docker集群——swarm
原理1.docker集群亮点:功能亮点与Docker Engine集成的集群管理:使用Docker Engine CLI创建一大群Docker引擎,您可以在其中部署应用程序服务。您不需要额外的编排软件来创建或管理群。即自带swarm不需要那么多负载均衡高可用源件分散式设计: Docker Engine在部署时不是处理节点角色之间的差异,而是在运行时处理任何专业化。您可以使用Dock...
·
原理
1.docker集群亮点:
功能亮点
与Docker Engine集成的集群管理:使用Docker Engine CLI创建一大群Docker引擎,您可以在其中部署应用程序服务。您不需要额外的编排软件来创建或管理群。即自带swarm不需要那么多负载均衡高可用源件
分散式设计: Docker Engine在部署时不是处理节点角色之间的差异,而是在运行时处理任何专业化。您可以使用Docker Engine部署这两种节点,管理员和工作人员。这意味着您可以从单个磁盘映像构建整个群集。
声明式服务模型: Docker Engine使用声明式方法来定义应用程序堆栈中各种服务的所需状态。例如,您可能会描述一个由带有消息队列服务和数据库后端的Web前端服务组成的应用程序。
缩放:对于每个服务,您可以声明要运行的任务数量。当您向上或向下缩放时,swarm管理器会通过添加或删除任务来自动调整以保持所需的状态。
期望的状态协调:群管理器节点不断监视群集状态,并协调实际状态与表达的期望状态之间的任何差异。例如,如果您设置了一个服务来运行一个容器的10个副本以及一个承载其中两个副本崩溃的工作器,那么管理器将创建两个新的副本来替换崩溃的副本。swarm manager将新副本分配给正在运行且可用的工作人员。
多主机联网:您可以为您的服务指定一个重叠网络。swarm管理器在初始化或更新应用程序时会自动将地址分配给覆盖网络上的容器。
服务发现: Swarm管理器节点为swarm中的每个服务分配唯一的DNS名称,并负载平衡正在运行的容器。您可以通过群集中嵌入的DNS服务器来查询在群集中运行的每个容器。
负载平衡:您可以将服务的端口暴露给外部负载平衡器。在群集内部,您可以指定如何在节点之间分发服务容器。
默认情况下是安全的:群中的每个节点都强制实施TLS相互认证和加密,以保护自身与所有其他节点之间的通信。您可以选择使用自定义根证书或来自自定义根CA的证书。
滚动更新:在推出时,您可以逐渐将服务更新应用于节点。swarm管理器允许您控制服务部署到不同节点集之间的延迟。如果出现任何问题,您
当Docker以群集模式运行时,您仍然可以在参与群集的任何Docker主机以及群集服务上运行独立容器。独立容器和群集服务之间的一个主要区别是,只有群集管理员可以管理群集,而独立容器可以在任何守护进程上启动。Docker守护进程可以作为管理者,工作者,或两者兼而有之。
负载均衡
swarm管理器使用入口负载均衡来暴露你想在群集外部提供的服务。swarm管理器可以自动将服务分配给一个PublishedPort,或者您可以为该服务配置一个PublishedPort。您可以指定任何未使用的端口。如果您不指定端口,那么swarm管理器将为该服务分配一个30000-32767范围内的端口。
外部组件(如云负载平衡器)可以访问群集中任何节点的已发布端口上的服务,而不管该节点当前是否正在运行该服务的任务。群路由中的所有节点都将入口连接到正在运行的任务实例。
Swarm模式有一个内部的DNS组件,可以自动为群集中的每个服务分配一个DNS条目。群管理器使用内部负载平衡根据服务的DNS名称在群集内的服务之间分配请求。
实验环境
1. manager:172.25.8.250
2. server1:172.25.8.1
3. server2:172.25.8.2
安装Docker Engine 1.12或更高版本。安装Docker Engine并验证Docker Engine守护进程在每台机器上运行。如果低于1.12 不会自带swarm ,需要pull
yum update -y docker-engine-1.12.6-1.el7.centos.x86_64.rpm docker-engine-selinux-1.12.6-1.el7.centos.noarch.rpm
systemctl restart docker[root@foundation8 Desktop]# docker swarm init --advertise-addr 172.25.8.250
Swarm initialized: current node (3fj7bam3qavua00ksimls79n2) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-4ea7kwwqtwaddags5ypb44ql7qea4rjktysa9lvqkfculf4ywi-ev61dcr7g15xjb0fw8o3s1sjl \
172.25.8.250:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
[root@server1 ~]# docker swarm join --token SWMTKN-1-4ea7kwwqtwaddags5ypb44ql7qea4rjktysa9lvqkfculf4ywi-ev61dcr7g15xjb0fw8o3s1sjl 172.25.8.250:2377
This node joined a swarm as a worker.
[root@server2 ~]# docker swarm join --token SWMTKN-1-4ea7kwwqtwaddags5ypb44ql7qea4rjktysa9lvqkfculf4ywi-ev61dcr7g15xjb0fw8o3s1sjl 172.25.8.250:2377
This node joined a swarm as a worker.查看群体的当前状态:
[root@foundation67 Desktop]# docker info
Containers: 20
Running: 0
Paused: 0
Stopped: 20
Images: 8
Server Version: 1.12.6
Storage Driver: devicemapper
Pool Name: docker-8:10-273268971-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop4
Metadata file: /dev/loop5
Data Space Used: 21.82 GB
Data Space Total: 107.4 GB
Data Space Available: 142 MB
Metadata Space Used: 4.133 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 142 MB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.107-RHEL7 (2015-10-14)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: host null bridge overlay
Swarm: active
NodeID: 3fj7bam3qavua00ksimls79n2
Is Manager: true
ClusterID: azzjtrdp4xx6u0xkrdlby4l0d
Managers: 1
Nodes: 3
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Heartbeat Tick: 1
Election Tick: 3
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Node Address: 172.25.8.250
Runtimes: runc
Default Runtime: runc
Security Options: seccomp
Kernel Version: 3.10.0-327.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.2 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.624 GiB
Name: foundation67.ilt.example.com
ID: ESBG:ZZAB:KUZ6:4KP4:WHZ7:PSVD:KR3K:E3CY:UGX2:H4AC:BFK2:3YWY
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8查看有关节点的信息:
[root@foundation67 Desktop]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
3fj7bam3qavua00ksimls79n2 * foundation8.ilt.example.com Ready Active Leader
# 当前连接此节点上
arlf5530b1mkchbbgcxdm3ikk server2 Ready Active
d58wnlal0wlt9scqu25rlnc0i server1 Ready Active 部署一个服务到集群
[root@foundation8 Desktop]# docker service create --replicas 1 --name helloworld alpine ping 172.25.8.1
bed1vdf0lv2p0o29k2ttfg7rv查看正在运行的服务的列表
[root@foundation8 Desktop]# docker service ls
ID NAME REPLICAS IMAGE COMMAND
bed1vdf0lv2p helloworld 1/1 alpine ping 172.25.8.1[root@foundation8 Desktop]# docker service inspect --pretty helloworld # 便于阅读的格式显示有关服务的详细信息
ID: bed1vdf0lv2p0o29k2ttfg7rv
Name: helloworld
Mode: Replicated
Replicas: 1
Placement:
UpdateConfig:
Parallelism: 1
On failure: pause
ContainerSpec:
Image: alpine
Args: ping 172.25.8.1[root@foundation8 Desktop]# docker service inspect --pretty helloworld [root@foundation67 Desktop]# docker service ps helloworld # 查看哪些节点正在运行该服务
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR
863qwi0qzn98iqjhyavhqer8m helloworld.1 alpine foundation8.ilt.example.com Running Running 4 minutes ago [root@foundation8 Desktop]# docker ps #查看有关任务容器的详细信息
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
10ad9beff72e alpine:latest "ping 172.25.8.1" 5 minutes ago Up 5 minutes helloworld.1.863qwi0qzn98iqjhyavhqer8m扩展群中的服务
[root@foundation8 Desktop]# docker service scale helloworld=5
helloworld scaled to 5[root@foundation8 Desktop]# docker service ps helloworld # 查看更新的任务列表
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR
863qwi0qzn98iqjhyavhqer8m helloworld.1 alpine foundation8.ilt.example.com Running Running 8 minutes ago
6yryer0ydxt2x6lpin12tlgi7 helloworld.2 alpine server2 Running Preparing 11 seconds ago
adi26259g1fgvv65mc23ttyx6 \_ helloworld.2 alpine server2 Shutdown Rejected 12 seconds ago "No such image: alpine:latest"
ee53jlqgpllcakio43uzgr3eq \_ helloworld.2 alpine server2 Shutdown Rejected 33 seconds ago "No such image: alpine:latest"
cag3ghtb7b1zyhuqyt7sjo5br \_ helloworld.2 alpine server2 Shutdown Rejected 54 seconds ago "No such image: alpine:latest"
aureyduzqcxzabujc9kl5v1km helloworld.3 alpine server1 Running Preparing 11 seconds ago
1mlrloz8sr18t4dtdps3akfzm \_ helloworld.3 alpine server1 Shutdown Rejected 12 seconds ago "No such image: alpine:latest"
ayqmug4k8fngrudzp99hrvcu3 \_ helloworld.3 alpine server1 Shutdown Rejected 33 seconds ago "No such image: alpine:latest"
65swd6vs3zvaq8r4bp3sz33xk \_ helloworld.3 alpine server1 Shutdown Rejected 54 seconds ago "No such image: alpine:latest"
63kwbuhvpip1inkd4otgau5wf helloworld.4 alpine server1 Running Preparing 11 seconds ago
b3cr57x8qa9zhctudzeijhxa5 \_ helloworld.4 alpine server2 Shutdown Rejected 12 seconds ago "No such image: alpine:latest"
5w4sq6hbt3z20rdnxhi1b3ax1 \_ helloworld.4 alpine server2 Shutdown Rejected 33 seconds ago "No such image: alpine:latest"
1z3e5gclyp4tyq4ci35y6kdxc \_ helloworld.4 alpine server1 Shutdown Rejected 54 seconds ago "No such image: alpine:latest"
a9rdkip0mozxlb4haqe41ey95 helloworld.5 alpine foundation8.ilt.example.com Running Running about a minute ago swarm创建了4个新任务,可以扩展到总共5个运行的Alpine Linux实例。任务分布在群体的三个节点之间。一个正在运行manager1
删除服务节点
[root@foundation8 Desktop]# docker service rm -f helloworld \
>
helloworld
[root@foundation8 Desktop]# docker service inspect helloworld
[]
Error: no such service: helloworld将滚动更新应用于服务
[root@foundation8 ~]# docker service create \
> --replicas 3 \
> --name redis \
> --update-delay 10s \
> redis:3.0.6
9dmtv0i662sg415rv43v41o51[root@foundation8 ~]# docker service inspect --pretty redis
ID: 9dmtv0i662sg415rv43v41o51
Name: redis
Mode: Replicated
Replicas: 3
Placement:
UpdateConfig:
Parallelism: 1
Delay: 10s
On failure: pause
ContainerSpec:
Image: redis:3.0.6更新节点版本:
[root@foundation8 ~]# docker service update --image redis:3.0.7 redis[root@foundation8 ~]# docker service inspect –pretty redis
ID: 9dmtv0i662sg415rv43v41o51
Name: redis
Mode: Replicated
Replicas: 3
Update status:
State: paused
Started: 2 minutes ago
Message: update paused due to failure or early termination of task 8j4ub39p2sgdi7gl060v0xhc3
Placement:
UpdateConfig:
Parallelism: 1
Delay: 10s
On failure: pause
ContainerSpec:
Image: redis:3.0.7
Resources:[root@foundation8 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
3fj7bam3qavua00ksimls79n2 * foundation8.ilt.example.com Ready Active Leader
arlf5530b1mkchbbgcxdm3ikk server2 Ready Active
d58wnlal0wlt9scqu25rlnc0i server1 Ready Active [root@foundation8 ~]# docker service ps redis |grep Running
6968c0eb1obxil5hev8gfnq8b redis.1 redis:3.0.7 server2 Running Preparing 19 seconds ago
9v4finugxexzxchvnqqyoblds redis.2 redis:3.0.7 server1 Running Preparing 14 seconds ago
975qber3zecltkv8shi75ssji redis.3 redis:3.0.6 foundation8.ilt.example.com Running Preparing 12 minutes ago [root@foundation8 ~]# docker node update –availability drain server1
server1
[root@foundation8 ~]# docker service ps redis |grep Running
1ngiolv8iqhb5zkld3u7g1zpy redis.1 redis:3.0.7 server2 Running Preparing 13 seconds ago
6h9me5vp6brlbdat2foibb6su redis.2 redis:3.0.7 server2 Running Preparing 2 seconds ago
975qber3zecltkv8shi75ssji redis.3 redis:3.0.6 foundation8.ilt.example.com Running Preparing 13 minutes ago[root@foundation8 ~]# docker node inspect –pretty server1
ID: d58wnlal0wlt9scqu25rlnc0i
Hostname: server1
Joined at: 2018-8-20 01:51:09.159022759 +0000 utc
Status:
State: Ready
Availability: Drain #server1处于Drain状态
Platform:
Operating System: linux
Architecture: x86_64
Resources:
CPUs: 1
Memory: 993.1 MiB
Plugins:
Network: bridge, host, null, overlay
Volume: local
Engine Version: 1.12.6[root@foundation8 ~]# docker node update –availability active server1 # 以将耗尽的节点返回到活动状态
server1
[root@foundation8 ~]# docker node inspect –pretty server1
ID: d58wnlal0wlt9scqu25rlnc0i
Hostname: server1
Joined at: 2017-8-20 01:51:09.159022759 +0000 utc
Status:
State: Ready
Availability: Active
Platform:
Operating System: linux
Architecture: x86_64
Resources:
CPUs: 1
Memory: 993.1 MiB
Plugins:
Network: bridge, host, null, overlay
Volume: local
Engine Version: 1.12.6
权威|前沿|技术|干货|国内首个API全生命周期开发者社区
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)