
[root@foundation44 westos.org]# cd /etc/docker
[root@foundation44 docker]# scp -r certs.d/ [email protected]:/etc/docker #
[email protected]'s password:
ca.crt 100% 2098 2.1KB/s 00:00
[root@foundation44 docker]# scp -r certs.d/ [email protected]:/etc/docker
[email protected]'s password:
ca.crt 100% 2098 2.1KB/s 00:00
[root@foundation44 docker]# scp -r certs.d/ [email protected]:/etc/docker
[email protected]'s password:
ca.crt 100% 2098 2.1
[root@test2 ~]# docker pull westos.org/nginx #拉取镜像,拉取之后才能使用
Using default tag: latest
latest: Pulling from nginx
2da35ff30a7d: Pull complete
831fb1a65ced: Pull complete
7a63da4e8a19: Pull complete
Digest: sha256:2de9d5fc6585b3f330ff5f2c323d2a4006a49a476729bbc0910b695771526e3f
Status: Downloaded newer image for westos.org/nginx:latest
[root@test3 ~]# docker pull westos.org/nginx Using default tag: latest
latest: Pulling from nginx
2da35ff30a7d: Pull complete
831fb1a65ced: Pull complete
7a63da4e8a19: Pull complete
Digest: sha256:2de9d5fc6585b3f330ff5f2c323d2a4006a49a476729bbc0910b695771526e3f
Status: Downloaded newer image for westos.org/nginx:latest
[root@test4 ~]# docker pull westos.org/nginx
Using default tag: latest
latest: Pulling from nginx
2da35ff30a7d: Pull complete
831fb1a65ced: Pull complete
7a63da4e8a19: Pull complete
Digest: sha256:2de9d5fc6585b3f330ff5f2c323d2a4006a49a476729bbc0910b695771526e3f
Status: Downloaded newer image for westos.org/nginx:latest
# 部署监控
[root@foundation44 images]# ls
game2048.tar nginx.tar registry.tar stress.tar
haproxy.tar registry-2.3.1.tar rhel7.tar visualizer.tar
[root@foundation44 images]# docker load -i visualizer.tar #导入监控镜像
[root@foundation44 images]# docker tag dockersamples/visualizer westos.org/visualizer
[root@foundation44 images]# docker push westos.org/visualizer
#
[root@test2 ~]# docker service create --name=viz --publish=8080:8080/tcp --constraint=node.role==manager --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock westos.org/visualizer #创建监控节点
64wal6o6fuhd39iwot9w9x1r6
[root@test2 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b4a3291c0e5a westos.org/visualizer@sha256:ea603c00f25b18c9a3aa49703c47bd5ca6c105637fe6f4887b606043c66ab528 "npm start" About a minute ago Up About a minute (healthy) 8080/tcp viz.1.orrsylx664j6m0u5s62p099yk
d1a01fbcd538 westos.org/nginx "nginx -g 'daemon ..." About an hour ago Exited (137) About an hour ago vm1
[root@test2 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b4a3291c0e5a westos.org/visualizer@sha256:ea603c00f25b18c9a3aa49703c47bd5ca6c105637fe6f4887b606043c66ab528 "npm start" About a minute ago Up About a minute (healthy) 8080/tcp viz.1.orrsylx664j6m0u5s62p099yk
[root@test2 ~]# docker service ls #直到出现1/1即可
[root@test2 ~]# docker service create --name nginx --publish 80:80 --replicas 3 westos.org/nginx
1q4bz6gw81fkzkunf6jffaoid
[root@test2 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE
1q4bz6gw81fk nginx replicated 3/3 westos.org/nginx:latest
[root@test2 ~]# docker service ps nginx
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
p3uvbvd7kv7x nginx.1 westos.org/nginx:latest test4.example.com Running Running about a minute ago
oq6zxs566zsa nginx.2 westos.org/nginx:latest test2.example.com Running Running about a minute ago
k0xb7p37a647 nginx.3 westos.org/nginx:latest test3.example.com Running Running about a minute ago
#真机测试,保证每个节点都部署成功
# 修改nginx默认发布目录,方便测试负载均衡效果
[root@test2 ~]# echo test2 > index.html
[root@test2 ~]# docker container cp index.html nginx.2.oq6zxs566zsanck6ic70e4a7u:/usr/share/nginx/html
[root@test3 ~]# echo test3 > index.html
[root@test3 ~]# yum install bash-* -y
[root@test3 ~]# docker container cp index.html nginx.3.k0xb7p37a647ufom5r2l7hqv0:/usr/share/nginx/html
[root@test4 ~]# echo test4 > index.html
[root@test4 ~]# yum install bash-* -y
[root@test4 ~]# docker container cp index.html nginx.1.p3uvbvd7kv7xdbkrso82wrxq4:/usr/share/nginx/html
#
# 实现了负载均衡
##1.网页检测
##2.真机检测
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.14; done
test4
test3
test2
test4
test3
test2
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.13; done
test3
test4
test2
test3
test4
test2
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.12; done
test3
test4
test2
test3
test4
test2
[root@test4 ~]# systemctl stop docker # 关闭其中一个节点,负载均衡依然有效
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.12; done
test3
test2
test3
test2
test3
test2
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.12; done
test3
test2
test3
test2
test3
test2
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.13; done #出现以下情况的原因是,test4的docker服务关闭,自己编辑的发布目录失效,显示出来的nginx默认的发布目录
test3
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
test2
test3
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
test2
[root@foundation44 Desktop]# for i in {1..6}; do curl 172.25.44.12; done
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
test3
test2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
test3
test2
# test4上的服务也已经转移
4.滚动更新(网页监控)
[root@foundation44 images]# cd /tmp/docker/
[root@foundation44 docker]# docker tag game2048 westos.org/game2048
[root@foundation44 docker]# docker push westos.org/game2048
The push refers to a repository [westos.org/game2048]
88fca8ae768a: Pushed
6d7504772167: Pushed
192e9fad2abc: Pushed
36e9226e74f8: Pushed
011b303988d2: Pushed
latest: digest: sha256:31a46998f55ed03da6d62197f3a91b0a100c0abdd7380d88142ea44bce325001 size: 1364
[root@test2 ~]# docker service scale nginx=30 #sacle规模可以部署多个容器,为了看到更明显的小国,这里我们多设置几个容器进行监控
nginx scaled to 30
[root@test2 ~]# docker service update --image westos.org/game2048 --update-parallelism 10 --update-delay 10s nginx # 每隔10s会进行滚动更新
nginx
#测试(正在滚动更新中):
# 主节点的服务也跟着更新