swarm 安装小记

dhso
2018/07/20 17:34
统计中
ssh root@40.73.96.111

ssh root@40.73.99.31
ssh root@40.73.96.219

docker swarm join --token SWMTKN-1-2g1m3acikt9jfj1mnhyfqyta2e4w58we0lapdyri8i8aec3ndz-e1pztefxdo6nxu85n493y2g5p 172.16.5.5:2377

### docker ###
yum remove docker docker-client docker-client-latest docker-common \
                  docker-latest docker-latest-logrotate docker-logrotate \
                  docker-selinux docker-engine-selinux docker-engine

yum install -y yum-utils device-mapper-persistent-data lvm2

yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

yum install docker-ce

systemctl start docker
systemctl enable docker

nano /etc/docker/daemon.json

{
  "registry-mirrors": ["https://registry.docker-cn.com"],
  "insecure-registries":["172.16.5.5:9060"]
}

systemctl daemon-reload 

systemctl restart docker.service

### swarm ###
初始化swarm manager并制定网卡地址
docker swarm init --advertise-addr 192.168.10.117
强制删除集群,如果是manager,需要加–force
docker swarm leave --force
docker node rm docker-118
查看swarm worker的连接令牌
docker swarm join-token worker
查看swarm manager的连接令牌
docker swarm join-token manager
使旧令牌无效并生成新令牌
docker swarm join-token --rotate
加入docker swarm集群
docker swarm join --token SWMTKN-1-5d2ipwo8jqdsiesv6ixze20w2toclys76gyu4zdoiaf038voxj-8sbxe79rx5qt14ol14gxxa3wf 192.168.10.117:2377
查看集群中的节点
docker node ls
查看集群中节点信息
docker node inspect docker-117 --pretty
调度程序可以将任务分配给节点
docker node update --availability active docker-118
调度程序不向节点分配新任务,但是现有任务仍然保持运行
docker node update --availability pause docker-118
调度程序不会将新任务分配给节点。调度程序关闭任何现有任务并在可用节点上安排它们
docker node update --availability drain docker-118
添加节点标签
docker node update --label-add label1 --label-add bar=label2 docker-117
docker node update --label-rm label1 docker-117
将节点升级为manager
docker node promote docker-118
将节点降级为worker
docker node demote docker-118
查看服务列表
docker service ls
查看服务的具体信息
docker service ps redis
创建一个不定义name,不定义replicas的服务
docker service create nginx
创建一个指定name的服务
docker service create --name my_web nginx
创建一个指定name、run cmd的服务
docker service create --name helloworld alping ping docker.com
创建一个指定name、version、run cmd的服务
docker service create --name helloworld alping:3.6 ping docker.com
创建一个指定name、port、replicas的服务
docker service create --name my_web --replicas 3 -p 80:80 nginx
为指定的服务更新一个端口
docker service update --publish-add 80:80 my_web
为指定的服务删除一个端口
docker service update --publish-rm 80:80 my_web
将redis:3.0.6更新至redis:3.0.7
docker service update --image redis:3.0.7 redis
配置运行环境,指定工作目录及环境变量
docker service create --name helloworld --env MYVAR=myvalue --workdir /tmp --user my_user alping ping docker.com
创建一个helloworld的服务
docker service create --name helloworld alpine ping docker.com
更新helloworld服务的运行命令
docker service update --args “ping www.baidu.com” helloworld
删除一个服务
docker service rm my_web
在每个群组节点上运行web服务
docker service create --name tomcat --mode global --publish mode=host,target=8080,published=8080 tomcat:latest
创建一个overlay网络
docker network create --driver overlay my_network
docker network create --driver overlay --subnet 10.10.10.0/24 --gateway 10.10.10.1 my-network
创建服务并将网络添加至该服务
docker service create --name test --replicas 3 --network my-network redis
删除群组网络
docker service update --network-rm my-network test
更新群组网络
docker service update --network-add my_network test
创建群组并配置cpu和内存
docker service create --name my_nginx --reserve-cpu 2 --reserve-memory 512m --replicas 3 nginx
更改所分配的cpu和内存
docker service update --reserve-cpu 1 --reserve-memory 256m my_nginx
指定每次更新的容器数量
--update-parallelism
指定容器更新的间隔
--update-delay
定义容器启动后监控失败的持续时间
--update-monitor 
定义容器失败的百分比
--update-max-failure-ratio
定义容器启动失败之后所执行的动作
--update-failure-action
创建一个服务并运行3个副本,同步延迟10秒,10%任务失败则暂停
docker service create --name mysql_5_6_36 --replicas 3 --update-delay 10s --update-parallelism 1 --update-monitor 30s --update-failure-action pause --update-max-failure-ratio 0.1 -e MYSQL_ROOT_PASSWORD=123456 mysql:5.6.36
回滚至之前版本
docker service update --rollback mysql
自动回滚 
docker service create --name redis --replicas 6 --rollback-parallelism 2 --rollback-monitor 20s --rollback-max-failure-ratio .2 redis:latest
创建服务并将目录挂在至container中
docker service create --name mysql --publish 3306:3306 --mount type=bind,src=/data/mysql,dst=/var/lib/mysql --replicas 3 -e MYSQL_ROOT_PASSWORD=123456 mysql:5.6.36
查看配置
docker config ls
查看配置详细信息
docker config inspect mysql
删除配置
docker config rm mysql



### portainer ###
docker volume create portainer_data

docker service create \
--name portainer \
--publish 9000:9000 \
--replicas=1 \
--constraint 'node.role == manager' \
--mount type=bind,src=//var/run/docker.sock,dst=/var/run/docker.sock \
--mount type=volume,src=portainer_data,dst=/data \
portainer/portainer \
-H unix:///var/run/docker.sock

### gitlab ###
docker volume create --name gitlab_config
docker volume create --name gitlab_logs
docker volume create --name gitlab_data

docker service create --name swarm_gitlab\
    --publish 5002:443 --publish 5003:80 --publish 5004:22 \
    --replicas 1 \
    --mount type=volume,source=gitlab_config,destination=/etc/gitlab \
    --mount type=volume,source=gitlab_logs,destination=/var/log/gitlab \
    --mount type=volume,source=gitlab_data,destination=/var/opt/gitlab \
    --constraint 'node.labels.type == gitlab_node' \
    gitlab/gitlab-ce:latest


### mysql ###
mysql:
    image: mysql:5.6.40
    environment:
      # 设置时区为Asia/Shanghai
      - TZ=Asia/Shanghai
      - MYSQL_ROOT_PASSWORD=admin@1234
    volumes:
      - mysql:/var/lib/mysql
    deploy:
      replicas: 1
      restart_policy:
        condition: any
      resources:
        limits:
          cpus: "0.2"
          memory: 512M
      update_config:
        parallelism: 1 # 每次更新1个副本
        delay: 5s # 每次更新间隔 
        monitor: 10s # 单次更新多长时间后没有结束则判定更新失败
        max_failure_ratio: 0.1 # 更新时能容忍的最大失败率
        order: start-first # 更新顺序为新任务启动优先
    ports:
      - 3306:3306
    networks:
      - myswarm-net

networks:
  myswarm-net:
    external: true


version: "3.2"
services:
  web:
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://40.73.96.111:9030'
    ports:
      - '9030:80'
      - '9031:443'
      - '9032:22'
    volumes:
      - '/var/lib/docker/volumes/gitlab_config/_data:/etc/gitlab'
      - '/var/lib/docker/volumes/gitlab_logs/_data:/var/log/gitlab'
      - '/var/lib/docker/volumes/gitlab_data/_data:/var/opt/gitlab'


# 配置http协议所使用的访问地址
external_url 'http://40.73.96.111:9030'

# 配置ssh协议所使用的访问地址和端口
gitlab_rails['gitlab_ssh_host'] = '40.73.96.111'
gitlab_rails['gitlab_shell_ssh_port'] = 9032
nginx['listen_port'] = 80

# 这里以新浪的邮箱为例配置smtp服务器
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.sina.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "name4mail"
gitlab_rails['smtp_password'] = "passwd4mail"
gitlab_rails['smtp_domain'] = "sina.com"
gitlab_rails['smtp_authentication'] = :login
gitlab_rails['smtp_enable_starttls_auto'] = true

# 还有个需要注意的地方是指定发送邮件所用的邮箱,这个要和上面配置的邮箱一致
gitlab_rails['gitlab_email_from'] = 'name4mail@sina.com'


$ curl -L https://portainer.io/download/portainer-agent-stack.yml -o portainer-agent-stack.yml
$ docker stack deploy --compose-file=portainer-agent-stack.yml portainer

//remote
use mysql;
select host, user, authentication_string, plugin from user;
GRANT ALL ON *.* TO 'root'@'%';
flush privileges;
//mysql8
ALTER USER 'root'@'localhost' IDENTIFIED BY 'admin@1234' PASSWORD EXPIRE NEVER;
ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'admin@1234';
FLUSH PRIVILEGES;




ace-center/target/ace-center.jar

ace-center/target/


docker rm -f ace-center
sleep 1
docker service create --name ace-center --publish 6010:8761 --replicas 1 -e JAR_PATH=/tmp/ace-center.jar dhso/springboot-app:1.0




FROM java:8
VOLUME /tmp
ADD ace-center/target/ace-center.jar app.jar
RUN bash -c 'touch /app.jar'
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]


docker rm -f ace-center
sleep 1
docker rmi -f dhso/ace-center
sleep 1
cd /tmp/ace-center
docker build -t dhso/ace-center .
sleep 1
docker service create --name ace-center --publish 6010:8761 --replicas 1 dhso/ace-center



docker service create --name ace-center --publish 6010:8080 --replicas 1 -e JAR_PATH=/tmp/ace-center.jar dhso/springboot-app:1.0


## ace-center

target/ace-center.jar,src/main/docker/Dockerfile

ace-center

docker service rm ace-center
sleep 1s
docker rm -f ace-center
sleep 1s
docker images|grep 172.16.5.5:9060/ace-center|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-center
rm -rf docker
mkdir docker
cp target/ace-center.jar docker/ace-center.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cd docker
docker build -t 172.16.5.5:9060/ace-center:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-center:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-center --network ace_network --constraint 'node.labels.type == worker' --publish 6010:8761 --replicas 1 172.16.5.5:9060/ace-center:latest

### ace-config ###
target/ace-config.jar,src/main/docker/Dockerfile

ace-config

docker service rm ace-config
sleep 1s
docker rm -f ace-config
sleep 1s
docker images|grep 172.16.5.5:9060/ace-config|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-config
rm -rf docker
mkdir docker
cp target/ace-config.jar docker/ace-config.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cd docker
docker build -t 172.16.5.5:9060/ace-config:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-config:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-config --network ace_network --constraint 'node.labels.type == worker' --publish 6011:8750 --replicas 1 172.16.5.5:9060/ace-config:latest

### ace-auth ###

target/ace-auth.jar,src/main/docker/Dockerfile

ace-auth

docker service rm ace-auth
sleep 1s
docker rm -f ace-auth
sleep 1s
docker images|grep 172.16.5.5:9060/ace-auth|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-auth
rm -rf docker
mkdir docker
cp target/ace-auth.jar docker/ace-auth.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cd docker
docker build -t 172.16.5.5:9060/ace-auth:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-auth:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-auth --network ace_network --constraint 'node.labels.type == worker' --publish 6013:9777 --replicas 1 172.16.5.5:9060/ace-auth:latest

### ace-admin ###

target/ace-admin.jar,src/main/docker/Dockerfile,src/main/docker/wait-for-it.sh

ace-admin

docker service rm ace-admin
sleep 1s
docker rm -f ace-admin
sleep 1s
docker images|grep 172.16.5.5:9060/ace-admin|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-admin
rm -rf docker
mkdir docker
cp target/ace-admin.jar docker/ace-admin.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cp src/main/docker/wait-for-it.sh docker/wait-for-it.sh
cd docker
docker build -t 172.16.5.5:9060/ace-admin:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-admin:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-admin --network ace_network --constraint 'node.labels.type == worker' --publish 6014:8762 --replicas 1 172.16.5.5:9060/ace-admin:latest


### ace-gate ###

target/ace-gate.jar,src/main/docker/Dockerfile,src/main/docker/wait-for-it.sh

ace-gate

docker service rm ace-gate
sleep 1s
docker rm -f ace-gate
sleep 1s
docker images|grep 172.16.5.5:9060/ace-gate|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-gate
rm -rf docker
mkdir docker
cp target/ace-gate.jar docker/ace-gate.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cp src/main/docker/wait-for-it.sh docker/wait-for-it.sh
cd docker
docker build -t 172.16.5.5:9060/ace-gate:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-gate:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-gate --network ace_network --constraint 'node.labels.type == worker' --publish 6015:8765 --replicas 1 172.16.5.5:9060/ace-gate:latest

### ace-dict ###

target/ace-dict.jar,src/main/docker/Dockerfile,src/main/docker/wait-for-it.sh

ace-dict

docker service rm ace-dict
sleep 1s
docker rm -f ace-dict
sleep 1s
docker images|grep 172.16.5.5:9060/ace-dict|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-dict
rm -rf docker
mkdir docker
cp target/ace-dict.jar docker/ace-dict.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cp src/main/docker/wait-for-it.sh docker/wait-for-it.sh
cd docker
docker build -t 172.16.5.5:9060/ace-dict:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-dict:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-dict --network ace_network --constraint 'node.labels.type == worker' --publish 6016:9999 --replicas 1 172.16.5.5:9060/ace-dict:latest


### ace-ui ###

FROM node:8-alpine

run mkdir webapp

add . ./webapp

run npm config set registry https://registry.npm.taobao.org

run npm install -g http-server

WORKDIR ./webapp

cmd http-server -p 9527

EXPOSE 9527

==========

dist/*,Dockerfile

ace-ui

docker service rm ace-ui
sleep 1s
docker rm -f ace-ui
sleep 1s
docker images|grep 172.16.5.5:9060/ace-ui|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-ui
cp Dockerfile dist/Dockerfile
cd dist
docker build -t 172.16.5.5:9060/ace-ui:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-ui:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-ui --network ace_network --constraint 'node.labels.type == worker' --publish 6012:9527 --replicas 1 172.16.5.5:9060/ace-ui:latest


### ace-monitor ###

target/ace-monitor.jar,src/main/docker/Dockerfile

ace-monitor

docker service rm ace-monitor
sleep 1s
docker rm -f ace-monitor
sleep 1s
docker images|grep 172.16.5.5:9060/ace-monitor|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-monitor
rm -rf docker
mkdir docker
cp target/ace-monitor.jar docker/ace-monitor.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cd docker
docker build -t 172.16.5.5:9060/ace-monitor:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-monitor:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-monitor --network ace_network --constraint 'node.labels.type == worker' --publish 6017:8764 --replicas 1 172.16.5.5:9060/ace-monitor:latest


### ace-trace ###

target/ace-trace.jar,src/main/docker/Dockerfile

ace-trace

docker service rm ace-trace
sleep 1s
docker rm -f ace-trace
sleep 1s
docker images|grep 172.16.5.5:9060/ace-trace|awk '{print $3}'|xargs docker rmi -f
sleep 1s
cd /tmp/ace-trace
rm -rf docker
mkdir docker
cp target/ace-trace.jar docker/ace-trace.jar
cp src/main/docker/Dockerfile docker/Dockerfile
cd docker
docker build -t 172.16.5.5:9060/ace-trace:latest .
sleep 1s
docker push 172.16.5.5:9060/ace-trace:latest
sleep 1s
docker network create --driver overlay --subnet 10.222.0.0/16 ace_network
sleep 1s
docker service create --name ace-trace --network ace_network --constraint 'node.labels.type == worker' --publish 6018:9411 --replicas 1 172.16.5.5:9060/ace-trace:latest




docker service create --name redis_01 --mount type=volume,src=redis_data,dst=/data \
--network ace_network --constraint 'node.labels.type == manager' --publish 9050:6379 --replicas 1 redis:latest

docker service create --name mysql_01 --mount type=volume,src=mysql_data,dst=/var/lib/mysql \
--env MYSQL_ROOT_PASSWORD=admin@1234 --network ace_network \
--constraint 'node.labels.type == manager' --publish 9051:3306 --replicas 1 mysql:5.6

/usr/bin/mysqladmin -u root password 'admin@1234'


docker service create --name rabbitmq_01 --mount type=volume,src=rabbitmq,dst=/var/lib/rabbitmq \
--network ace_network --constraint 'node.labels.type == manager' \
--publish 9052:5671 --publish 9053:5672 --publish 9054:15672 --replicas 1 rabbitmq:latest



FROM node:8-alpine
run mkdir webapp
add . ./webapp
run npm config set registry https://registry.npm.taobao.org
run npm install -g http-server
WORKDIR ./webapp
cmd http-server -p 9527
EXPOSE 9527

yum install -y epel-release
yum install -y htop

本文为 dhso 原创

发布在 http://blog.minws.com/swarm-an-zhuang-xiao-ji/

如有转载,请标明来源!

作者信息
姓名:dhso
热评文章
最新评论
文章概览