DockerSwarm基础命令笔记
创建Docker集群
创建管理节点
docker swarm init --advertise-addr 192.168.214.134
Swarm initialized: current node (fn141bj35cm6giol6lc4xrdbg) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-4ktuevhnsdh0hiwicqfxqvr3m4zw8c6ew212n7veidkk9xa2mt-cwova8081btr4gi7k9mjlf6g3 192.168.214.134:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
创建visualizer容器,用于在web上查看集群内的服务状态
docker run -it -d -p 8080:8080 --name visualizer -v /var/run/docker.sock:/var/run/docker.sock dockersamples/visualizer
在集群中添加子节点
docker@worker1:~$ docker swarm join --token SWMTKN-1-4ktuevhnsdh0hiwicqfxqvr3m4zw8c6ew212n7veidkk9xa2mt-cwova8081btr4gi7k9mjlf6g3 192.168.214.134:2377
This node joined a swarm as a worker.
docker@worker2:~$ docker swarm join --token SWMTKN-1-4ktuevhnsdh0hiwicqfxqvr3m4zw8c6ew212n7veidkk9xa2mt-cwova8081btr4gi7k9mjlf6g3 192.168.214.134:2377
This node joined a swarm as a worker.
查看节点信息
docker@Manager:~$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
7p0i3e8o57eo3pi676hv5f0ub worker1 Ready Active
fn141bj35cm6giol6lc4xrdbg * Manager Ready Active Leader
nvlhrn1vlrg1sn66hkyphxuyd worker2 Ready Active
查看节点的详细信息
docker@Manager:~$ docker node inspect fn141bj35cm6giol6lc4xrdbg --pretty
ID: fn141bj35cm6giol6lc4xrdbg
Hostname: Manager
Joined at: 2017-07-14 03:01:26.170403463 +0000 utc
Status:
State: Ready
Availability: Active
Address: 192.168.214.134
Manager Status:
Address: 192.168.214.134:2377
Raft Status: Reachable
Leader: Yes
Platform:
Operating System: linux
Architecture: x86_64
Resources:
CPUs: 4
Memory: 3.842GiB
Plugins:
Log: awslogs, fluentd, gcplogs, gelf, journald, json-file, logentries, splunk, syslog
Network: bridge, host, macvlan, null, overlay
Volume: local
Engine Version: 17.06.0-ce
TLS Info:
TrustRoot:
-----BEGIN CERTIFICATE-----
MIIBaTCCARCgAwIBAgIUCFPwjCnBaEq+SqJQVqOg/gtxNwQwCgYIKoZIzj0EAwIw
EzERMA8GA1UEAxMIc3dhcm0tY2EwHhcNMTcwNzE0MDI1NjAwWhcNMzcwNzA5MDI1
NjAwWjATMREwDwYDVQQDEwhzd2FybS1jYTBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABGDUW/oycxQlKCAW4UkIw9s+clf8HHwNVMDgLyVzuEm2ptmUo6UAMuD11F3D
LRS+aFbI19MnxF55W25ZSQcVP5KjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB
Af8EBTADAQH/MB0GA1UdDgQWBBSpBSKWON4N4dVYEtSrr5lwyo8hejAKBggqhkjO
PQQDAgNHADBEAiBF/IyG1jLiNeP2vClEC4UL97FfOU7ie22Xqz81bRD13gIgVRmu
7YhoqSxSnjOMyB738lzdH1/dft/pGHpJ/iZWPKI=
-----END CERTIFICATE-----
Issuer Subject: MBMxETAPBgNVBAMTCHN3YXJtLWNh
Issuer Public Key: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYNRb+jJzFCUoIBbhSQjD2z5yV/wcfA1UwOAvJXO4Sbam2ZSjpQAy4PXUXcMtFL5oVsjX0yfEXnlbbllJBxU/kg==
创建service
root@manager:~# docker service create --name hellodocker alpine ping docker.com
w8ero71tzo1e6d42tiymrdoru
Since --detach=false was not specified, tasks will be created in the background.
In a future release, --detach=false will become the default.
查看service
root@manager:~# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
w8ero71tzo1e hellodocker replicated 1/1 alpine:latest
查看服务运行在哪个节点
root@manager:~# docker service ps hellodocker
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
jyj6qqjzv8n8 hellodocker.1 alpine:latest manager Running Running 2 seconds ago
如上,服务部署在 worker节点上,进入worker节点,在worker节点上运行 docker ps
docker@worker:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f7098b163c52 alpine:latest "ping docker.com" 6 seconds ago Up Less than a second hellodocker.1.jyj6qqjzv8n8g9rzu5snvg3ik
查看logs
docker@worker:~$ docker logs -f hellodocker.1.jyj6qqjzv8n8g9rzu5snvg3ik
ping: bad address 'docker.com'
删除服务
root@manager:~# docker service rm hellodocker
hellodocker
使用docker service inspect --pretty
查看服务的详细信息
root@manager:~$ docker service inspect --pretty helloworld
ID: pc1s1ur24qgnvnasfd9n3mxhf
Name: helloworld
Service Mode: Replicated
Replicas: 3
Placement:
UpdateConfig:
Parallelism: 1
On failure: pause
Monitoring Period: 5s
Max failure ratio: 0
Update order: stop-first
RollbackConfig:
Parallelism: 1
On failure: pause
Monitoring Period: 5s
Max failure ratio: 0
Rollback order: stop-first
ContainerSpec:
Image: alpine:latest@sha256:1072e499f3f655a032e88542330cf75b02e7bdf673278f701d7ba61629ee3ebe
Args: ping 10.128.222.250
Resources:
Endpoint Mode: vip
运行多个服务 ,例:运行3个服务,镜像:alping 命令:ping 10.128.222.250
root@manager:~# docker service create --replicas 3 --name helloworld alpine ping 10.128.222.250
pc1s1ur24qgnvnasfd9n3mxhf
查看正在运行的“helloworld”服务
root@manager:~# docker service ps helloworld
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
p7bv5ccvyj6o helloworld.1 alpine:latest worker Running Running 2 minutes ago
pjyleutora9l helloworld.2 alpine:latest manager Running Running 2 minutes ago
8xygsa5sbpvi helloworld.3 alpine:latest worker Running Running 2 minutes ago
如上,服务1和3运行在worker节点上,2运行在manager节点上
docker@worker:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c55c29a5f1c0 alpine:latest "ping 10.128.222.250" 4 minutes ago Up 4 minutes helloworld.3.8xygsa5sbpviy40pe4nicvwak
a73f3449d93a alpine:latest "ping 10.128.222.250" 4 minutes ago Up 4 minutes helloworld.1.p7bv5ccvyj6og1tv5okctv962
root@manager:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
409c9619bb69 alpine:latest "ping 10.128.222.250" 4 minutes ago Up 4 minutes helloworld.2.pjyleutora9l4x9p8g32t5530
扩展或缩放服务中容器的数量,将helloworld服务中的容器数量从3个扩大到5个
$ docker service scale =
root@manager:~# docker service scale helloworld=5
helloworld scaled to 5
root@manager:~# docker service ps helloworld
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
p7bv5ccvyj6o helloworld.1 alpine:latest worker Running Running 12 minutes ago
pjyleutora9l helloworld.2 alpine:latest manager Running Running 12 minutes ago
8xygsa5sbpvi helloworld.3 alpine:latest worker Running Running 12 minutes ago
ttqx93p6rx92 helloworld.4 alpine:latest manager Running Running 58 seconds ago
rncrcscuehnr helloworld.5 alpine:latest manager Running Running 58 seconds ago
滚动更新
将Redis 3.0.6部署到群集,并配置群组10秒更新延迟
docker@manager:~$ docker service create \
> --replicas 3 \
> --name redis \
> --update-delay 10s \
> redis:3.0.6
3rtr2ryx6fte8fd101s4yom59
--update-delay参数用来设置服务的更新延时,S为秒,m为分钟,h为小时。例如10m30s表示10分30s的延时。
默认情况下,调度程序一次更新1个任务。您可以传递该 --update-parallelism用来配置调度程序同时更新的最大服务任务数。
默认情况下,当对单个任务的更新返回“ RUNNING”,调度器会调度另一个任务以进行更新,直到所有任务更新为止。如果在更新期间的任何时间任务返回FAILED,则调度程序将暂停更新
检查redis服务
docker@manager:~$ docker service inspect --pretty redis
ID: 3rtr2ryx6fte8fd101s4yom59
Name: redis
Service Mode: Replicated
Replicas: 3
Placement:
UpdateConfig:
Parallelism: 1
Delay: 10s
On failure: pause
Monitoring Period: 5s
Max failure ratio: 0
Update order: stop-first
RollbackConfig:
Parallelism: 1
On failure: pause
Monitoring Period: 5s
Max failure ratio: 0
Rollback order: stop-first
ContainerSpec:
Image: redis:3.0.6@sha256:6a692a76c2081888b589e26e6ec835743119fe453d67ecf03df7de5b73d69842
Resources:
Endpoint Mode: vip
更新redis镜像
$ docker service update --image redis:3.0.7 redis
redis
默认情况下,调度程序应用滚动更新步骤如下:
- 停止第一个任务
- 开始更新第一个任务。
- 启动更新任务的容器。
- 如果任务的更新返回RUNNING,等待指定的延迟时间,然后启动下一个任务。
- 如果在更新期间的任何时间任务返回FAILED,则暂停更新。
- 更新任务完成后,运行更新后的容器(task)。
- 原容器用“_”标记
查看新镜像
$ docker service inspect --pretty redis
ID: 3rtr2ryx6fte8fd101s4yom59
Name: redis
Service Mode: Replicated
Replicas: 3
UpdateStatus:
State: updating
Started: About a minute
Message: update in progress
Placement:
UpdateConfig:
Parallelism: 1
Delay: 10s
On failure: pause
Monitoring Period: 5s
Max failure ratio: 0
Update order: stop-first
RollbackConfig:
Parallelism: 1
On failure: pause
Monitoring Period: 5s
Max failure ratio: 0
Rollback order: stop-first
ContainerSpec:
Image: redis:3.0.7@sha256:730b765df9fe96af414da64a2b67f3a5f70b8fd13a31e5096fee4807ed802e20
Resources:
Endpoint Mode: vip
运行docker service ps
观看滚动更新:
docker@manager:~$ docker service ps redis
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
vxz4rvzwc16x redis.1 redis:3.0.6 worker Running Running 16 hours ago
tji5dknrsos4 redis.2 redis:3.0.6 manager Running Running 16 hours ago
uorssaenlvj4 redis.3 redis:3.0.7 manager Running Preparing 10 minutes ago
qjkfvcidtmdu \_ redis.3 redis:3.0.6 manager Shutdown Shutdown 10 minutes ago
滚动更新结束
docker@manager:~$ docker service ps redis
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
6hfvw17yg7we redis.1 redis:3.0.7 worker Running Preparing 50 seconds ago
vxz4rvzwc16x \_ redis.1 redis:3.0.6 worker Shutdown Shutdown 49 seconds ago
znkir2muje8n redis.2 redis:3.0.7 manager Running Running about a minute ago
tji5dknrsos4 \_ redis.2 redis:3.0.6 manager Shutdown Shutdown about a minute ago
uorssaenlvj4 redis.3 redis:3.0.7 manager Running Running about a minute ago
qjkfvcidtmdu \_ redis.3 redis:3.0.6 manager Shutdown Shutdown 15 minutes ago
更新节点状态
排除(drain)群上的一个节点
当所有节点的“AVAILABILITY”都处于"Active"时,群管理器可以将任务分配给任何的ACTIVE节点。
当需要维护某一个节点时,可以将节点的设置为DRAIN。DRAIN可以阻止节点从集群管理器接收心得任务。当节点处于DRAIN状态时,集群管理器会将节点上的服务自动迁移到其他节点上。
查看节点的状态(当前所有节点都处于Active状态)
docker@manager:~$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
9yezhc3cu7k0jk7535rpxfxr2 * manager Ready Active Leader
p704nr33kijnyqvkftng3maro worker Ready Active
运行docker service ps redis查看服务的分布状态
docker@manager:~$ docker service ps redis
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
6hfvw17yg7we redis.1 redis:3.0.7 worker Running Running 14 minutes ago
vxz4rvzwc16x \_ redis.1 redis:3.0.6 worker Shutdown Shutdown 25 minutes ago
znkir2muje8n redis.2 redis:3.0.7 manager Running Running 25 minutes ago
tji5dknrsos4 \_ redis.2 redis:3.0.6 manager Shutdown Shutdown 25 minutes ago
uorssaenlvj4 redis.3 redis:3.0.7 manager Running Running 25 minutes ago
qjkfvcidtmdu \_ redis.3 redis:3.0.6 manager Shutdown Shutdown 39 minutes ago
docker@manager:~$ docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
3rtr2ryx6fte redis replicated 3/3 redis:3.0.7
当前服务运行在3个节点上,manager节点上运行了2个,worker节点上运行了1个
运行docker node update --availability drain
以排出分配给任务的节点:
docker@manager:~$ docker node update --availability drain worker
worker
检查节点状态(worker节点的AVAILABILITY显示为Drain)
docker@manager:~$ docker node inspect --pretty worker
ID: p704nr33kijnyqvkftng3maro
Hostname: worker
Status:
State: Ready
Availability: Drain
运行docker service ps redis查看服务的分布状态
docker@manager:~$ docker service ps redis
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
yg6zrl3vvu9a redis.1 redis:3.0.7 manager Running Running 9 minutes ago
znkir2muje8n redis.2 redis:3.0.7 manager Running Running 40 minutes ago
uorssaenlvj4 redis.3 redis:3.0.7 manager Running Running 40 minutes ago
6hfvw17yg7we \_ redis.1 redis:3.0.7 worker Shutdown Shutdown 9 minutes ago
vxz4rvzwc16x \_ redis.1 redis:3.0.6 worker Shutdown Shutdown 39 minutes ago
tji5dknrsos4 \_ redis.2 redis:3.0.6 manager Shutdown Shutdown 40 minutes ago
qjkfvcidtmdu \_ redis.3 redis:3.0.6 manager Shutdown Shutdown about an hour ago
集群管理器会结束运行在“Drain状态节点”上的服务,然后在Active状态节点上创建新的服务。
运行 docker node update --availability active
将排出的节点返回到活动状态:
docker@manager:~$ docker node update --availability active worker
worker
查看worker节点状态
docker@manager:~$ docker node inspect --pretty worker
ID: p704nr33kijnyqvkftng3maro
Hostname: worker
Joined at: 2017-07-11 04:20:51.447858617 +0000 utc
Status:
State: Ready
Availability: Active
Address: 10.128.222.248
当节点设置回Active时,它可以接收新的任务:
- 在服务更新中扩大规模
- 在滚动更新期间
- 将另一个节点设置为Drain时
- 当任务在另一个活动节点上失败时
增加服务的规模
docker@manager:~$ docker service scale redis=4
redis scaled to 4
查看服务的分布状态
docker@manager:~$ docker service ps redis
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
yg6zrl3vvu9a redis.1 redis:3.0.7 manager Running Running 24 minutes ago
6hfvw17yg7we \_ redis.1 redis:3.0.7 worker Shutdown Shutdown 24 minutes ago
vxz4rvzwc16x \_ redis.1 redis:3.0.6 worker Shutdown Shutdown about an hour ago
znkir2muje8n redis.2 redis:3.0.7 manager Running Running about an hour ago
tji5dknrsos4 \_ redis.2 redis:3.0.6 manager Shutdown Shutdown about an hour ago
uorssaenlvj4 redis.3 redis:3.0.7 manager Running Running about an hour ago
qjkfvcidtmdu \_ redis.3 redis:3.0.6 manager Shutdown Shutdown about an hour ago
k8p5nq2bfims redis.4 redis:3.0.7 worker Running Running 3 seconds ago
此时,redis.4服务运行在worder节点上
创建Overlay网络
创建Overlay网络
docker@manager:~$ docker network create \
--driver overlay \
--subnet 10.0.9.0/24 \
--opt encrypted my-network
mfgsjqhlo25kbm1zyxocx9t1h
查看当前网络
docker@manager:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
86783e6b92b7 bridge bridge local
755b97bdc851 docker_gwbridge bridge local
b617a9638d1f host host local
flc6fgfyvtcr ingress overlay swarm
mfgsjqhlo25k my-network overlay swarm
9a0834cc2206 none null local
创建my-web服务
docker@manager:~$ docker service create \
> --name my-web \
> --replicas 2 \
> --network my-network \
> nginx
el6s6hg8cncfgoz8czs53jltj
查看运行中的服务
docker@manager:~$ docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
3rtr2ryx6fte redis replicated 1/1 redis:3.0.7
el6s6hg8cncf my-web replicated 2/2 nginx:latest
创建alpine服务,并指定network
docker@manager:~$ docker service create \
> --name my-alpine \
> --network my-network \
> alpine sleep 3600
2j3otip1b34hrrc2n76r4ziz2
查看运行中的服务
docker@manager:~$ docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
2j3otip1b34h my-alpine replicated 1/1 alpine:latest
3rtr2ryx6fte redis replicated 1/1 redis:3.0.7
el6s6hg8cncf my-web replicated 2/2 nginx:latest
查看my-alpine服务信息
docker@manager:~$ docker service ps my-alpine
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
slgn5e52igwu my-alpine.1 alpine:latest manager Running Running about a minute ago
当前my-alpine服务运行在manager节点上
在mangager节点上查看my-alpine服务,并进入服务所在的容器
docker@manager:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5c1b3df82887 alpine:latest "sleep 3600" 5 minutes ago Up 5 minutes my-alpine.1.slgn5e52igwu684fkyh5t7xqa
f9a93a18d976 nginx:latest "nginx -g 'daemon ..." 11 minutes ago Up 10 minutes 80/tcp my-web.1.n3g427taf3shssvrcqleqs55k
docker@manager:~$ docker exec -ti 5c1b3df82887 sh
/ #
使用nslookup my-web查看服务web服务所在的ip地址
/ # nslookup my-web
Name: my-web
Address 1: 10.0.9.2
查看服务所关联的所有task的ip地址
/ # nslookup tasks.my-web
nslookup: can't resolve '(null)': Name does not resolve
Name: tasks.my-web
Address 1: 10.0.9.4 my-web.2.vt2gxa8yspduhswcrbtiswtpe.my-network
Address 2: 10.0.9.3 my-web.1.n3g427taf3shssvrcqleqs55k.my-network
通过wget访问my-web服务
/ # wget -O- my-web
Connecting to my-web (10.0.9.2:80)
<html>
<head>
<title>Welcome to nginx!title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
style>
head>
<body>
<h1>Welcome to nginx!h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.orga>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.coma>.p>
<p><em>Thank you for using nginx.em>p>
body>
html>
- 100% |*******************************| 612 0:00:00 ETA
集群服务发现
通过 docker service update --publish-add 8080:80 my-web ,将本地的8080端口映射到集群的80端口
Usage: docker service update [OPTIONS] SERVICE
Update a service
Options:
--publish-add port Add or update a published
docker@manager:~$ docker service update --publish-add 8080:80 my-web
my-web
在外部网络通过8080端口访问集群内的my-web服务
访问失败(失败原因:默认网络和Vcenter的默认网络冲突,删除默认网络后自定义一个新的网段即可解决)
服务状态正常,端口映射成功 外部依然无法访问
docker@manager:~$ docker service ps my-web
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
19ke911tnn15 my-web.1 nginx:latest manager Running Running 10 minutes ago
n3g427taf3sh \_ my-web.1 nginx:latest manager Shutdown Shutdown 10 minutes ago
7hq3rgwn2t3u my-web.2 nginx:latest worker Running Running 10 minutes ago
vt2gxa8yspdu \_ my-web.2 nginx:latest worker Shutdown Shutdown 10 minutes ago
docker@manager:~$ docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
2j3otip1b34h my-alpine replicated 1/1 alpine:latest
3rtr2ryx6fte redis replicated 1/1 redis:3.0.7
el6s6hg8cncf my-web replicated 2/2 nginx:latest *:8080->80/tcp
docker@manager:~$ curl 10.128.222.244:8080
curl: (52) Empty reply from server
docker@manager:~$ ping 10.128.222.244
PING 10.128.222.244 (10.128.222.244) 56(84) bytes of data.
64 bytes from 10.128.222.244: icmp_seq=1 ttl=64 time=0.140 ms
64 bytes from 10.128.222.244: icmp_seq=2 ttl=64 time=0.143 ms
在本地用WorkStation搭建DockerSwarm成功。