持续集成docker—第三篇（docker swarm集群搭建）

一、规划

1、net-master作为manager节点，net-salve作为worker节点。

cat >>/etc/hosts<

2、配置SSH免密登陆

ssh-keygen -t rsa -P ''
ssh-copy-id -i .ssh/id_rsa.pub root@yundai-net-master
ssh-copy-id -i .ssh/id_rsa.pub root@yundai-net-salve

二、安装docker和ansible

1、安装配置ansible

yum -y install ansible

2、ansible增加节点，vi /etc/ansible/hosts

[node]
192.168.139.175
192.168.139.176

3、关闭SELINUX

sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux

4、关闭节点的SELINUX

ansible node -m copy -a 'src=/etc/selinux/config dest=/etc/selinux/'

得到返回成功结果

192.168.139.175 | SUCCESS => {
 "changed": false, 
 "checksum": "3b6d402cb16ca0cc84ba749c9f7874b077ac091a", 
 "dest": "/etc/selinux/config", 
 "gid": 0, 
 "group": "root", 
 "mode": "0644", 
 "owner": "root", 
 "path": "/etc/selinux/config", 
 "size": 545, 
 "state": "file", 
 "uid": 0
}
192.168.139.176 | SUCCESS => {
 "changed": false, 
 "checksum": "3b6d402cb16ca0cc84ba749c9f7874b077ac091a", 
 "dest": "/etc/selinux/config", 
 "gid": 0, 
 "group": "root", 
 "mode": "0644", 
 "owner": "root", 
 "path": "/etc/selinux/config", 
 "size": 545, 
 "state": "file", 
 "uid": 0
}

5、关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

6、关闭节点防火墙

ansible node -a 'systemctl stop firewalld'
ansible node -a 'systemctl disable firewalld'

注:这里选择关闭防火墙，实际环境中可自行开放端口。

7、安装docker

• 在manager节点安装docker

#安装相关依赖包
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#列出所有的docker源
yum list docker-ce --showduplicates | sort -r
#安装docker
yum -y install docker-ce
#查看docker版本
docker --version
#启动docker
systemctl start docker
systemctl status docker
systemctl enable docker

• 使用ansible在worker节点安装docker

#安装相关依赖包
yum install -y yum-utils device-mapper-persistent-data lvm2 
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#节点安装docker
ansible node -m copy -a 'src=/etc/yum.repos.d/docker-ce.repo dest=/etc/yum.repos.d/'
ansible node -m yum -a "state=present name=docker-ce"
#查看节点docker版本
ansible node -a 'docker --version'
​
192.168.139.173 | SUCCESS | rc=0 >>
Docker version 17.06.0-ce, build 02c1d87
192.168.139.174 | SUCCESS | rc=0 >>
Docker version 17.06.0-ce, build 02c1d87
#启动节点docker
ansible node -a 'systemctl start docker'
ansible node -a 'systemctl status docker'
ansible node -a 'systemctl enable docker'

三、配置docker swarm集群

1、创建docker swarm集群docker swarm init --listen-addr 0.0.0.0

Swarm initialized: current node (a1tno675d14sm6bqlc512vf10) is now a manager.
To add a worker to this swarm, run the following command:
 docker swarm join --token SWMTKN-1-3sp9uxzokgr252u1jauoowv74930s7f8f5tsmm5mlk5oim359e-dk52k5uul50w49gbq4j1y7zzb 192.168.139.175:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

2、查看节点docker node ls

ID                           HOSTNAME      STATUS      AVAILABILITY   MANAGER STATUS
a1tno675d14sm6bqlc512vf10 *  swarm01        Ready         Active           Leader

3、查看加入集群manager管理节点的命令-docker swarm join-token manager

To add a manager to this swarm, run the following command:
 docker swarm join --token SWMTKN-1-3sp9uxzokgr252u1jauoowv74930s7f8f5tsmm5mlk5oim359e-7tdlpdnkyfl1bnq34ftik9wxw 192.168.139.175:2377

4、查看加入集群worker节点的命令-docker swarm join-token worker

To add a worker to this swarm, run the following command:
 docker swarm join --token SWMTKN-1-3sp9uxzokgr252u1jauoowv74930s7f8f5tsmm5mlk5oim359e-dk52k5uul50w49gbq4j1y7zzb 192.168.139.175:2377

5、将前面规划的两个worker节点加入集群

docker swarm join --token SWMTKN-1-3sp9uxzokgr252u1jauoowv74930s7f8f5tsmm5mlk5oim359e-dk52k5uul50w49gbq4j1y7zzb 192.168.139.175:2377
#结果
This node joined a swarm as a worker.

6、查看worker节点是否已加入集群docker node ls

ID                        HOSTNAME    STATUS  AVAILABILITY  MANAGER STATUS
7zkbqgrjlsn8c09l3fagtfwre     swarm02  Ready      Active              
a1tno675d14sm6bqlc512vf10 *   swarm01  Ready      Active         Leader
apy9zys2ch4dlwbmgdqwc0pn3     swarm03  Ready      Active

7、查看docker swarm的管理网络docker network ls

NETWORK ID          NAME                DRIVER              SCOPE
05efca714d2f        bridge              bridge              local
c9cd9c37edd7        docker_gwbridge     bridge              local
10ac9e48d81b        host                host                local
n60tdenc5jy7        ingress             overlay             swarm
a9284277dc18        none                null                local

这里，一个docker swarm集群就搭建好了

四、添加docker加速器

访问https://www.daocloud.io，并进行注册申请，点击加速器拷贝下面的链接

curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://e3233689bd.m.daocloud.io

五、搭建docker swarm的UI—Portainer

1、使用该命令部署Portainer

docker service create \
--name portainer \
--publish 9000:9000 \
--constraint 'node.role == manager' \
--mount type=bind,src=//var/run/docker.sock,dst=/var/run/docker.sock \
portainer/portainer \
-H unix:///var/run/docker.sock

2、查看镜像docker images |grep portainer

portainer/portainer  latest  07cde96d4789   2 weeks ago  10.4MB

3、查看集群列表docker service ls

ID                  NAME                MODE                REPLICAS            IMAGE                        PORTS
oycej77lmc4u        portainer           replicated          1/1                 portainer/portainer:latest   *:9000->9000/tcp=

4、浏览器输入http://localhost:9000进入该UI界面，如下所示，第一次进入Portainer，配置8位数的admin密码

[email protected]

[email protected]