base2 |
172.25.78.12 |
manager |
base3 |
172.25.78.13 |
node1 |
base4 |
172.25.78.14 |
node2 |
1.先在真机上制作证书
[[email protected] ~]# vim /etc/hosts
172.25.254.78 westos.org
[[email protected] ~]# cd /tmp/docker/
[[email protected] docker]# ls
web
[[email protected] docker]# mkdir certs
# 制作证书
[[email protected] docker]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt
[[email protected] docker]# ll certs/ # 可以看到生成的domain.crt domain.key文件
[[email protected] docker]# docker run -d --restart=always --name registry \
> -v `pwd`/certs:/certs \
> -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
> -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
> -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key -p 443:443 registry:2
[[email protected] docker]# docker ps
[[email protected] docker]# iptables -t nat -nL
[[email protected] docker]# pwd
/tmp/docker
[[email protected] docker]# cd /etc/docker
[[email protected] docker]# ls
daemon.json key.json
[[email protected] docker]# mkdir certs.d
[[email protected] docker]# cd certs.d
[[email protected] certs.d]# mkdir westos.org
[[email protected] certs.d]# cd westos.org
[[email protected] westos.org]# cp /tmp/docker/certs/domain.crt ./ca.crt # 必须保证证书一致
[[email protected] westos.org]# ls
ca.crt
[[email protected] westos.org]# cd /var/www/html/images/
[[email protected] images]# ls
centos.tar demo.tar game2048.tar nginx.tar rhel7.tar ubuntu.tar
[[email protected] images]# docker load -i nginx.tar
[[email protected] images]# docker run -d --name vm1 nginx
[[email protected] images]# cd /etc/docker/certs.d/westos.org
[[email protected] westos.org]# docker tag nginx westos.org/rhel7 # 重命名
[[email protected] westos.org]# docker push westos.org/rhel7 # 上传到私有仓库
[[email protected] westos.org]# docker login -u wzt -p westos westos.org # 登陆认证,登陆成功之后下次登陆不用认证
# 必须做好解析,才能使用真机分享出来的仓库
[[email protected] ~]# vim /etc/hosts
172.25.78.254 westos.org
[[email protected] ~]# vim /etc/hosts
172.25.78.254 westos.org
[[email protected] ~]# vim /etc/hosts
172.25.78.254 westos.org
# 证书必须认证好,如果证书没有认证好,必须在真机重新生成证书,并将证书传递到三台虚拟机
[[email protected] westos.org]# pwd
/etc/docker/certs.d/westos.org
[[email protected] westos.org]# cd /etc/docker/
[[email protected] docker]# scp -r certs.d/ [email protected]:/etc/docker
[[email protected] docker]# scp -r certs.d/ [email protected]:/etc/docker
[[email protected] docker]# scp -r certs.d/ [email protected]:/etc/docker
2.部署manager
[[email protected] ~]# ls
docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch.rpm
docker-engine-17.05.0.ce-1.el7.centos.x86_64.rpm.part
[[email protected] ~]# yum install -y docker-engine-*
[[email protected] ~]# systemctl start docker
[[email protected] ~]# yum install -y bash-* # 安装一些docker相关工具
[[email protected] ~]# docker swarm init # 初始化
[[email protected] ~]# netstat -antlp
3.部署从节点
[[email protected] ~]# yum install -y docker-engine-*
[[email protected] ~]# systemctl start docker
[[email protected] ~]# docker swarm join --token SWMTKN-1-4a9b21x8wy3ixwdpwoo5rhf0fhl93w84h65bhr8lgta2kzabgs-93bumn3h27avii2vrstjjxjcd 172.25.78.12:2377
[[email protected] ~]# yum install -y docker-engine-*
[[email protected] ~]# systemctl start docker
[[email protected] ~]# docker swarm join --token SWMTKN-1-4a9b21x8wy3ixwdpwoo5rhf0fhl93w84h65bhr8lgta2kzabgs-93bumn3h27avii2vrstjjxjcd 172.25.78.12:2377
4.在manager端查看节点状态
[[email protected] ~]# docker node ls # 查看节点状态
[[email protected] ~]# docker pull westos.org/nginx # 拉取镜像,拉取之后才能使用
[[email protected] ~]# docker pull westos.org/nginx
[[email protected] ~]# docker pull westos.org/nginx
6.测试
[[email protected] ~]# docker service ls
# 在网页调用三个节点的IP可以分别看到nginx的测试页,说明集群部署成功
6.部署集群负载均衡,并监控
[[email protected] images]# docker pull docker.io/dockersamples/visualizer # 获取监控包
[[email protected] images]# docker tag dockersamples/visualizer westos.org/visualizer # 重命名
[[email protected] images]# docker push westos.org/visualizer # 上传到仓库里
部署manager
[[email protected] ~]# docker service create --name=viz --publish=8080:8080/tcp --constraint=node.role==manager --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock westos.org/visualizer
hhrtga74duyo3nnfrylnzx86h
[[email protected] ~]# echo base2 > index.html
[[email protected] ~]# docker ps
[[email protected] ~]# docker container cp index.html nginx.3.m7iwv7k31ta6yuxnsl9w6mrdp:/usr/share/nginx/html
[[email protected] ~]# docker service ls # 直到出现1/1即可
部署node节点
[[email protected] ~]# docker ps
[[email protected] ~]# echo base3 > index.html
[[email protected] ~]# docker container cp index.html nginx.2.0p98ly1szwxperugzjm0yu0ma:/usr/share/nginx/html
[[email protected] ~]# docker ps
[[email protected] ~]# echo base4 > index.html
[[email protected] ~]# docker container cp index.html nginx.1.e2knu5r1gxmjagutcx9bvgc11:/usr/share/nginx/html
负载均衡测试
[[email protected] images]# for i in {1..10}; do curl 172.25.78.12;done
# 关闭一个节点
[[email protected] ~]# systemctl stop docker