Linux进阶 | 超详细全方面的Docker Swarm Web集群介绍与部署!
Posted chaochao️
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux进阶 | 超详细全方面的Docker Swarm Web集群介绍与部署!相关的知识,希望对你有一定的参考价值。
创作不易,来了的客官点点关注,收藏,订阅一键三连❤😜
前言
运维之基础——Linux。我是一个即将毕业的大学生,超超。如果你也在学习Linux,不妨跟着萌新超超一起学习Linux,拿下Linux,一起加油,共同努力,拿到理想offer!
系列文章
Linux进阶 | docker compose的安装与使用详解,超详细!
Linux进阶 | Docker部署nginx的web服务,VOLUME的使用详解,实现数据持久化!
Linux进阶 | 2万字总结最详细的Docker的安装、底层隔离机制和简单使用!
Linux | 详解系统监控和常用命令(top free dstat)
概述
Docker 属于 Linux 容器的一种封装,提供简单易用的容器使用接口。它是目前最流行的 Linux 容器解决方案。本期内容为Docker第五期,通过本期内容将会掌握集群的概念,以及swarm的安装部署,以及swarm和compose以及volume的结合。
目录
思考:swarm manager 是通过什么方式和swarm node进行通信的?
超超Docker学习思维导图
集群(cluster)
多台机器完成某个功能。计算机集群简称集群,是一种计算机系统,它通过一组松散集成的计算机软件(和/或)硬件连接起来高度紧密地协作完成计算工作。
举个生活实例:单点(非集群)模式,就类似银行只开放一个窗口来办理业务,而通过建立集群,就相当于一个银行开通多个窗口办理业务,那么这样不仅能提高办事效率,还能减少风险。
集群的优势
高可伸缩性:服务器集群具有很强的可伸缩性。随着需求和负荷的增长,可以向集群系统添加更多的服务器。在这样的配置中,可以有多台服务器执行相同的应用和数据库操作。
高可用性:高可用性是指,在不需要操作者干预的情况下,防止系统发生故障或从故障中自动恢复的能力。通过把故障服务器上的应用程序转移到备份服务器上运行,集群系统能够把正常运行时间提高到大于99.9%,大大减少服务器和应用程序的停机时间。
高可管理性:系统管理员可以从远程管理一个、甚至一组集群,就好像在单机系统中一样。
swarm(蜂群)的概念
什么是swarm
对多台安装了Docker的宿主机上的容器进行编排。
Swarm是Docker官方提供的一款集群管理工具,其主要作用是把若干台Docker主机抽象为一个整体,并且通过一个入口统一管理这些Docker主机上的各种Docker资源。
一个 swarm 由多个 Docker 主机组成,它们以swarm 模式运行并充当管理器(管理成员资格和委派)和工作器(运行 swarm 服务)。
一个给定的 Docker 主机可以是管理者、工作者,或同时扮演这两个角色。
swarm与compose
Docker Swarm 和 Docker Compose 一样,都是 Docker 官方容器编排项目,但不同的是,Docker Compose 是在一个单个服务器或主机上创建多个容器的工具,而 Docker Swarm 则可以在多个服务器或主机上创建容器集群服务,对于微服务的部署,显然 Docker Swarm 会更加适合。
swarm与k8s
Swarm和Kubernetes比较类似,但是更加轻,具有的功能也较kubernetes更少一些。
swarm的优势
与独立容器相比,swarm 服务的主要优势之一是可以修改服务的配置,包括它所连接的网络和卷,而无需手动重新启动服务。Docker 将更新配置,停止使用过期配置的服务任务,并创建与所需配置匹配的新任务。
swarm的基本结构
在以上结构图可以看出Docker Client使用Swarm对集群(Cluster)进行调度使用。
swarm的关键点
1.Swarm
集群的管理和编排是使用嵌入docker引擎的SwarmKit,可以在docker初始化时启动swarm模式或者加入已存在的swarm
2.Node
一个节点是docker引擎集群的一个实例。您还可以将其视为Docker节点。您可以在单个物理计算机或云服务器上运行一个或多个节点,但生产群集部署通常包括分布在多个物理和云计算机上的Docker节点。
要将应用程序部署到swarm,请将服务定义提交给Manager节点,Manager节点将Task的工作单元分派给worker node。
Manager节点还执行维护所需群集状态所需的编排和集群管理功能。Manager节点选择单个领导者来执行编排任务。
工作节点接收并执行从管理器节点分派的任务。默认情况下,Manager节点还将服务作为工作节点运行,但您可以将它们配置为仅运行管理器任务并且是仅管理器节点。代理程序在每个工作程序节点上运行,并报告分配给它的任务。Worker node向Manager节点通知其分配的任务的当前状态,以便管理器可以维持每个工作者的期望状态。
3.Service
一个服务是Task的定义,Manager或Work node上执行。它是群体系统的中心结构,是用户与群体交互的主要根源。创建服务时,你需要指定要使用的容器镜像。
4.Task
任务是在docekr容器中执行的命令,Manager节点根据指定数量的任务副本分配任务给worker节点
swarm的使用纲要
docker swarm:集群管理,子命令有init, join, leave, update。(docker swarm --help查看帮助)
docker service:服务创建,子命令有create, inspect, update, remove, tasks。(docker service--help查看帮助)
docker node:节点管理,子命令有accept, promote, demote, inspect, update, tasks, ls, rm。(docker node --help查看帮助)
node是加入到swarm集群中的一个docker引擎实体,可以在一台物理机上运行多个node,node分为:
manager node --> 也就是管理节点
worker nodes --> 也就是工作节点
①manager node(管理节点):执行集群的管理功能,维护集群的状态,选举一个leader节点去执行调度任务。
②worker node(工作节点):接收和执行任务。参与容器集群负载调度,仅用于承载task。
③service(服务):一个服务是工作节点上执行任务的定义。创建一个服务,指定了容器所使用的镜像和容器运行的命令。service是运行在worker nodes上的task的描述,service的描述包括使用哪个docker 镜像,以及在使用该镜像的容器中执行什么命令。
④task(任务):一个任务包含了一个容器及其运行的命令。task是service的执行实体,task启动docker容器并在容器中执行任务。
swarm的使用
1.部署机器环境(四台机器,CentOS8与Ubuntu系统)
IP:192.168.232.132 主机名:docker-manager-1 担任角色:swarm manager
IP:192.168.232.133 主机名:docker-2 担任角色:swarm node1
IP:192.168.232.134 主机名:docker-3 担任角色:swarm node2
IP:192.168.232.131 主机(ubuntu)名:chaochao 担任角色:swarm node3
2.配置hosts文件
swarm manager:
[root@docker-manager-1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.232.132 manager
192.168.232.133 worker1
192.168.232.134 worker2
192.168.232.131 worker3
[root@docker-manager-1 ~]# ^C另外三台worker node操作一致
3.设置防火墙
关闭四台机器上的防火墙。
如果是开启防火墙,则需要在所有节点的防火墙上依次放行2377/tcp(管理端口)、7946/udp(节点间通信端口)、4789/udp(overlay 网络端口,容器之间)端口。
[root@docker-manager-1 ~]# systemctl disable firewalld
[root@docker-manager-1 ~]#[root@docker-2 ~]# systemctl disable firewalld
[root@docker-2 ~]#另外两台操作一致。
4.重启docker服务,防止导致网络异常
[root@docker-manager-1 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@docker-manager-1 ~]#[root@docker-2 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@docker-2 ~]#[root@docker-3 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@docker-3 ~]#root@chaochao:~# service docker restart
root@chaochao:~#5.创建swarm集群
对于manager:
# 命令:docker swarm init --advertise-addr manager的IP地址
[root@docker-manager-1 ~]# docker swarm init --advertise-addr 192.168.232.132
Swarm initialized: current node (ooauma1x037wufqkh21uj0j7v) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-0200k3nv43fmc6hcuurx8z1iehsqq6uro12qjfeoxrkmk9fmom-1ub4wsmlpl4zhqalzdrgukx3l 192.168.232.132:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
[root@docker-manager-1 ~]#对于三台swarm nodes
输入manager创建的命令: docker swarm join --token ……,此命令在manager创建swarm时会自动生成。
[root@docker-2 ~]# docker swarm join --token SWMTKN-1-0200k3nv43fmc6hcuurx8z1iehsqq6uro12qjfeoxrkmk9fmom-1ub4wsmlpl4zhqalzdrgukx3l 192.168.232.132:2377
This node joined a swarm as a worker.
[root@docker-2 ~]#[root@docker-3 ~]# docker swarm join --token SWMTKN-1-0200k3nv43fmc6hcuurx8z1iehsqq6uro12qjfeoxrkmk9fmom-1ub4wsmlpl4zhqalzdrgukx3l 192.168.232.132:2377
This node joined a swarm as a worker.
[root@docker-3 ~]#root@chaochao:~# docker swarm join --token SWMTKN-1-0200k3nv43fmc6hcuurx8z1iehsqq6uro12qjfeoxrkmk9fmom-1ub4wsmlpl4zhqalzdrgukx3l 192.168.232.132:2377
This node joined a swarm as a worker.
root@chaochao:~#Tips:
退出swarm集群的命令:docker swarm leave
对于manager,解散集群需要加上--force:docker swarm leave --force
6.查看集群的相关信息
[root@docker-manager-1 ~]# docker info
…….
Server:
Containers: 33
Running: 2
Paused: 0
Stopped: 31
Images: 61
Server Version: 20.10.8
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
……#上面的命令执行后 找到Swarm的关键字,就可以看到相关信息了,swarm manager和swarm node都可以运行此命令
[root@docker-manager-1 ~]# docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
rge7nydl1tr8am0340zfxqggm chaochao Ready Active 20.10.8
svygquzhtveeenyd9y4i126tu docker-2 Ready Active 20.10.8
naer5j3rs5z4fea8cckcezpf3 docker-3 Ready Active 20.10.8
ooauma1x037wufqkh21uj0j7v * docker-manager-1 Ready Active Leader 20.10.8
[root@docker-manager-1 ~]##上面的命令是查看集群中的机器(注意上面node ID旁边那个*号表示现在连接到这个节点上),只有swarm manager可以运行此命令
7.在Swarm中部署服务
在docker-manager-1上运行docker service create --replicas 10 --name helloworld alpine ping docker.com
[root@docker-manager-1 ~]# docker service create --replicas 10 --name helloworld alpine ping docker.com
l65e19mrz1ywhu8sl3zim4bet
overall progress: 10 out of 10 tasks
1/10: running [==================================================>]
2/10: running [==================================================>]
3/10: running [==================================================>]
4/10: running [==================================================>]
5/10: running [==================================================>]
6/10: running [==================================================>]
7/10: running [==================================================>]
8/10: running [==================================================>]
9/10: running [==================================================>]
10/10: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#查看swarm服务:docker service ls
[root@docker-manager-1 ~]# docker service ls
ID NAME MODE REPLICAS IMAGE PORTS
l65e19mrz1yw helloworld replicated 10/10 alpine:latest
[root@docker-manager-1 ~]#查看nginx容器运行情况(分配情况)
命令:docker ps
推荐:
manager上运行:docker service ps chao-web
[root@docker-manager-1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fd4410c3a132 alpine:latest "ping docker.com" 2 minutes ago Up 2 minutes helloworld.1.svjs7kjfdicjf7ad0xhn850kx
33beffba02d8 alpine:latest "ping docker.com" 2 minutes ago Up 2 minutes helloworld.7.tepg67357odbvi99bz8n1s2z3
2cd834cab1d2 alpine:latest "ping docker.com" 2 minutes ago Up 2 minutes [root@docker-2 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13c8d54bc217 alpine:latest "ping docker.com" 3 minutes ago Up 3 minutes helloworld.6.5emn8zu59a6gukvix2ilx7943
cd476a1148be alpine:latest "ping docker.com" 3 minutes ago Up 3 minutes helloworld.10.elvjakl7ir3p0g4b2994t797z[root@docker-3 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e5421b466442 alpine:latest "ping docker.com" 3 minutes ago Up 3 minutes helloworld.3.odr0kjnofzq11xf05jcernsca
9895ecb2e08a alpine:latest "ping docker.com" 3 minutes ago Up 3 minutes helloworld.4.gy7o9qb1mckhna10esuk6qlucroot@chaochao:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
83db926e26fc alpine:latest "ping docker.com" 4 minutes ago Up 3 minutes helloworld.5.wmqr3orrxyd9jl5n2qfm5rfxp
9648166b579d alpine:latest "ping docker.com" 4 minutes ago Up 3 minutes helloworld.8.q4kr2i2kz7qkjtqu5fav0cmy0
6cc0ad2cc251 alpine:latest "ping docker.com" 4 minutes ago Up 3 minutes helloworld.9.v1ctfiho9nojzps4ycdi8xemf
root@chaochao:~#添加、减少副本任务
增加命令1 docker service update --replicas 20 helloworld
[root@docker-manager-1 ~]# docker service update --replicas 20 helloworld
helloworld
overall progress: 20 out of 20 tasks
1/20: running [==================================================>]
2/20: running [==================================================>]
3/20: running [==================================================>]
4/20: running [==================================================>]
5/20: running [==================================================>]
6/20: running [==================================================>]
7/20: running [==================================================>]
8/20: running [==================================================>]
9/20: running [==================================================>]
10/20: running [==================================================>]
11/20: running [==================================================>]
12/20: running [==================================================>]
13/20: running [==================================================>]
14/20: running [==================================================>]
15/20: running [==================================================>]
16/20: running [==================================================>]
17/20: running [==================================================>]
18/20: running [==================================================>]
19/20: running [==================================================>]
20/20: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#增加和减少通用命令: docker service scale helloworld=5
[root@docker-manager-1 ~]# docker service scale helloworld=5
helloworld scaled to 5
overall progress: 5 out of 5 tasks
1/5: running [==================================================>]
2/5: running [==================================================>]
3/5: running [==================================================>]
4/5: running [==================================================>]
5/5: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#[root@docker-manager-1 ~]# docker service scale helloworld=15
helloworld scaled to 15
overall progress: 15 out of 15 tasks
1/15: running [==================================================>]
2/15: running [==================================================>]
3/15: running [==================================================>]
4/15: running [==================================================>]
5/15: running [==================================================>]
6/15: running [==================================================>]
7/15: running [==================================================>]
8/15: running [==================================================>]
9/15: running [==================================================>]
10/15: running [==================================================>]
11/15: running [==================================================>]
12/15: running [==================================================>]
13/15: running [==================================================>]
14/15: running [==================================================>]
15/15: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#swarm的其他命令
1.删除节点,命令:docker node rm --force 节点名"
2.更改节点的状态
swarm集群中node的availability状态可以为active或者drain:
active状态下,node可以接受来自manager节点的任务分派
drain状态下,node节点会结束task,且不再接受来自manager节点的任务分派(也就是节点离线)
命令: docker node update --availability 状态 节点名
[root@docker-manager-1 ~]# docker node update --availability drain docker-3
# 将docker-3节点离线。# 再次修改为active状态(将离线的节点再次上线)
[root@docker-manager-1 ~]# docker node update --availability active docker-3swarm集群部署web服务
1.创建服务
命令:docker service create --replicas 任务数量 --name 服务名 -p 8020:80(设置端口影响) nginx(镜像名)
[root@docker-manager-1 ~]# docker service create --replicas 10 --name chao-web -p 8020:80 nginx
5h4b8hlq5mvkh1gkda71b7z8o
overall progress: 10 out of 10 tasks
1/10: running [==================================================>]
2/10: running [==================================================>]
3/10: running [==================================================>]
4/10: running [==================================================>]
5/10: running [==================================================>]
6/10: running [==================================================>]
7/10: running [==================================================>]
8/10: running [==================================================>]
9/10: running [==================================================>]
10/10: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#2.查看集群服务分配情况
命令:docker service ps chao-web
[root@docker-manager-1 ~]# docker service ps chao-web
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
wp1rdbn4ocyi chao-web.1 nginx:latest chaochao Running Running about a minute ago
v4s3ketvbjiy chao-web.2 nginx:latest docker-3 Running Running about a minute ago
3ep775a816g0 \\_ chao-web.2 nginx:latest docker-3 Shutdown Rejected 2 minutes ago "No such image: nginx:latest@s…"
kpj8esqq3ee7 chao-web.3 nginx:latest docker-2 Running Running about a minute ago
nypfltoerv7h chao-web.4 nginx:latest chaochao Running Running about a minute ago
5qukcxy6tnl3 chao-web.5 nginx:latest docker-3 Running Running about a minute ago
xot5ioknnrsy chao-web.6 nginx:latest docker-manager-1 Running Running about a minute ago
iv6r6a6buz5n chao-web.7 nginx:latest docker-2 Running Running about a minute ago
xxc1lszt5y6k chao-web.8 nginx:latest docker-3 Running Running about a minute ago
5og6286rgl70 chao-web.9 nginx:latest docker-2 Running Running about a minute ago
xcw038hy4atr chao-web.10 nginx:latest docker-manager-1 Running Running about a minute ago
[root@docker-manager-1 ~]#3.查看创建的服务的详细信息
命令:docker service inspect chao-web
[root@docker-manager-1 ~]# docker service inspect chao-web
[
{
"ID": "5h4b8hlq5mvkh1gkda71b7z8o",
"Version": {
"Index": 209
},
"CreatedAt": "2021-08-23T02:16:28.984070915Z",
"UpdatedAt": "2021-08-23T02:16:28.986493133Z",
"Spec": {
"Name": "chao-web",
"Labels": {},
"TaskTemplate": {
"ContainerSpec": {
"Image": "nginx:latest@sha256:4d4d96ac750af48c6a551d757c1cbfc071692309b491b70b2b8976e102dd3fef",
"Init": false,
"StopGracePeriod": 10000000000,
"DNSConfig": {},
"Isolation": "default"
……..4.查看服务是否创建成功
访问:https://localhost:端口号
思考:swarm manager 是通过什么方式和swarm node进行通信的?
2377 --> swarm manager
7946 --> swarm node
4789 --> swarm容器
manager通过端口来管理swarm节点在所有节点的防火墙上依次放行2377/tcp(管理端口)、7946/udp(节点间通信端口)、4789/udp(overlay 网络端口)端口。
[root@docker-manager-1 ~]# ss -anplut
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 0.0.0.0:4789 0.0.0.0:*
udp UNCONN 0 0 *:7946 *:* users:(("dockerd",pid=3290,fd=50))
tcp LISTEN 0 128 0.0.0.0:8000 0.0.0.0:* users:(("docker-proxy",pid=3504,fd=4))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=941,fd=4))
tcp LISTEN 0 128 [::]:8000 [::]:* users:(("docker-proxy",pid=3510,fd=4))
tcp LISTEN 0 128 *:2377 *:* users:(("dockerd",pid=3290,fd=43))
tcp LISTEN 0 128 *:7946 *:* users:(("dockerd",pid=3290,fd=48))
tcp LISTEN 0 128 *:8020 *:* users:(("dockerd",pid=3290,fd=67))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=941,fd=6))
[root@docker-manager-1 ~]#镜像的滚动升级操作
滚动升级
先停一个旧的nginx容器,马上启动一个新版本的容器。
eg:nginx:1.19.10 ---> nginx:1.21.1
①先启动一个旧版本nginx
[root@docker-manager-1 ~]# docker service create --replicas 10 --name chao-web -p 8021:80 nginx:1.19.10
7y02cykjtrfkea7x8djvj2u4v
overall progress: 10 out of 10 tasks
1/10: running [==================================================>]
2/10: running [==================================================>]
3/10: running [==================================================>]
4/10: running [==================================================>]
5/10: running [==================================================>]
6/10: running [==================================================>]
7/10: running [==================================================>]
8/10: running [==================================================>]
9/10: running [==================================================>]
10/10: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#②进行滚动升级
命令:docker service update --image nginx:latest chao-web(容器名)
[root@docker-manager-1 ~]# docker service update --image nginx:latest chao-web
image nginx:latest could not be accessed on a registry to record
its digest. Each node will access nginx:latest independently,
possibly leading to different nodes running different
versions of the image.
chao-web
overall progress: 10 out of 10 tasks
1/10: running [==================================================>]
2/10: running [==================================================>]
3/10: running [==================================================>]
4/10: running [==================================================>]
5/10: running [==================================================>]
6/10: running [==================================================>]
7/10: running [==================================================>]
8/10: running [==================================================>]
9/10: running [==================================================>]
10/10: running [==================================================>]
verify: Service converged
[root@docker-manager-1 ~]#结合compose和swarm进行多服务的编排
compose和swarm结合有什么优势
优势:compose和swarm结合可以实现优势互补,通过compose可以对一台服务器同时启动多个容器,而swarm可以对多台服务器进行管理,二者结合可以实现多台服务器的多容器启动。
代码实例部署
1.创建swarm目录
[root@docker-manager-1 ~]# mkdir /lianxi/swarm
[root@docker-manager-1 ~]# cd /lianxi/swarm/
[root@docker-manager-1 swarm]# ls
[root@docker-manager-1 swarm]#2.编写docker-compose.yml文件,设置要启动的容器的镜像
[root@docker-manager-1 swarm]# vim docker-compose.yml
[root@docker-manager-1 swarm]# ls
docker-compose.yml
[root@docker-manager-1 swarm]# cat docker-compose.yml
version: "3"
services:
chao-nginx:
image: nginx
ports:
- 8023:80
deploy:
mode: replicated
replicas: 10
chao-redis:
image: redis
ports:
- 8024:6379
deploy:
mode: replicated
replicas: 6
[root@docker-manager-1 swarm]#3.通过这个yml文件部署服务
命令:docker stack deploy -c docker-compose.yml deploy_deamon
[root@docker-manager-1 swarm]# docker stack deploy -c docker-compose.yml deploy_deamon
Creating network deploy_deamon_default
Creating service deploy_deamon_chao-redis
Creating service deploy_deamon_chao-nginx
[root@docker-manager-1 swarm]#以上是关于Linux进阶 | 超详细全方面的Docker Swarm Web集群介绍与部署!的主要内容,如果未能解决你的问题,请参考以下文章
Linux进阶 | 万字详解Docker镜像的制作,手把手学会!
基础方法 | 用R语言完成量化论文全流程示例!附超详细R脚本